Perennity

perennity

Long-term legal archiving

Perennity is an innovative and original cryptographic maintenance solution that allows you to store large volumes of documents with probative value. Perennity protects the integrity and authenticity of any cryptographically signed document over very long periods of time. Each element is regularly "re-protected" to take into account cryptographic breakthroughs or end of life of any component. Cryptographic maintenance is of fundamental importance when it comes to maintaining the validity period of electronic signatures on signed documents. With Perennity, you can provide strong cryptographic proofs even after 10, 20 or 40 years.

FEATURES

Very long-term protection for large volumes of documents

With Perennity, you can store your signed documents for 10, 20, 30 or 40 years!

Learn more

Cryptolog developed Perennity to allow you to maintain very large archive volumes over long periods of time, by regularly extending the signatures for as long as necessary. The advanced signature standards (CAdES-A and XAdES-A) define all the information needed to revalidate signatures securely.

Efficiency and batch processing

Perennity's main assets are its amazing performance and the use of a single timestamp token for many archives. Different timestamping authorities can be used to guarantee constant availability of a correct time. There's no need to worry about administration — simply send your archives to Perennity and it will check whether they need to be maintained or not. Perennity is the answer to your mass long-term archiving needs. Let it manage your proofs to ensure that they are constantly verifiable.

Cryptographic archiving

Learn more

The principle of cryptographic maintenance

In practical terms, cryptographic maintenance means maintaining proofs of deposit and of the integrity of stored documents, whether signed or unsigned, for long periods of time. The archiver responsible for document storage regularly runs cryptographic maintenance operations:

  • This involves creating a new proof envelope with the latest and most effective standards, which in turn contains the previous proof envelope, much like a set of Russian dolls. This addresses the issue of signature algorithm longevity.
  • To provide legal proof of the validity of this new envelope, a trusted third-party timestamping authority is used. One of the key benefits of this technique is that the trusted timestamping is carried out independently by a basic and legally recognized third party such as Universign.

Separation of storage and proof management roles

Perennity does not store archived documents or their proofs, but works in client-server mode with one or more storage solutions, such as an EDM tool or an archiving service. This means that the cryptographic maintenance issues addressed by Perennity are kept completely separate from storage issues such as the type of medium, number of copies, internal or external hosting, data migration etc. The proof generated by Perennity is therefore independent of the document itself.

Separation of trusted timestamping and cryptographic maintenance roles

Perennity relies solely on a third-party timestamping authority, confined to a basic role, to generate trusted proofs. It uses one or more timestamping authorities to maintain proofs regularly over long periods of time. Adding a new timestamp token makes it possible to extend electronic signatures with the creation of new proof envelopes using the most powerful algorithms.

This separation also means that Perennity can be totally independent of the third-party timestamping authority. The timestamping authority can be different for each cryptographic maintenance operation for a proof and can be modified very easily in Perennity's configuration.

Separation of signature (re)validation

The first stage in the cryptographic maintenance process is verification of the proof. All the proof envelopes, nested one inside the other, are validated — right back to the very first proof. Perennity uses an external validation service, such as the Serenity server, to do this. This separation means that signed and unsigned documents can be handled in a similar way.

To sum up...

Perennity is not a trusted third party: It allows you to create and manage cryptographic proofs, with the probative value remaining independent of the storage.

  • Proofs created and maintained in this way are context-free and can be verified by any third party, without any knowledge of how Perennity works.
  • The proofs are not bound to a trusted third party and are independent of the protected data.
  • Proofs managed by Perennity are updated over long periods of time and are universally verifiable. This means that they are not affected by any compromise of principle on the part of the CA or any broken algorithms.

Seamless integration

Perennity was designed to make integration into existing infrastructure as quick and easy as possible, allowing it to interact fully with different trust services.

