Cambodia's time trust anchor.
Authenticated clock synchronisation and independent timestamp attestation — three services, one atomic foundation, entirely inside Cambodia.
Accurate time underpins two distinct security requirements. The first is synchronisation — keeping clocks aligned so that distributed systems, transaction records, and audit logs share a common timeline. The second is attestation — proving to a third party that a specific event happened at a specific moment. Without synchronisation, logs cannot be trusted. Without attestation, logs cannot be defended.
CNX addresses both from a single atomic infrastructure. GNSS receivers disciplined by in-country Rubidium atomic oscillators provide a Stratum-1 time authority that does not depend on international links. NTS and PTP deliver that signal to servers and hardware. TSA converts it into cryptographic proof — a timestamp token that binds specific data to a specific moment, independently verifiable, permanently.
All three services share the same atomic oscillators, the same private CA infrastructure, and the same 24/7 NOC. The chain from oscillator to signed timestamp is unbroken and domestically governed.
Infrastructure
| Time source | Rubidium atomic oscillators |
| NTS accuracy | <10 ms to UTC |
| PTP precision | <1 µs to UTC |
| Atomic holdover | <1 µs/day |
| Availability | 99.99% |
| NOC response | 30 min · 24/7 |
NTS — Network Time Security
Authenticated NTP over TLS (RFC 8915). For servers, logging infrastructure, and compliance-level audit trails. Drop-in replacement for existing NTP clients.
PTP — Precision Time Protocol
IEEE 1588v2 sub-microsecond accuracy via hardware timestamping. For core banking switches, payment gateways, and hypervisor clusters.
TSA — Timestamp Authority
RFC 3161 timestamp tokens anchored to the same atomic oscillators. Cryptographic proof that specific data existed at a specific moment — for documents, backups, audit logs, and signed code.
Risk and adversarial exposure
Why unauthenticated time is an exploitable attack surface — adversarial clock manipulation, forensic exposure, and why NTS alone is not sufficient.
RiskCompliance
NBC TCRMG, PCI DSS, SWIFT CSP, ISO 27001, and NIST alignment for authenticated timekeeping and timestamp attestation in regulated infrastructure.
Compliance