CommitCoin: Carbon Dating Commitments with Bitcoin

In the standard definition of a commitment scheme, the sender commits to a message and immediately sends the commitment to the recipient interested in it. However the sender may not always know at the time of commitment who will become interested in verifying it. Further, when the interested party does emerge, it could be critical to establish when the commitment was made. Employing a proof of work protocol at commitment time will later allow anyone to "carbon date" when the commitment was made, approximately, without trusting any external parties. We present CommitCoin, an instantiation of this approach that harnesses the existing processing power of the Bitcoin peer-to-peer network; a network used to mint and trade digital cash.

[1]  Stuart Haber,et al.  How to Time-Stamp a Digital Document , 1990, CRYPTO.

[2]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[3]  Stuart Haber,et al.  Improving the Efficiency and Reliability of Digital Time-Stamping , 1993 .

[4]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .

[5]  Adi Shamir,et al.  PayWord and MicroMint: Two Simple Micropayment Schemes , 1996, Security Protocols Workshop.

[6]  Jan Willemson,et al.  Time-Stamping with Binary Linking Schemes , 1998, CRYPTO.

[7]  Markus Jakobsson,et al.  Curbing Junk E-Mail via Secure Classification , 1998, Financial Cryptography.

[8]  Stuart G. Stubblebine,et al.  Publicly Verifiable Lotteries: Applications of Delaying Functions , 1998, Financial Cryptography.

[9]  Bart Preneel Design of a Timestamping System , 1998 .

[10]  Matthew K. Franklin,et al.  Auditable Metering with Lightweight Security , 1997, J. Comput. Secur..

[11]  Markus Jakobsson,et al.  Proofs of Work and Bread Pudding Protocols , 1999, Communications and Multimedia Security.

[12]  Tuomas Aura DOS-Resistant Authentication with Client Puzzles (Transcript of Discussion) , 2000, Security Protocols Workshop.

[13]  Moni Naor,et al.  Timed Commitments , 2000, CRYPTO.

[14]  Mary Baker,et al.  Enabling the Long-Term Archival of Signed Documents through Time Stamping , 2001, ArXiv.

[15]  Adam Stubblefield,et al.  Using Client Puzzles to Protect TLS , 2001, USENIX Security Symposium.

[16]  Adam Back,et al.  Hashcash - A Denial of Service Counter-Measure , 2002 .

[17]  Michael K. Reiter,et al.  Defending against denial-of-service attacks with puzzle auctions , 2003, 2003 Symposium on Security and Privacy, 2003..

[18]  Fabian Monrose,et al.  Efficient Memory Bound Puzzles Using Pattern Databases , 2006, ACNS.

[19]  Colin Boyd,et al.  Toward Non-parallelizable Client Puzzles , 2007, CANS.

[20]  Jeremy Clark,et al.  Scantegrity II: End-to-End Verifiability for Optical Scan Election Systems using Invisible Ink Confirmation Codes , 2008, EVT.

[21]  Amnon Ta-Shma,et al.  Non-interactive Timestamping in the Bounded-Storage Model , 2009, Journal of Cryptology.

[22]  Bogdan Warinschi,et al.  Security Notions and Generic Constructions for Client Puzzles , 2009, ASIACRYPT.

[23]  Jeremy Clark,et al.  On the Use of Financial Data as a Random Beacon , 2010, EVT/WOTE.

[24]  Ghassan O. Karame,et al.  Low-Cost Client Puzzles Based on Modular Exponentiation , 2010, ESORICS.

[25]  Jeremy Clark,et al.  Scantegrity II Municipal Election at Takoma Park: The First E2E Binding Governmental Election with Ballot Privacy , 2010, USENIX Security Symposium.

[26]  Salil P. Vadhan,et al.  Non-Interactive Time-Stamping and Proofs of Work in the Random Oracle Model , 2011, IACR Cryptol. ePrint Arch..

[27]  Colin Boyd,et al.  Stronger diculty notions for client puzzles and denial-of-service-resistant protocols (full version) , 2011 .

[28]  Salil P. Vadhan,et al.  Time-Lock Puzzles in the Random Oracle Model , 2011, CRYPTO.