P2P Time Release Encryption Proposal
Time release encryption (TRE) is a class of techniques for encrypting messages in such a way that they can only be decrypted after a certain period of time. This is typically achieved one of two ways, either
- a trusted third party publishes the decryption key once a determined deadline has elapsed or
- the message is encrypted in such a way that the time required to expose the plaintext through a brute force attack is longer than that which one wants to keep the message secret.
An interesting property of both of these TRE approaches is that they are non-interactive, ie the sender of the encrypted message is not required to be available for decryption. This article describes a general technique for time release encryption using a peer-to-peer protocol which doesn't necessitate trusted parties or high computational expenditure while remaining non-interactive.
- Each node publishes their public key to the network.
Nsecret strings each 256B long,
SECRET_STRINGS = [ss1, ss2, ...], and publishes the checksum of these secret strings to the network,
SECRET_CHECKSUMS = [sc1, sc2, ...].
- Hashes the concatenated strings to produce a secret key.
SECRET_KEY = ss1 + ss2 + ...
- Uses this key to symmetrically encrypt some data.
CIPHERTEXT = AES(message: PLAINTEXT, key: SECRET_KEY)
- Publishes the encrypted data to the network viewable by anyone.
- Disseminates secret string, the concatenation index, and a release date for each secret string to
Nrandom nodes. A given node might receive:
If the network transactions occur over a blockchain the sender must encrypt the data via the node's public key and may provide a mechanism for remuneration if the node participates in the future decryption.
6. Repeat the previous step
M times (
M * N total nodes are sent data).
- Each node that receives data is requested to store the data until the release date has elapsed before publishing the decrypted contents to the network.
- Secret keys that are published in this way are validated via their corresponding public checksums.
- Once all secret strings have been published and verified anyone can decrypt the original cipher text using the hash of the concatenated secret strings as the key.
A number of payment strategies exist to incentive the cooperation necessary to successfully execute this TRE scheme. For instance, the first node to publish a verifiable key for each key may receive some payment. Once all keys have been published an verified all nodes who contributed to the decryption could receive a second larger payment. This would encourage nodes to publish their key as soon after the deadline as possible and discourage conspiracy.
If not already obvious, the described TRE scheme is a heuristic which comes with no guarantees. When using this proposal there are 3 possible outcomes:
- The nodes conspire unilaterally against you and the message is hacked before the release date.
- Enough nodes fail to publish their keys such that the entire symmetric key cannot be recreated and the message is never decrypted.
- At least one copy of each indexed key is published after the deadline successfully decrypting the message.
P that this strategy will succeed conforms to the following formula:
𝚷ᵢ·(1 - 𝚷ᵣ·(1 - pᵢᵣ))
𝚷ᵣ are the sequence products
i = 0,
i < N and
r = 0,
r < M respectively.
pᵢᵣ refers to the probability that the
rth node with key
i will faithfully publish key
i after the release date.
P = 𝚷ᵢ·pᵢ
pᵢ is the probability that at least one node with key
i decrypts after the release date.
pᵢ = 1 - cᵢ
cᵢ, the complement of
pᵢ, is the probability that all nodes with key
i fail to decrypt.
cᵢ = 𝚷ᵣ·cᵢᵣ
cᵢᵣ, the probability that
pᵢᵣ will fail, can be rewritten as
1 - pᵢᵣ.
Copyright © 2018 Jake Wood