Learn more

Web services communication interfaces

Whether it's from a .NET- or Java-based application server, or a Python, Perl or PHP web application, all Perennity operations can be performed very easily through the available web services (SOAP and XML-RPC). This means they can be called easily from any programming language. Depending on your needs, Perennity can be supplied with the following to make integration of these interfaces even easier:

  • A complete description of the web services along with code samples
  • An integration library in Java, which allows applications to transmit a document and process the response returned by Perennity by making simple calls to this library. With the help of the Perennity server integration manual, you’ll be adding archiving functionality to your applications in just a few days.

Integration with trust services

When you archive a signed document, the cryptographic maintenance process requires the use of one or more third-party timestamping authorities and a validation service. Perennity's compliance with standards means that it can interact easily with any third-party timestamping authority, such as Universign. What’s more, Perennity interfaces easily with the Serenity validation server and can be integrated with any other validation service that complies with the standards for electronic signatures. All these operations can be performed through the intuitive graphical user interface in just a few clicks.

Outstanding performance

With Perennity, you will never need to worry about processing speed. Need to protect a very large number of documents or integrate cryptographic archiving of your documents into a complex business process quickly?

Learn more

With Perennity, you will never need to worry about processing speed. Need to protect a very large number of documents or integrate cryptographic archiving of your documents into a complex business process quickly?

Perennity is fast...

Perennity is a stand-alone server that handles everything, from the inbound connection to the archiving itself. Each server module has been optimized to enhance the performance of the tool. Because it uses the ERS format, Perennity is able to process a very large number of proofs in a very short period of time.

And it can be even faster!

Need to archive several million invoices in a single day? Simply install Perennity in a cluster to get incredible processing capabilities. Use the integration library provided and web services interfaces to delegate the processing of client-side operations, allowing you to reduce network transmissions substantially.

Simple setup

Install - configure - archive. With a fully packaged solution and just a few installation steps, installing a cryptographic maintenance server has never been so quick and easy!

Learn more

Stand-alone server

You don't need an application server to use Perennity — it can be installed on any operating system with a Java virtual machine. All the server modules are grouped together in a single package, so there's no need to install third-party libraries or use convoluted configuration files. One tiny text file is all you need to set up a server that's ready to be configured via the graphical interface. The few installation and configuration steps are explained in the Installation and administration guide. Once that's done, the graphical interface takes over!

User-friendly graphical administration interface

You can carry out all administration tasks in Perennity using a complete and intuitive graphical interface. Each operation in Perennity generates an entry in the event log: server startup or shutdown, modification of any parameter, proof creation or update request, creation or deletion of a signature verification service or timestamping authority etc. Each entry contains full details of the corresponding operation. If you need to check specific information, all entries can be viewed from the administration interface. You can export the event log or view entries using the web services in order to integrate them into your own reports.

Standards compliance

This is Cryptolog’s constant promise: Like all the other products in our range, Perennity is an open platform that carries our promise of complete compliance with the applicable standards. This means that it is completely interoperable with the various products and services for electronic trust on the market.

Learn more

Standard format dedicated to proof management

Perennity uses proof creation and update processes outlined by the Evidence Record Syntax (ERS) format. This format, defined in the RFC 4998 standard, makes it possible to manage large volumes of proofs effectively, giving Perennity its outstanding performance and efficiency. By grouping together the documents to be archived, the ERS format also allows you to use fewer timestamping tokens for archiving your documents.

TECHNICAL DATA SHEET

Proof management format

Learn more

RFC 4998 - ERS (Evidence Record Syntax)

Hashing algorithms

Learn more

(MD5, SHA-1, SHA-224), SHA-256, SHA-384, SHA-512 et RIPEMD-160

Timestamping services

Learn more

RFC 3161 (mode socket et HTTP)

Interaction with PKIs

Learn more

X.509v3

CTA telecharger Download our products
Test our products for 15 days
Product downloads
CTA cas client Success stories
Discover how our customers are using our products
Success stories
CTA pdf Product sheet
Learn more about our dateiled product features
Product Sheet