Conditional Oblivious Transfer and Timed-Release Encryption

We consider the problem of sending messages "into the future." Previous constructions for this task were either based on heuristic assumptions or did not provide anonymity to the sender of the message. In the public-key setting, we present an efficient and secure timed-release encryption scheme using a "time server" which inputs the current time into the system. The server has to only interact with the receiver and never learns the sender's identity. The scheme's computational and communicational cost per request are only logarithmic in the time parameter. The construction of our scheme is based on a novel cryptographic primitive: a variant of oblivious transfer which we call conditional oblivious transfer. We define this primitive (which may be of independent interest) and show an efficient construction for an instance of this new primitive based on the quadratic residuosity assumption.

[1]  Rafail Ostrovsky,et al.  Fair Games against an All-Powerful Adversary , 1990, Advances In Computational Complexity Theory.

[2]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[3]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[4]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[5]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[6]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[7]  Mihir Bellare,et al.  Encapsulated Key Escrow , 1996 .

[8]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[9]  Ralph C. Merkle,et al.  Secure communications over insecure channels , 1978, CACM.

[10]  Gilles Brassard,et al.  Information theoretic reductions among disclosure problems , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[11]  Joe Kilian,et al.  Achieving oblivious transfer using weakened security assumptions , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[12]  Claude Crépeau,et al.  Equivalence Between Two Flavours of Oblivious Transfers , 1987, CRYPTO.

[13]  Boaz Patt-Shamir,et al.  Optimal and efficient clock synchronization under drifting clocks , 1999, PODC '99.

[14]  Giovanni Di Crescenzo,et al.  Zero-Knowledge Arguments and Public-Key Cryptography , 1995, Inf. Comput..

[15]  Rafail Ostrovsky,et al.  Reducibility and completeness in multi-party private computations , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[16]  Giovanni Di Crescenzo,et al.  The Knowledge Complexity of Quadratic Residuosity Languages , 1994, Theor. Comput. Sci..

[17]  Jeffrey Shallit,et al.  Algorithmic Number Theory , 1996, Lecture Notes in Computer Science.

[18]  Manuel Blum,et al.  Noninteractive Zero-Knowledge , 1991, SIAM J. Comput..

[19]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[20]  Rafail Ostrovsky,et al.  Minimum resource zero knowledge proofs , 1989, 30th Annual Symposium on Foundations of Computer Science.

[21]  S. Micali,et al.  Noninteractive Zero-Knowledge , 1990, SIAM J. Comput..

[22]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[23]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[24]  A. DeSantis,et al.  Zero-knowledge arguments and public-key cryptography , 1995 .

[25]  Alfredo De Santis,et al.  Public-Randomness in Public Key Cryptography , 1990, EUROCRYPT.

[26]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[27]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .

[28]  Manuel Blum,et al.  Non-interactive zero-knowledge and its applications , 1988, STOC '88.