TSAmpa Benefits

• Produces unlimited timestamps and is licensed per-user, not per-timestamp produced

• Provides long-term signature verification capabilities

• May be easily deployed and managed

• Appropriate for organizations of any size, scaling up to millions of users

• Uses NIST CMVP-validated FIPS 140-2 cryptography and proven security standards, including ANSI X.509 and IETF PKIX, OCSP, TLS, and S/MIME

Overview

Trusted timestamping is the process of securely keeping track of the creation and modification times of a document. Security here means that no one - not even the owner of the document - should be able to change it once it has been recorded provided that the timestamper’s integrity is never compromised.(Wikipedia: The Free Encyclopedia, s.v. “Trusted Timestamping”)

TSAmpa is a customer-hosted (on-premise or cloud) timestamping authority that provides RFC 3161 or Microsoft Authenticode timestamps to time-sensitive transactions. TSAmpa is well suited to organizations running systems that operate offline yet still need timestamping services.

+1-847-405-0500sales@infoseccorp.comwww.infoseccorp.com

infoseccorp

@infoseccorp

/infsec.us

Information SecurityCORPORATIONTSAmpa is a timestamping authority server supporting both

RFC 3161 and Microsoft Authenticode protocols.

Offline Code Signing

TSAmpa allows an organization to apply timestamps when digitally signing applications on offline or disconnected networks. By operating TSAmpa on the same network, organizations can digitally sign and timestamp applications without exposing signature keys to the Internet and the malware designed to steal or misuse code signing credentials.

©2019 Information Security Corporation. All rights reserved. CertAgent, CSPid, SecretAgent, and SpyProof! are registered trademarks of Information Security Corporation and may not be used without permission. All other trademarks, service marks, and product or service names are trademarks or registered trademarks of their respective owners. Specifications quoted herein are subject to change without notice.

Information SecurityCORPORATION

Use Cases for TSAmpa

Digitally Signing ApplicationsSign and timestamp code using Microsoft’s SignTool, Jarsigner, and other code signing tools

Digitally Signing DocumentsSign and timestamp documents using Adobe Acrobat, Microsoft Office, and other applications

Timestamping Financial TransactionsSign and timestamp transactions so that recipients know, for sure, that the information is unchanged

TECHNICAL SPECIFICATIONS• Complies with NIST FIPS 140-2

Level 1 requirements (when used with ISC’s software cryptographic module); a higher level of assurance can be obtained by employing a third party HSM

• Supports both Microsoft Authenticode and RFC 3161 protocols

• Syncs time using NTP or HSM with hardware clock

• Generates up to 8192-bit RSA and up to 571-bit ECDSA self-signed certificates and PKCS#10 requests

• Supports SHA-256, SHA-384, and SHA-512

• Maintains audit trails of all actions

SUPPORTED PLATFORMS• Windows Server 2012 R2 or above• CentOS 6.7 x86-64 (Linux

Kernel 2.6.32-573) or above

MINIMUM REQUIREMENTS• 4 GB RAM, 50 GB Disk, CPU

w/RDRAND instruction• Java Runtime Environment

1.8 or higher• PostgreSQL, HyperSQL,

or Oracle database

EXPORT INFORMATIONTSAmpa may be freely exported to all but a handful of embargoed countries and denied parties under License Exception ENC:

ECCN 5D002; CCATS: Pending