TIMEVERSE
Syncing T2°...
Timeverse
Docs

Timeverse Security Profile

Crypto-Agile, PQ-Ready Security for TSAE, Q-Address, and Optional Clockchain Anchoring

Status: Official Spec
DOI: 10.5281/zenodo.18069423

Abstract

This document specifies a crypto-agile security layer for Timeverse-based coordination systems that use phase-window scheduling (Q-Address) and auditable event anchoring (TSAE / optional Clockchain anchoring). The profile enforces a core rule: Timeverse timing and addressing fields are public context, not secrets. Security is provided by standard cryptographic primitives: signatures for authenticity, nonces and window-gating policies for replay protection, hash commitments for auditability, and optional session encryption using KEM+HKDF+AEAD. The profile is post-quantum ready: algorithm suites can migrate to NIST PQ standards (ML-KEM, ML-DSA, SLH-DSA) without changing Timeverse semantics.

Normative dependencies

1. Scope

Principle 1.1 (Context is not secret): All Timeverse timing and addressing fields (cycle index, phase, HS displays, SWT labels, tiles, Q-Address fields, TSAE fields) MUST be treated as public context. They may be used as associated data (AAD) for domain separation, but MUST NOT be treated as secrets.

Remark 1.1: This profile defines security requirements for authenticity, integrity, and replay resistance. It does not guarantee clock accuracy or synchronization; those are handled by bootstrapping and estimation layers.

2. Security profile identifier and suite registry

Definition 2.1 (Security profile identifier):

Every signed or encrypted object MUST declare a versioned security_profile_id. This identifier selects a suite that fixes: canonical encoding, hash, signature scheme, (optional) KEM/KDF/AEAD, nonce rules, and replay-horizon policy parameters.

Definition 2.2 (Suite registry (normative)):

A deployment MUST maintain a registry mapping security_profile_id to a complete suite specification. Verification MUST be performed strictly according to the declared suite.

3. Security-relevant subsets (tick-canonical)

Definition 3.1 (Q-Address security subset (tick-canonical)):

A security-relevant Q-Address subset is:

Qsec ≡ (qaddr_schema, convention_id, scope, cycle_index, resolution = R, phi_ticks, deltaPhi_ticks, slot)

Definition 3.2 (TSAE security subset (tick-canonical)):

A security-relevant TSAE subset is:

TSAEsec ≡ (tsae_schema, convention_id, scope, cycle_index, resolution = R, phi_ticks, action_hash, signer_id)

where this release recommends tsae_schema=TV-TSAE-2025-12.

Remark 3.1 (No floats in signed semantics): Signed/verified objects MUST use canonical fixed-point tick fields. Float displays (HS degrees, SWT labels) are UI-only and MUST NOT be used for verification or boundary checks.

4. Replay protection (normative)

Definition 4.1 (Window gating and anti-replay):

A verifier MUST reject a message/receipt if:

  • signature verification fails under the declared security_profile_id, or
  • the cycle index is outside the accepted policy range, or
  • tick context is inconsistent with the referenced window (when applicable), or
  • the nonce has already been accepted within the replay horizon.

Remark 4.1 (Nonce database (recommended)):

Implementations SHOULD maintain a nonce database keyed by at least

(security_profile_id, signer_id, scope, cycle_index, nonce)

for a horizon defined by the suite/policy.

5. Optional confidentiality (informative)

Remark 5.1 (KEM + HKDF + AEAD): When confidentiality is required, use KEM+HKDF+AEAD with Timeverse context as AAD. HKDF is standardized in RFC 5869 and a standard AEAD option is ChaCha20-Poly1305 (RFC 8439) [3, 4]. Post-quantum suites may use NIST PQ primitives (ML-KEM, ML-DSA, SLH-DSA) [5, 6, 7].

6. Conclusion

This Security Profile defines a practical security layer for phase-window coordination and auditable event anchoring. It separates public context (Timeverse/Q-Address fields) from cryptographic secrets (keys/shared secrets), and supports crypto-agility (including PQ migration) via suite identifiers and canonical encodings.

References