[6748] in cryptography@c2.net mail archive
Re: time dependant
daemon@ATHENA.MIT.EDU (j@cnb.uam.es)
Wed Mar 8 09:06:14 2000
Message-Id: <200003081228.NAA34524@embnet.cnb.uam.es>
Date: Wed, 8 Mar 2000 13:28:20 +0100 (MET)
To: iscp9063@nus.edu.sg
Cc: cryptography@c2.net
From: <j@cnb.uam.es>
Reply-To: <j@cnb.uam.es>
In-Reply-To: <010601bf8879$2f4c1980$82d08489@muki>
-----BEGIN PGP SIGNED MESSAGE-----
>I want to know whether there is a crypto building block which doesn't allow
>someone to open an encrypted message before a certain date.
>
>[Damn hard. Math functions don't grok "date". The only reasonable way
>to do this without a trusted third party is to pick an encryption
>algorithm that will take at least as long to decrypt (in likely
>available computer time) as are needed. -Perry]
>
Agreed. Even so, the user might gain access to a faster CPU or
multi-CPU implementation.
The only workaround I see is to include the date in the IV _AND_
make sure the current date can only be checked from a trusted, authenticated
time server, _AND_ that the user can in no way tamper with your program
code at all (even if he may not modify it, he might gain enough
intelligence to simulate the time server by DNS spoofing or some such).
That or you simply encrypt your message with a suitable private
key which is held secret by you or a trusted party until the date
specified. Until that time the user may harass the key holder as much
as he wants, but only after that date will the decryption key be
available and the message readable.
The key holder needs a trusted source of time to make sure he
is not releasing the key too soon or late. That, in turn depends on
how paranoid you are, but in general a GPS source might be enough.
j
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOMZHZrgsTQLvQjxFAQE0iQf+PhhxfOj5DTp5a8saJn71QYEl63BM3N8W
4NUeb/WFkCbmvtaMe3Cz422xqZbPaGoO7yLVOZFv5Sp9fHLIbcUsdMEleElvThcj
qxKslo1NJN7HgmyWrFXmekaBEbAor/LQs1HpQ5mSqU//8WknEs4ZwjFdQzZ9p6QM
pbaeK9WP6o6fbLLqKzBzXVsJhmKrpGsmK4PwdKKb/MJ3zNdOOSRxJfCQSoJF8El4
Yh2SzL2nP66M9LSostEb1jjBwiJarPDjuJufsGov77uxD/sPJTPYgccy0006ezF6
5QBDIB3RjLG+e1FdjgGcCUQkoH13NpdYkOrFT79Q3R538SedE768OA==
=/VtF
-----END PGP SIGNATURE-----
