Time-Lock Puzzles from Randomized Encodings

Bitansky, Nir; Goldwasser, Shafi; Jain, Abhishek; Paneth, Omer; Vaikuntanathan, Vinod; Waters, Brent

Author(s)

Jain, Abhishek; Paneth, Omer; Waters, Brent; Bitansky, Nir; Goldwasser, Shafrira; ... Show more

DownloadVaikuntanathan_Time-lock.pdf (423.4Kb)

OPEN_ACCESS_POLICY

Terms of use

Creative Commons Attribution-Noncommercial-Share Alike http://creativecommons.org/licenses/by-nc-sa/4.0/

Metadata

Show full item record

Abstract

Time-lock puzzles are a mechanism for sending messages "to the future". A sender can quickly generate a puzzle with a solution s that remains hidden until a moderately large amount of time t has elapsed. The solution s should be hidden from any adversary that runs in time significantly less than t, including resourceful parallel adversaries with polynomially many processors. While the notion of time-lock puzzles has been around for 22 years, there has only been a single candidate proposed. Fifteen years ago, Rivest, Shamir and Wagner suggested a beautiful candidate time-lock puzzle based on the assumption that exponentiation modulo an RSA integer is an "inherently sequential" computation. We show that various flavors of randomized encodings give rise to time-lock puzzles of varying strengths, whose security can be shown assuming the mere existence of non-parallelizing languages, which are languages that require circuits of depth at least t to decide, in the worst-case. The existence of such languages is necessary for the existence of time-lock puzzles. We instantiate the construction with different randomized encodings from the literature, where increasingly better efficiency is obtained based on increasingly stronger cryptographic assumptions, ranging from one-way functions to indistinguishability obfuscation. We also observe that time-lock puzzles imply one-way functions, and thus the reliance on some cryptographic assumption is necessary. Finally, generalizing the above, we construct other types of puzzles such as proofs of work from randomized encodings and a suitable worst-case hardness assumption (that is necessary for such puzzles to exist).

Date issued

2016-01

URI

http://hdl.handle.net/1721.1/112999

Department

Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory; Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Journal

Proceedings of the 2016 ACM Conference on Innovations in Theoretical Computer Science - ITCS '16

Publisher

Association for Computing Machinery

Citation

Bitansky, Nir, et al. "Time-Lock Puzzles from Randomized Encodings." Proceedings of the 2016 ACM Conference on Innovations in Theoretical Computer Science, ITCS '16, 14-17 January, 2016, Cambridge, MA, ACM Press, 2016, pp. 345–56.

Version: Author's final manuscript

ISSN

978-1-4503-4057-1

Collections

MIT Open Access Articles

DSpace@MIT