Time-Lock Puzzles from Randomized Encodings

dc.contributor.author	Jain, Abhishek
dc.contributor.author	Paneth, Omer
dc.contributor.author	Waters, Brent
dc.contributor.author	Bitansky, Nir
dc.contributor.author	Goldwasser, Shafrira
dc.contributor.author	Vaikuntanathan, Vinod
dc.date.accessioned	2017-12-29T20:42:53Z
dc.date.available	2017-12-29T20:42:53Z
dc.date.issued	2016-01
dc.identifier.issn	978-1-4503-4057-1
dc.identifier.uri	http://hdl.handle.net/1721.1/112999
dc.description.abstract	Time-lock puzzles are a mechanism for sending messages "to the future". A sender can quickly generate a puzzle with a solution s that remains hidden until a moderately large amount of time t has elapsed. The solution s should be hidden from any adversary that runs in time significantly less than t, including resourceful parallel adversaries with polynomially many processors. While the notion of time-lock puzzles has been around for 22 years, there has only been a single candidate proposed. Fifteen years ago, Rivest, Shamir and Wagner suggested a beautiful candidate time-lock puzzle based on the assumption that exponentiation modulo an RSA integer is an "inherently sequential" computation. We show that various flavors of randomized encodings give rise to time-lock puzzles of varying strengths, whose security can be shown assuming the mere existence of non-parallelizing languages, which are languages that require circuits of depth at least t to decide, in the worst-case. The existence of such languages is necessary for the existence of time-lock puzzles. We instantiate the construction with different randomized encodings from the literature, where increasingly better efficiency is obtained based on increasingly stronger cryptographic assumptions, ranging from one-way functions to indistinguishability obfuscation. We also observe that time-lock puzzles imply one-way functions, and thus the reliance on some cryptographic assumption is necessary. Finally, generalizing the above, we construct other types of puzzles such as proofs of work from randomized encodings and a suitable worst-case hardness assumption (that is necessary for such puzzles to exist).	en_US
dc.language.iso	en_US
dc.publisher	Association for Computing Machinery	en_US
dc.relation.isversionof	http://dx.doi.org/10.1145/2840728.2840745	en_US
dc.rights	Creative Commons Attribution-Noncommercial-Share Alike	en_US
dc.rights.uri	http://creativecommons.org/licenses/by-nc-sa/4.0/	en_US
dc.source	MIT Web Domain	en_US
dc.title	Time-Lock Puzzles from Randomized Encodings	en_US
dc.type	Article	en_US
dc.identifier.citation	Bitansky, Nir, et al. "Time-Lock Puzzles from Randomized Encodings." Proceedings of the 2016 ACM Conference on Innovations in Theoretical Computer Science, ITCS '16, 14-17 January, 2016, Cambridge, MA, ACM Press, 2016, pp. 345–56.	en_US
dc.contributor.department	Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory	en_US
dc.contributor.department	Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science	en_US
dc.contributor.mitauthor	Bitansky, Nir
dc.contributor.mitauthor	Goldwasser, Shafrira
dc.contributor.mitauthor	Vaikuntanathan, Vinod
dc.relation.journal	Proceedings of the 2016 ACM Conference on Innovations in Theoretical Computer Science - ITCS '16	en_US
dc.identifier.mitlicense	OPEN_ACCESS_POLICY	en_US
dc.eprint.version	Author's final manuscript	en_US
dc.type.uri	http://purl.org/eprint/type/ConferencePaper	en_US
eprint.status	http://purl.org/eprint/status/NonPeerReviewed	en_US
dspace.orderedauthors	Bitansky, Nir; Goldwasser, Shafi; Jain, Abhishek; Paneth, Omer; Vaikuntanathan, Vinod; Waters, Brent	en_US
dspace.embargo.terms	N	en_US
dc.identifier.orcid	https://orcid.org/0000-0001-8361-6035
dc.identifier.orcid	https://orcid.org/0000-0003-4728-1535
dc.identifier.orcid	https://orcid.org/0000-0002-2666-0045