Timed-Release Encryption as a new primitive for security protocols
Lead Research Organisation:
University of Oxford
Department Name: Computer Science
Abstract
Timed-release encryption was introduced in 1993 by May[1] when he was trying to solve the problem of sending a message "into the future". The idea behind timed-release encryption is that you can encrypt a message which can only be decrypted after a given amount of time. Since 1993 many researchers tried to find new and different ways to construct timed-release ciphers and essentially only two approaches emerged: using a trusted third party (i.e. a central entity which is believed to be benevolent) or designing time-lock puzzles (i.e. puzzles which must require a minimum amount of time to be solved)[1].
The most obvious applications of timed-release encryption are related to sealed-bid auctions, key-escrow schemes and e-voting systems.[1,4]
However, recently a few research papers showed that timed-release encryption could be used in more settings. In [2] Roscoe takes advantage of this cryptographic primitive to design secure protocols where some malicious attacks can be distinguished from network failures. Alternatively, in [3], timed-release encryption is utilised to achieve some level of fairness in exchanging information between two parties.
My research aims to follow this more recent trend of using timed-release encryption as a cryptographic primitive in designing new protocols. It will not focus on how to implement timed-release ciphers, but how different designs can be used in different settings to achieve desirable secure features.
The most interesting scenario presents itself where there is no trustworthy central entity that can oversee our protocol.
The spread of blockchains and the Internet of Things resulted in this setting becoming more prevalent than ever.
The use of timed-release encryption allows us to design better protocols to exchange secrets between parties.
Since perfect security was shown to be impossible[6], our protocols achieve the smallest feasible failure rate. This optimality result is proven both in the simple two-party exchange as well as in any arbitrary exchange involving multiple parties.
These fair exchange protocols can be applied to any scenario where some entities need to perform any digital transaction. Therefore, their use in a decentralized world would be ubiquitous.
A more subtle, but very substantial application is in conjunction with multi-party computations.
A multi-party computation is the calculation of any function where the inputs are private and owned by different entities which do not want to (or are allowed to) share said inputs.
A classic example is the computation of statistics on private health metrics performed by a company which doesn't hold such metrics.
The use of timed-release encryption and fair exchange protocols allows these multi-party computations to escape known fairness and security bounds, therefore broadening further the impact of our research.
This project falls within the ESPRC Global uncertainties research area as it focuses on cyber-security.
References:
[1] R. L. RIVEST, A. SHAMIR and D. A. WAGNER, Time-lock Puzzles and Timed-release Crypto, Massachusetts Institute of Technology, 1996.
[2] A. W. ROSCOE, Detecting Failed Attacks on Human-Interactive Security Protocols, Springer International Publishing, Cham, 2017, pp. 181-197.
[3] A. W. ROSCOE and P. Y. A. RYAN, Auditable PAKEs: Approaching Fair Exchange Without a TTP, Springer International Publishing, Cham, 2017, pp. 278-297.
[4] H. CHEN and R. DEVIANI, A Secure E-Voting System Based on RSA Time-Lock Puzzle Mechanism, 2012 Seventh International Conference on Broadband, Wireless Computing, Communication and Applications, 2012, pp. 596-601.
[5] G. BRANWEN, Time-lock encryption, Gwern.net, https://www.gwern.net/Self -decrypting-files#chained-hashes (last accessed Oct. 12, 2020)
[6] H. PAGNIA and F. C. GARTNER, On the Impossibility of Fair Exchange without a Trusted Third Party, Technical Report TUD-BS-1999-02, Darmstadt University of Technology, 1999.
The most obvious applications of timed-release encryption are related to sealed-bid auctions, key-escrow schemes and e-voting systems.[1,4]
However, recently a few research papers showed that timed-release encryption could be used in more settings. In [2] Roscoe takes advantage of this cryptographic primitive to design secure protocols where some malicious attacks can be distinguished from network failures. Alternatively, in [3], timed-release encryption is utilised to achieve some level of fairness in exchanging information between two parties.
My research aims to follow this more recent trend of using timed-release encryption as a cryptographic primitive in designing new protocols. It will not focus on how to implement timed-release ciphers, but how different designs can be used in different settings to achieve desirable secure features.
The most interesting scenario presents itself where there is no trustworthy central entity that can oversee our protocol.
The spread of blockchains and the Internet of Things resulted in this setting becoming more prevalent than ever.
The use of timed-release encryption allows us to design better protocols to exchange secrets between parties.
Since perfect security was shown to be impossible[6], our protocols achieve the smallest feasible failure rate. This optimality result is proven both in the simple two-party exchange as well as in any arbitrary exchange involving multiple parties.
These fair exchange protocols can be applied to any scenario where some entities need to perform any digital transaction. Therefore, their use in a decentralized world would be ubiquitous.
A more subtle, but very substantial application is in conjunction with multi-party computations.
A multi-party computation is the calculation of any function where the inputs are private and owned by different entities which do not want to (or are allowed to) share said inputs.
A classic example is the computation of statistics on private health metrics performed by a company which doesn't hold such metrics.
The use of timed-release encryption and fair exchange protocols allows these multi-party computations to escape known fairness and security bounds, therefore broadening further the impact of our research.
This project falls within the ESPRC Global uncertainties research area as it focuses on cyber-security.
References:
[1] R. L. RIVEST, A. SHAMIR and D. A. WAGNER, Time-lock Puzzles and Timed-release Crypto, Massachusetts Institute of Technology, 1996.
[2] A. W. ROSCOE, Detecting Failed Attacks on Human-Interactive Security Protocols, Springer International Publishing, Cham, 2017, pp. 181-197.
[3] A. W. ROSCOE and P. Y. A. RYAN, Auditable PAKEs: Approaching Fair Exchange Without a TTP, Springer International Publishing, Cham, 2017, pp. 278-297.
[4] H. CHEN and R. DEVIANI, A Secure E-Voting System Based on RSA Time-Lock Puzzle Mechanism, 2012 Seventh International Conference on Broadband, Wireless Computing, Communication and Applications, 2012, pp. 596-601.
[5] G. BRANWEN, Time-lock encryption, Gwern.net, https://www.gwern.net/Self -decrypting-files#chained-hashes (last accessed Oct. 12, 2020)
[6] H. PAGNIA and F. C. GARTNER, On the Impossibility of Fair Exchange without a Trusted Third Party, Technical Report TUD-BS-1999-02, Darmstadt University of Technology, 1999.
Organisations
People |
ORCID iD |
| A Roscoe (Primary Supervisor) | |
| Ivo Maffei (Student) |
Studentship Projects
| Project Reference | Relationship | Related To | Start | End | Student Name |
|---|---|---|---|---|---|
| EP/R513295/1 | 01/10/2018 | 30/09/2023 | |||
| 2421791 | Studentship | EP/R513295/1 | 01/10/2020 | 31/03/2024 | Ivo Maffei |