• Support any HSM & CAs

    Quickly integrates with your existing HSMs over PKCS#11. Some of these are:

    Entrust nShield
    Thales Luna & Protect Server
    Utimaco Cryptoserver
    Microsoft Azure Key Vault
    AWS HSM etc.

    Environments which doesn’t require HSMs, can still use software based cryptographic keystores. Timestamp certificates can be certified with your existing CAs for quick import and usage.

  • Standard & Compliant

    Supports creation of advanced digital signatures based on IETF and ETSI standards to create following signatures formats:

    PAdES-T
    XAdES-T
    CAdES-T

    Works seamlessly with wide range of business applications to integrate cryptographic timestamping such as:

    Adobe Acrobat
    Microsoft Office
    jarsigner
    SignTool

  • Trust Service Provider Friendly

    A standout feature of KTS is its ability to let Trust Service Providers create tailored service plans with defined quotas for their clients. These plans can be set as unlimited, limited, or recurring, offering comprehensive reports to track usage and provide clients with daily proof of their usage.

  • Proactive Alerts & Troubleshooting

    In situations where timestamp server is not working as it should, Khatim timestamp server proactively notifies administrators to take immediate action. For traceability, all issues are recorded which can be pushed securely to your central logging systems. Some of these are:

    Splunk
    Grafana
    Greylog
    LogRhythm etc.

  • Secure Military Grade Access Control

    Key functions are only accessible to trusted resources of your organization. Authentication is done over military grade TLS Client authentication giving the most powerful, password less authentication. Key functions includes administration, timestamp creation, transaction logging via AES 256 encryption.

  • NTP Aware

    Timestamp server can be configured to use:

    System time (synched with a trusted time source)
    NTP (over RFC-1305 or SNTP RFC-2030)
    Checks local clock time drift with NTP

    Administrator can directly configure multiple NTP sources based on stratum-2 or stratum-3 to avoid single point of failure. No timestamp is created if time drift exceeds certain threshold and hence alerted.

  • Cryptographic Agility

    Keeping in view businesses having different cryptographic needs, KTS supports:

    RSA (2048, 4096, 8192)
    ECDSA (192, 224, 256, 320, 384, 512)
    SHA-256, 384 and 512 hashing algorithms

  • Admin Friendly

    Control your timestamp server administration with shell commands allowing:

    Install new timestamp servers
    Configure keys, certificates, policies
    View transactions, NTP, operator, events logs

    Shell commands allow admins to make their own scripts to push configurations in one go saving time to setup staging or production environments.

  • Logging & Auditing

    KTS records all incoming transactions & configuration for detailed analysis. Administrator can download and investigate request/responses on the fly, any time for troubleshooting or to check server status.

  • Unlimited Scalability

    KTS can be installed as a cluster of multiple individual timestamp servers to reduce latency. Add timestamp servers at will, without stopping already running instances giving you blazing fast throughput you expect.

  • Serve Multiple Clients

    Setup multiple policies to cater different configurations like algorithms, time sources etc. This allows serving different business applications having different timestamp needs.

  • Cross Platform, Diverse Deployments

    KTS is build from ground up with platform independence hence supports Windows and Linux alike. You can deploy following different environments:

    On-premise private or public cloud
    VMs
    Physical machines