[Cryptography] Best internet crypto clock

Tom Mitchell mitch at niftyegg.com
Fri Oct 17 20:17:58 EDT 2014


On Sun, Oct 12, 2014 at 7:18 AM, Arnold Reinhold <agr at me.com> wrote:
>
> > On Oct 9, 2014, at 1:52 AM, Tom Mitchell <mitch at niftyegg.com> wrote:
> > ...
> > A free running tick counter that never overflows is a good thing.
>  Freedom
> > from time of day issues leap seconds and more make it easy.  The
> frequency
> > choice is open and precision and accuracy is open.   An external  map of
> ticks to
> > historic real world time (and temperature) is interesting in the right
> context.
>
> A simple counter with no overflow would work, of course, but Inexpensive
> cpu clock chips, like the DS-1307 family, provide a 99 year range with one
> second resolution and have all the circuitry for dual supply (5 VDC and
> battery) with very low power (500 na) operation on battery.  Another
> possible advantage over a straight counter: yy-mm-dd-hh-ss in a time stamp
> is a lot easier to explain to a judge and jury than a long hexadecimal
> constant.
>
> Here's a data point. I installed a cheap digital video recorder for a
> surveillance system just over four years ago. It's not connected to the
> Internet and I never adjusted the clock since installing it. I had to pull
> a clip off of it last week and the clock was 44 minutes fast. That's about
> a minute a month.
>
> So if the device grabbed the current NIST beacon signed it with its
> internal clock and had the resulting certificate time stamped by an
> external authority once a month, that should be enough to establish minute
> accuracy.


I am with you except for the "grab NIST beacon" part.  This implies that
the clock can be set and reset.  This muddies the accuracy and precision
stuff further.
If it can be reset based on an external reference then the jury can be told
that
the reference is unreliable even if the device is understood...
    http://pdfserv.maximintegrated.com/en/an/AN504.pdf

Some of this has been addressed with key generation devices where
management can connect the device and set and reset the device
while matching it to a user or user group account.

For the specific case of validating a photo equivalent without a
preexisting trust anchor
the problem is hard.

One special case involving security camera images where a cell phone
image (any camera)  and security camera data of the same public
location can be compared and the relative location of people in motion
can be matched.   Now the date time has value in finding the corresponding
video images captured and archived from multiple angles and from multiple
authorities.

The low cost and low power of a DS-1307 does make it interesting.  It also
moves a power requirement away from programmable logic or processing
that do not need to be on all the time.



-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141017/16650f68/attachment.html>


More information about the cryptography mailing list