Cryptology ePrint Archive: Report 2015/478

How to Build Time-Lock Encryption

Tibor Jager

Abstract: Time-lock encryption is a method to encrypt a message such that it can only be decrypted after a certain deadline has passed. A computationally powerful adversary should not be able to learn the message before the deadline. However, even receivers with relatively weak computational resources should immediately be able to decrypt after the deadline, without any interaction with the sender, other receivers, or a trusted third party.

We show how to realize this strong notion of secure encryption by making the additional, very realistic assumption that intermediate results of an iterative, public, large-scale computation --- like the computations performed by users of the popular cryptocurrency Bitcoin --- are publicly available. We use these computations as a "computational reference clock", which mimics a physical clock in a computational setting, and show how the computations performed by the reference clock can be "reused" to build secure time-lock encryption. A nice feature of this approach is that it can be based on a public computation which is performed "anyway" and independent of the time-lock encryption scheme.

We provide the first formal definitions of computational reference clocks and time-lock encryption, and give a proof-of-concept construction which combines a computational reference clock with witness encryption (Garg et al., STOC 2013). We also explain how to construct a computational reference clock based on Bitcoins.

Category / Keywords: foundations / Time-lock encryption, timed-release encryption, Bitcoins, witness encryption, time-lock puzzles, timed commitments

Date: received 19 May 2015, last revised 21 Sep 2015

Contact author: tibor jager at rub de

Available format(s): PDF | BibTeX Citation

Version: 20150921:115232 (All versions of this report)

Short URL: ia.cr/2015/478

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]