[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Who needs time vaults anyway?


 Bryce wrote:
> Can anyone explain what use this theoretical "time-sensitive" crypto
> box would be good for?

 Sameer wrote:
> 	Suppose you die.

Hey!  Who do you think you are?


Just kidding.  When I woke up this morning I realized what I was
missing:  the decryption might be out of your hands, such as when
you die, or you might *want* it to be out of your hands for some
other reason.

With that in mind, I can think of only one unalterable lower-limit
on the time of as decryption--  the speed of light.  Suppose you
encrypt your data with successive layers of keys, K1-Kn.  Then you
encrypt each key with its predecessor, encrypting Kn with Kn-1,
encryping Kn-1 with Kn-2, etc.  Destroy all copies of unencrypted
keys except for K1, which has not been encrypted.  Now put all
odd-numbered keys in location A and all even-numbered keys in
location B, which is 1 light minute from location A.  Once an agent
has received Key 1, it will take at least n minutes to decrypt 
the data.  Of course, the agent could just take copies of all of the 
keys from location B on some physical media and transport the media 
to location A, which would make the lower bound on time to be "much 
longer than 1 minute".

Hm.  Suppose the n different keys are in n different physical
locations, and the agent does not know where the k+1 location is
until he decrypts the material at the k location.  The "scavenger
hunt" scheme for timed decryption.  Of course this doesn't mean that
you have to bury your crypto box and make a map with an "X" marking
the spot.  Each key could be held by a crypto box which is
publically accessible on the Net.  The important thing is that
the decrypting agent can't retrieve the k+1 piece until he has 
decrypted the k piece.  Then the lower bound on time of decryption 
is...  um...  Well it depends on the location of the decrypting agent 
with respect to the locations of the n pieces.  (Neglecting, still, 
transmission overhead and decryption time.)  I'm not sure what the 
lower bound actually is, but it can be increased simply by adding more 
pieces to the puzzle.

A single station could serve up multiple pieces.  It would only
reveal the k piece if the querying agent can prove that he has the 
k-1 piece.  Of course if the total number of stations is small then 
the "physically move the pieces" trick might work.


signatures follow
            "To strive, to seek, to find and not to yield."   
    <a href="http://www-ugrad.cs.colorado.edu/~wilcoxb/Niche.html">

                          [email protected]                   </a>

Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01