Timed-Release Public Key Based Authenticated Encryption

In this paper, we formally define a notion of timed-release public key based authenticated encryption (TR-PKAE). In addition to standard time-independent security properties (such as IND-CCA security for confidentiality and ciphertext/plaintext unforgeability), TR-PKAE introduces requirements such as timed-release receiver confidentiality (IND-RTR-CCA), which precludes the receiver from decrypting ciphertext before designated time, and ciphertext/plaintext unforgeability by the receiver itself for a future designated time among others. We propose a first provably secure TR-PKAE construction based on bilinear maps and prove the above security requirements in the random oracle model. Even though our protocol does not use digital signatures, receiver can still prove to a third party the message origin. The proposed protocol is compact, practical and efficient.

[1]  Ran Canetti,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[2]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .

[3]  Xavier Boyen,et al.  Multipurpose Identity-Based Signcryption (A Swiss Army Knife for Identity-Based Cryptography) , 2003, CRYPTO.

[4]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[5]  Mihir Bellare,et al.  Encapsulated Key Escrow , 1996 .

[6]  Liqun Chen,et al.  Applications of Multiple Trust Authorities in Pairing Based Cryptosystems , 2002, InfraSec.

[7]  Mihir Bellare,et al.  Relations among Notions of Security for Public-Key Encryption Schemes , 1998, IACR Cryptol. ePrint Arch..

[8]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[9]  David L. Mills,et al.  Network Time Protocol (Version 3) Specification, Implementation , 1992 .

[10]  Rafail Ostrovsky,et al.  Conditional Oblivious Transfer and Timed-Release Encryption , 1999, EUROCRYPT.

[11]  Daniel R. Simon,et al.  Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack , 1991, CRYPTO.

[12]  Juan A. Garay,et al.  Timed Fair Exchange of Standard Signatures , 2003, IACR Cryptology ePrint Archive.

[13]  Jee Hea An Authenticated Encryption in the Public-Key Setting: Security Notions and Analyses , 2001, IACR Cryptol. ePrint Arch..

[14]  Marco Casassa Mont,et al.  The HP time vault service: exploiting IBE for timed release of confidential information , 2003, WWW '03.

[15]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[16]  Paul F. Syverson,et al.  Weakly secret bit commitment: applications to lotteries and fair exchange , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[17]  Silvio Micali,et al.  Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements , 2000, EUROCRYPT.

[18]  Ian F. Blake,et al.  Scalable, Server-Passive, User-Anonymous Timed Release Public Key Encryption from Bilinear Pairing , 2004, IACR Cryptol. ePrint Arch..