SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Identity-Based Encryption from the Weil Pairing
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Short Signatures from the Weil Pairing
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Time-lock Puzzles and Timed-release Crypto
Time-lock Puzzles and Timed-release Crypto
Encapsulated Key Escrow
A threshold cryptosystem without a trusted party
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Timed release of standard digital signatures
FC'02 Proceedings of the 6th international conference on Financial cryptography
Time-based release of confidential information in hierarchical settings
ISC'05 Proceedings of the 8th international conference on Information Security
Timed-release encryption with pre-open capability and its application to certified e-mail system
ISC'05 Proceedings of the 8th international conference on Information Security
Hi-index | 0.00 |
The timed-release encryption scheme is to encrypt a message so that a ciphertext can be decrypted when specific time in the future comes. Recently, interesting constructions of the timed-release encryption scheme have been proposed. The central concept of the constructions is a public agent which periodically broadcasts self-authenticated time information, called a time token. A time token contains absolute time information such as “08:09AM Dec. 1, 2005 GMT.” A sender encrypts a message so that a receiver of the ciphertext can generate a decryption key from a time token of the designated release time. Although the constructions have many advantages, resilience to missing time tokens is not still satisfactory since a time token can be used only for computing a decryption key of the corresponding time. A promising approach is to construct decryption keys so that a decryption key (e.g., of 08:09AM) can be computed not only from the corresponding time token but also from decryption keys of later time instants (e.g., 08:10AM, 08:11AM and so on). A trivial construction to realize such backward recovery is to use keys, which constitute a hash chain, for encrypting messages and encrypt these keys by using the timed-release encryption scheme. This construction is simple but requires the overhead of encryption. To reduce the overhead, this paper introduces a timed-release key management scheme in which decryption keys are related so that the backward property is provided. The feature is that a sender can choose freely and flexibly the time instants of which decryption keys have the backward property. The paper also gives an efficient construction based on a bilinear map.