Long-term legal archiving
Perennity is an innovative and original cryptographic maintenance solution that allows you to store large volumes of documents with probative value. Perennity protects the integrity and authenticity of any cryptographically signed document over very long periods of time. Each element is regularly "re-protected" to take into account cryptographic breakthroughs or end of life of any component. Cryptographic maintenance is of fundamental importance when it comes to maintaining the validity period of electronic signatures on signed documents. With Perennity, you can provide strong cryptographic proofs even after 10, 20 or 40 years.
Very long-term protection for large volumes of documents
With Perennity, you can store your signed documents for 10, 20, 30 or 40 years!Learn more
Cryptolog developed Perennity to allow you to maintain very large archive volumes over long periods of time, by regularly extending the signatures for as long as necessary. The advanced signature standards (CAdES-A and XAdES-A) define all the information needed to revalidate signatures securely.
Efficiency and batch processing
Perennity's main assets are its amazing performance and the use of a single timestamp token for many archives. Different timestamping authorities can be used to guarantee constant availability of a correct time. There's no need to worry about administration — simply send your archives to Perennity and it will check whether they need to be maintained or not. Perennity is the answer to your mass long-term archiving needs. Let it manage your proofs to ensure that they are constantly verifiable.
Cryptographic archivingLearn more
The principle of cryptographic maintenance
In practical terms, cryptographic maintenance means maintaining proofs of deposit and of the integrity of stored documents, whether signed or unsigned, for long periods of time. The archiver responsible for document storage regularly runs cryptographic maintenance operations:
Separation of storage and proof management roles
Perennity does not store archived documents or their proofs, but works in client-server mode with one or more storage solutions, such as an EDM tool or an archiving service. This means that the cryptographic maintenance issues addressed by Perennity are kept completely separate from storage issues such as the type of medium, number of copies, internal or external hosting, data migration etc. The proof generated by Perennity is therefore independent of the document itself.
Separation of trusted timestamping and cryptographic maintenance roles
Perennity relies solely on a third-party timestamping authority, confined to a basic role, to generate trusted proofs. It uses one or more timestamping authorities to maintain proofs regularly over long periods of time. Adding a new timestamp token makes it possible to extend electronic signatures with the creation of new proof envelopes using the most powerful algorithms.
This separation also means that Perennity can be totally independent of the third-party timestamping authority. The timestamping authority can be different for each cryptographic maintenance operation for a proof and can be modified very easily in Perennity's configuration.
Separation of signature (re)validation
The first stage in the cryptographic maintenance process is verification of the proof. All the proof envelopes, nested one inside the other, are validated — right back to the very first proof. Perennity uses an external validation service, such as the Serenity server, to do this. This separation means that signed and unsigned documents can be handled in a similar way.
To sum up...
Perennity is not a trusted third party: It allows you to create and manage cryptographic proofs, with the probative value remaining independent of the storage.
Perennity was designed to make integration into existing infrastructure as quick and easy as possible, allowing it to interact fully with different trust services.Learn more
Web services communication interfaces
Whether it's from a .NET- or Java-based application server, or a Python, Perl or PHP web application, all Perennity operations can be performed very easily through the available web services (SOAP and XML-RPC). This means they can be called easily from any programming language. Depending on your needs, Perennity can be supplied with the following to make integration of these interfaces even easier:
Integration with trust services
When you archive a signed document, the cryptographic maintenance process requires the use of one or more third-party timestamping authorities and a validation service. Perennity's compliance with standards means that it can interact easily with any third-party timestamping authority, such as Universign. What’s more, Perennity interfaces easily with the Serenity validation server and can be integrated with any other validation service that complies with the standards for electronic signatures. All these operations can be performed through the intuitive graphical user interface in just a few clicks.
With Perennity, you will never need to worry about processing speed. Need to protect a very large number of documents or integrate cryptographic archiving of your documents into a complex business process quickly?Learn more
With Perennity, you will never need to worry about processing speed. Need to protect a very large number of documents or integrate cryptographic archiving of your documents into a complex business process quickly?
Perennity is fast...
Perennity is a stand-alone server that handles everything, from the inbound connection to the archiving itself. Each server module has been optimized to enhance the performance of the tool. Because it uses the ERS format, Perennity is able to process a very large number of proofs in a very short period of time.
And it can be even faster!
Need to archive several million invoices in a single day? Simply install Perennity in a cluster to get incredible processing capabilities. Use the integration library provided and web services interfaces to delegate the processing of client-side operations, allowing you to reduce network transmissions substantially.
Install - configure - archive. With a fully packaged solution and just a few installation steps, installing a cryptographic maintenance server has never been so quick and easy!Learn more
You don't need an application server to use Perennity — it can be installed on any operating system with a Java virtual machine. All the server modules are grouped together in a single package, so there's no need to install third-party libraries or use convoluted configuration files. One tiny text file is all you need to set up a server that's ready to be configured via the graphical interface. The few installation and configuration steps are explained in the Installation and administration guide. Once that's done, the graphical interface takes over!
User-friendly graphical administration interface
You can carry out all administration tasks in Perennity using a complete and intuitive graphical interface. Each operation in Perennity generates an entry in the event log: server startup or shutdown, modification of any parameter, proof creation or update request, creation or deletion of a signature verification service or timestamping authority etc. Each entry contains full details of the corresponding operation. If you need to check specific information, all entries can be viewed from the administration interface. You can export the event log or view entries using the web services in order to integrate them into your own reports.
This is Cryptolog’s constant promise: Like all the other products in our range, Perennity is an open platform that carries our promise of complete compliance with the applicable standards. This means that it is completely interoperable with the various products and services for electronic trust on the market.Learn more
Standard format dedicated to proof management
Perennity uses proof creation and update processes outlined by the Evidence Record Syntax (ERS) format. This format, defined in the RFC 4998 standard, makes it possible to manage large volumes of proofs effectively, giving Perennity its outstanding performance and efficiency. By grouping together the documents to be archived, the ERS format also allows you to use fewer timestamping tokens for archiving your documents.
Proof management formatLearn more
RFC 4998 - ERS (Evidence Record Syntax)
Hashing algorithmsLearn more
(MD5, SHA-1, SHA-224), SHA-256, SHA-384, SHA-512 et RIPEMD-160
Timestamping servicesLearn more
RFC 3161 (mode socket et HTTP)
Interaction with PKIsLearn more