Cambodia's time trust anchor.

Authenticated clock synchronisation and independent timestamp attestation — three services, one atomic foundation, entirely inside Cambodia.


Accurate time underpins two distinct security requirements. The first is synchronisation — keeping clocks aligned so that distributed systems, transaction records, and audit logs share a common timeline. The second is attestation — proving to a third party that a specific event happened at a specific moment. Without synchronisation, logs cannot be trusted. Without attestation, logs cannot be defended.

CNX addresses both from a single atomic infrastructure. GNSS receivers disciplined by in-country Rubidium atomic oscillators provide a Stratum-1 time authority that does not depend on international links. NTS and PTP deliver that signal to servers and hardware. TSA converts it into cryptographic proof — a timestamp token that binds specific data to a specific moment, independently verifiable, permanently.

All three services share the same atomic oscillators, the same private CA infrastructure, and the same 24/7 NOC. The chain from oscillator to signed timestamp is unbroken and domestically governed.

Infrastructure

Time sourceRubidium atomic oscillators
NTS accuracy<10 ms to UTC
PTP precision<1 µs to UTC
Atomic holdover<1 µs/day
Availability99.99%
NOC response30 min · 24/7

NTS — Network Time Security

Authenticated NTP over TLS (RFC 8915). For servers, logging infrastructure, and compliance-level audit trails. Drop-in replacement for existing NTP clients.

PTP — Precision Time Protocol

IEEE 1588v2 sub-microsecond accuracy via hardware timestamping. For core banking switches, payment gateways, and hypervisor clusters.

TSA — Timestamp Authority

RFC 3161 timestamp tokens anchored to the same atomic oscillators. Cryptographic proof that specific data existed at a specific moment — for documents, backups, audit logs, and signed code.


Risk and adversarial exposure

Why unauthenticated time is an exploitable attack surface — adversarial clock manipulation, forensic exposure, and why NTS alone is not sufficient.

Risk
Compliance

NBC TCRMG, PCI DSS, SWIFT CSP, ISO 27001, and NIST alignment for authenticated timekeeping and timestamp attestation in regulated infrastructure.

Compliance