Versatile and Sustainable Timed-Release Encryption and Sequential Time-Lock Puzzles (Extended Abstract)

Timed-release encryption (TRE) makes it possible to send messages “into the future” such that a pre-determined amount of time needs to pass before a message can be accessed. The most prominent construction is based on sequential squaring in RSA groups, proposed by Rivest et al. in 1996. Malavolta and Thyagarajan (CRYPTO’19) recently introduced an interesting variant of TRE called homomorphic time-lock puzzles (HTLPs), making TRE more versatile and greatly extending its applications. Here one considers multiple independently generated puzzles and the homomorphic evaluation of a circuit over these puzzles. Solving the so obtained puzzle yields the output of a circuit evaluated on the messages locked by the original puzzles. We observe that viewing HTLPs more abstractly gives rise to a simple generic construction of homomorphic TRE (HTRE) that is not necessarily based on sequential squaring, but can be instantiated based on any TLP, such as those based on one-way functions and the LWE assumption (via randomized encodings). This construction has slightly different properties, but provides essentially the same functionality for applications. It makes TRE versatile and can be used beyond HTRE, for instance to construct timed-release functional encryption. Interestingly, it achieves a new “solve one, get many for free” property, which supports that an arbitrary number of independently time-locked (homomorphically evaluated) messages can all be obtained simultaneously after solving only a single puzzle. This puzzle is independent of the number of time-locked messages and thus achieves optimal amortized cost. As a second contribution we define and construct sequential TLPs as a particularly useful generalization of TLPs and TRE. Such puzzles can be solved sequentially in a way that solving a puzzle additionally considers the previous solution and the time required to solve the puzzle is determined by the difference in the time parameters. When instantiated from sequential squaring, this allows to realize public “sequential squaring services”, where everyone can time-lock messages, but only one entity needs to perform the computations required to solve puzzles. Thus, this removes the burden of wasting computational resources by every receiver and makes TRE economically and ecologically more sustainable.

[1]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[2]  Ilan Komargodski,et al.  Non-Malleable Time-Lock Puzzles and Applications , 2020, IACR Cryptol. ePrint Arch..

[3]  Vinod Vaikuntanathan,et al.  On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption , 2012, STOC '12.

[4]  Victor Shoup,et al.  Sequences of games: a tool for taming complexity in security proofs , 2004, IACR Cryptol. ePrint Arch..

[5]  Moni Naor,et al.  Timed Commitments , 2000, CRYPTO.

[6]  Jiayu Xu,et al.  On the Security of Time-Locked Puzzles and Timed Commitments , 2020, IACR Cryptol. ePrint Arch..

[7]  Brent Waters,et al.  Functional Encryption: Definitions and Challenges , 2011, TCC.

[8]  Yuval Ishai,et al.  Randomizing polynomials: A new representation with applications to round-efficient secure computation , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[9]  Dominique Unruh,et al.  Revocable Quantum Timed-Release Encryption , 2014, J. ACM.

[10]  Rafael Pass,et al.  Two-Round and Non-Interactive Concurrent Non-Malleable Commitments from Time-Lock Puzzles , 2017, 2017 IEEE 58th Annual Symposium on Foundations of Computer Science (FOCS).

[11]  Tal Malkin,et al.  Non-Malleable Codes Against Bounded Polynomial Time Tampering , 2019, IACR Cryptol. ePrint Arch..

[12]  Nico Döttling,et al.  Verifiable Timed Signatures Made Practical , 2020, CCS.

[13]  Yael Tauman Kalai,et al.  Reusable garbled circuits and succinct functional encryption , 2013, STOC '13.

[14]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[15]  Benny Applebaum,et al.  Garbled Circuits as Randomized Encodings of Functions: a Primer , 2017, Tutorials on the Foundations of Cryptography.

[16]  Salil P. Vadhan,et al.  Time-Lock Puzzles in the Random Oracle Model , 2011, CRYPTO.

[17]  Aggelos Kiayias,et al.  Multi-instance Publicly Verifiable Time-Lock Puzzle and Its Applications , 2021, Financial Cryptography.

[18]  Allison Bishop,et al.  Indistinguishability Obfuscation for Turing Machines with Unbounded Memory , 2015, IACR Cryptol. ePrint Arch..

[19]  Zvika Brakerski,et al.  Leveraging Linear Decryption: Rate-1 Fully-Homomorphic Encryption and Time-Lock Puzzles , 2019, IACR Cryptol. ePrint Arch..

[20]  Yuval Ishai,et al.  COMPUTATIONALLY PRIVATE RANDOMIZING POLYNOMIALS AND THEIR APPLICATIONS , 2005, 20th Annual IEEE Conference on Computational Complexity (CCC'05).

[21]  Moni Naor,et al.  Zaps and their applications , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[22]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[23]  Adam O'Neill,et al.  Definitional Issues in Functional Encryption , 2010, IACR Cryptol. ePrint Arch..

[24]  Jung Hee Cheon,et al.  Provably Secure Timed-Release Public Key Encryption , 2008, TSEC.

[25]  Nir Bitansky,et al.  Time-Lock Puzzles from Randomized Encodings , 2016, IACR Cryptol. ePrint Arch..

[26]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[27]  Rafail Ostrovsky,et al.  Conditional Oblivious Transfer and Timed-Release Encryption , 1999, EUROCRYPT.

[28]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[29]  Dominique Unruh Revocable Quantum Timed-Release Encryption , 2014, EUROCRYPT.

[30]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[31]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[32]  Giulio Malavolta,et al.  Homomorphic Time-Lock Puzzles and Applications , 2019, IACR Cryptol. ePrint Arch..

[33]  Eike Kiltz,et al.  The Algebraic Group Model and its Applications , 2018, IACR Cryptol. ePrint Arch..

[34]  Tibor Jager,et al.  How to build time-lock encryption , 2018, Designs, Codes and Cryptography.

[35]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[36]  David Pointcheval,et al.  The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes , 2001, Public Key Cryptography.

[37]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[38]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .