Results 1 
3 of
3
How to Build TimeLock Encryption
 IACR Cryptology ePrint Archive
, 2015
"... Abstract. Timelock encryption is a method to encrypt a message such that it can only be decrypted after a certain deadline has passed. A computationally powerful adversary should not be able to learn the message before the deadline. However, even receivers with relatively weak computational resourc ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract. Timelock encryption is a method to encrypt a message such that it can only be decrypted after a certain deadline has passed. A computationally powerful adversary should not be able to learn the message before the deadline. However, even receivers with relatively weak computational resources should immediately be able to decrypt after the deadline, without any interaction with the sender, other receivers, or a trusted third party. Clearly, such a strong notion of secure encryption is impossible to achieve in a plain standard model of computation (like the Turing machine model), as it lacks any equivalent of “realworld time”, which is provided in the real world by reference clocks. We introduce the concept of computational reference clocks as an extension of the standard computational model, which provides a novel and very realistic method to “emulate ” realworld time in a computational model. We support this concept by showing that the widelyused cryptocurrency Bitcoin provides a practical example of such a reference clock. We furthermore explain how the computations performed by the reference clock can be “reused ” to build secure timelock encryption. A nice feature of this approach is that it can be based on a public computation which is performed “anyway ” and independent of the timelock encryption scheme. We provide the first formal definitions of computational reference clocks and timelock encryption, and give a simple proofofconcept construction of timelock encryption, which combines a computational reference clock with witness encryption (Garg et al., STOC 2013). We also explain how to construct a computational reference clock based on Bitcoins. 1
Contents
, 2008
"... Important note: These notes are not supposed to be selfcontained. Instead, they are intended as a reminder about which topics where discussed in the lecture. If you ..."
Abstract
 Add to MetaCart
Important note: These notes are not supposed to be selfcontained. Instead, they are intended as a reminder about which topics where discussed in the lecture. If you
Making ExistentialUnforgeable Signatures Strongly Unforgeable in the Quantum RandomOracle Model
"... Strongly unforgeable signature schemes provide a more stringent security guarantee than the standard existential unforgeability. It requires that not only forging a signature on a new message is hard, it is infeasible as well to produce a new signature on a message for which the adversary has seen v ..."
Abstract
 Add to MetaCart
Strongly unforgeable signature schemes provide a more stringent security guarantee than the standard existential unforgeability. It requires that not only forging a signature on a new message is hard, it is infeasible as well to produce a new signature on a message for which the adversary has seen valid signatures before. Strongly unforgeable signatures are useful both in practice and as a building block in many cryptographic constructions. This work investigates a generic transformation that compiles any existentialunforgeable scheme into a strongly unforgeable one, which was proposed by Teranishi et al. [30] and was proven in the classical randomoracle model. Our main contribution is showing that the transformation also works against quantum adversaries in the quantum randomoracle model. We develop proof techniques such as adaptively programming a quantum randomoracle in a new setting, which could be of independent interest. Applying the transformation to an existentialunforgeable signature scheme due to Cash et al. [10], which can be shown to be quantumsecure assuming certain lattice problems are hard for quantum computers, we get an efficient quantumsecure strongly unforgeable signature scheme in the quantum randomoracle model.