I will talk on this page of everything related to security and authentication on the Internet.
PGP and GPG are two compatible asymmetric encryption and signing software. Their features are:
gpg --recipient <user-id> --encrypt <file> gpg --decrypt <file>.gpg
gpg --detach-sign --armor <file> gpg --verify <file>.asc
For emails, you should use some software to automatically manage your keyring and sign, verify signatures, encrypt and decrypt messages, like the Enigmail addon with Thunderbird.
If a trusted third party signs with its private key a document of yours, then it will prove the integrity and the timestamp of your document.
There are a few working and easy enough to use services for individuals:
Others have more critical limitations:
You can also use a software client to use the RFC 3161 protocol, with a server providing the service:
One problem I encountered with all providers I tried is that they limit the file size (at least for free services), around 1 MB.
So what I do is that I sign the large file with my own PGP key, then I officially timestamp my signature. My PGP key doesn't need to be reliable, only the algorithm used to sign with it needs to be reliable in order to prove that the file was not modified. Actually only a hash would be necessary, and this is what RFC 3161 clients do when the service is not limited. But of course it is better to directly timestamp your file if you can do so.