Paper 2020/537

TARDIS: A Foundation of Time-Lock Puzzles in UC

Carsten Baum, Bernardo David, Rafael Dowsley, Jesper Buus Nielsen, and Sabine Oechsner


Time-based primitives like time-lock puzzles (TLP) are finding widespread use in practical protocols, partially due to the surge of interest in the blockchain space where TLPs and related primitives are perceived to solve many problems. Unfortunately, the security claims are often shaky or plainly wrong since these primitives are used under composition. One reason is that TLPs are inherently not UC secure and time is tricky to model and use in the UC model. On the other hand, just specifying standalone notions of the intended task, left alone correctly using standalone notions like non-malleable TLPs only, might be hard or impossible for the given task. And even when possible a standalone secure primitive is harder to apply securely in practice afterwards as its behavior under composition is unclear. The ideal solution would be a model of TLPs in the UC framework to allow simple modular proofs. In this paper we provide a foundation for proving composable security of practical protocols using time-lock puzzles and related timed primitives in the UC model. We construct UC-secure TLPs based on random oracles and show that using random oracles is necessary. In order to prove security, we provide a simple and abstract way to reason about time in UC protocols. Finally, we demonstrate the usefulness of this foundation by constructing applications that are interesting in their own right, such as UC-secure two-party computation with output-independent abort.

Note: Added formal statements for impossibility Theorems 4 and 5 to Appendix E.

Available format(s)
Cryptographic protocols
Publication info
A major revision of an IACR publication in EUROCRYPT 2021
Universal composabilitytime-lock puzzlessecure two-party computationfair coin tossingoutput independent abort
Contact author(s)
cbaum @ cs au dk
bernardo @ bmdavid com
rafael dowsley @ monash edu
jbn @ cs au dk
oechsner @ cs au dk
2021-08-08: last of 8 revisions
2020-05-07: received
See all versions
Short URL
Creative Commons Attribution


      author = {Carsten Baum and Bernardo David and Rafael Dowsley and Jesper Buus Nielsen and Sabine Oechsner},
      title = {{TARDIS}: A Foundation of Time-Lock Puzzles in {UC}},
      howpublished = {Cryptology ePrint Archive, Paper 2020/537},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.