Results 1 
2 of
2
Offline Submission with RSA TimeLock Puzzles
"... Abstract—We introduce a noninteractive RSA timelock puzzle scheme whose level of difficulty can be arbitrarily chosen by artificially enlarging the public exponent. Solving a puzzle for a message m means for Bob to encrypt m with Alice’s public puzzle key by repeated modular squaring. The number o ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
Abstract—We introduce a noninteractive RSA timelock puzzle scheme whose level of difficulty can be arbitrarily chosen by artificially enlarging the public exponent. Solving a puzzle for a message m means for Bob to encrypt m with Alice’s public puzzle key by repeated modular squaring. The number of squarings to perform determines the puzzle complexity. This puzzle is nonparallelizable. Thus, the solution time cannot be shortened significantly by employing many machines and it varies only slightly across modern CPUs. Alice can quickly verify the puzzle solution by decrypting the ciphertext with a regular private key operation. Our main contribution is an offline submission protocol which enables an author being currently offline to commit to his document before the deadline by continuously solving an RSA puzzle based on that document. When regaining Internet connectivity, he submits his document along with the puzzle solution which is a proof for the timely completion of the document. We have implemented a platformindependent tool performing all parts of our offline submission protocol: puzzle benchmark, issuing a timelock RSA certificate, solving a puzzle and finally verifying the solution for a submitted document. Two other applications we propose for RSA timelock puzzles are trial certificates from a wellknown CA and a CEO disclosing the signing private key to his deputy. I.
Timed Encryption and Its Application
"... Abstract. In this paper, we propose a new notion of timed encryption, in which the encryption is secure within time t while it is totally insecure after some time T> t. We are interested in the case where t and T are both polynomial. We propose a concrete construction that is provably secure in the ..."
Abstract
 Add to MetaCart
Abstract. In this paper, we propose a new notion of timed encryption, in which the encryption is secure within time t while it is totally insecure after some time T> t. We are interested in the case where t and T are both polynomial. We propose a concrete construction that is provably secure in the random oracle model. We show that it can be generically (although inefficient) constructed from a timed commitment of Boneh and Naor (CRYPTO’00). Finally, we apply this primitive to construct a deniable secure key exchange protocol, where the deniability and secrecy both hold adaptively and the adversary can conduct session state reveal attacks and eavesdropping attacks in the noneraser model. Our protocol is the first to achieve each of the following properties: adaptive deniability admitting eavesdropping attacks and deniability admitting session state reveal attacks in the noneraser model. Our protocol is constructed using a timing restriction (inherited from the timed encryption). However, the requirement is rather weak. It essentially asks a user to respond to a ciphertext as soon as possible and hence does not artificially cause any delay. Our usage of timed encryption for the deniability is to use the forceful decryption to obtain the plaintext and hence does not use any random oracle assumption (even if the secrecy proof needs this).