7 Freshness

7.2 Time stamps

A digital time stamp is analogous to a conventional postmark on an envelope: it provides some check of when a message was sent. Returning to the example of Alice and Bob, Alice could add the time and date to her communication to Bob. If she encrypts this with her own private key, or with a key that is known only to Alice and Bob, then Bob may feel reassured that Alice's message is not an old one that has been recorded and replayed.

Activity 11

Look back to Section 3.4, which introduced some types of active attack. If the encrypted message and the encrypted time stamp were sent together, could Bob be truly sure of the freshness of the message?

No. The exchange could be subject to a message replay attack. An eavesdropper could separate the encrypted message from the encrypted time stamp, and substitute a different message in place of the original one. (This could be a previously recorded encrypted message sent from Alice to Bob.)

To prevent this kind of message replay attack, the message and the time stamp need to be bound together in some way. One method of doing this is to encrypt them together. Only those in possession of the decryption key can then separate the two elements.