Conditional Oblivious Transfer and Timed-Release Encryption

  • Giovanni Di Crescenzo
  • Rafail Ostrovsky
  • Sivaramakrishnan Rajagopalan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1592)


We consider the problem of sending messages “into the future.” Previous constructions for this task were either based on heuristic assumptions or did not provide anonymity to the sender of the message. In the public-key setting, we present an efficient and secure timed-release encryption scheme using a “time server” which inputs the current time into the system. The server has to only interact with the receiver and never learns the sender’s identity. The scheme’s computational and communicational cost per request are only logarithmic in the time parameter. The construction of our scheme is based on a novel cryptographic primitive: a variant of oblivious transfer which we call conditional oblivious transfer. We define this primitive (which may be of independent interest) and show an efficient construction for an instance of this new primitive based on the quadratic residuosity assumption.


  1. 1.
    E. Bach and J. Shallit, Algorithmic Number Theory, MIT Press, 1996.Google Scholar
  2. 2.
    M. Bellare and S. Goldwasser, Encapsulated Key-Escrow, MIT Tech. Report 688, April 1996.Google Scholar
  3. 3.
    G. Brassard, C. Crépeau, and J.-M. Robert, Information Theoretic Reductions among Disclosure Problems, in Proc. of FOCS 86.Google Scholar
  4. 4.
    M. Ben-or, S. Goldwasser, and A. Wigderson, Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation, in Proc. of STOC 88.Google Scholar
  5. 5.
    M. Blum, A. De Santis, S. Micali, and G. Persiano, Non-Interactive Zero-Knowledge, SIAM Journal of Computing, vol. 20, no. 6, Dec 1991, pp. 1084–1118.zbMATHCrossRefGoogle Scholar
  6. 6.
    M. Blum, P. Feldman, and S. Micali, Non-Interactive Zero-Knowledge and Applications, in Proc. of STOC 88.Google Scholar
  7. 7.
    R. Cramer and V. Shoup, A Practical Cryptosystem Provably Secure under Chosen Ciphertext Attack, in Proc. of CRYPTO 98.Google Scholar
  8. 8.
    C. Crépeau, Equivalence between Two Flavors of Oblivious Transfer, in Proc. of CRYPTO 87.Google Scholar
  9. 9.
    C. Crépeau and J. Kilian, Achieving Oblivious Transfer Using Weakened Security Assumptions, in Proc. of FOCS 1988.Google Scholar
  10. 10.
    D. Chaum, C. Crepeau, and I. Damgard, Multiparty Unconditionally Secure Protocols, in Proc. of STOC 88.Google Scholar
  11. 11.
    A. De Santis, G. Di Crescenzo, and G. Persiano, The Knowledge Complexity of Quadratic Residuosity Languages, Theoretical Computer Science, vol. 132, (1994), pp. 291–317.zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    A. De Santis, G. Di Crescenzo, and G. Persiano, Zero-Knowledge Arguments and Public-Key Cryptography, Information and Computation, vol. 121, (1995), pp. 23–40.zbMATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    A. De Santis and G. Persiano, Public Randomness in Public-Key Cryptography, in Proc. of EUROCRYPT 92.Google Scholar
  14. 14.
    D. Dolev, C. Dwork, and M. Naor, Non-Malleable Cryptography, in Proc. of STOC 91.Google Scholar
  15. 15.
    S. Even, O. Goldreich and A. Lempel, A Randomized Protocol for Signing Contracts, Communications of ACM, vol. 28, 1985, pp. 637–647.CrossRefMathSciNetGoogle Scholar
  16. 16.
    O. Goldreich, Secure Multi-Party Computation, 1998. First draft available at∼oded
  17. 17.
    O. Goldreich, S. Micali, and A. Wigderson, How to Play any Mental Game, in Proc. of STOC 87.Google Scholar
  18. 18.
    S. Goldwasser and S. Micali, Probabilistic Encryption, in Journal of Computer and System Sciences. vol. 28 (1984), n. 2, pp. 270–299.zbMATHCrossRefMathSciNetGoogle Scholar
  19. 19.
    J. Kilian, Basing Cryptography on Oblivious Transfer, in Proc. of STOC 88.Google Scholar
  20. 20.
    J. Kilian, S. Micali and R. Ostrovsky Minimum-Resource Zero-Knowledge Proofs, in Proc. of FOCS 89.Google Scholar
  21. 21.
    E. Kushilevitz, S. Micali, and R. Ostrovsky, Reducibility and Completeness in Multi-Party Private Computations, Proc. of FOCS 94 (full version joint with J. Kilian to appear in SICOMP).Google Scholar
  22. 22.
    T. May, Timed-Release Crypto, Manuscript.Google Scholar
  23. 23.
    R.C. Merkle, Secure Communications over insecure channels Communications of the ACM, 21:291–299, April 1978.CrossRefGoogle Scholar
  24. 24.
    R. Ostrovsky and B. Patt-Shamir, Optimal and Efficient Clock Synchronization Under Drifting Clocks, in Proc. of PODC 99, to appear.Google Scholar
  25. 25.
    R. Ostrovsky, R. Venkatesan, and M. Yung, Fair Games Against an All-Powerful Adversary, in Proc. of SEQUENCES 91, Positano, Italy. Final version in AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science, vol. 13, pp. 155–169, 1993.Google Scholar
  26. 26.
    M. Rabin, How to Exchange Secrets by Oblivious Transfer, TR-81 Aiken Computation Laboratory, Harvard, 1981.Google Scholar
  27. 27.
    R. Rivest, A. Shamir, and D. Wagner, Time-Lock Puzzles and Timed-Release Crypto, manuscript at rivest.
  28. 28.
    A.C. Yao, Protocols for Secure Computations, in Proc. of FOCS 82.Google Scholar
  29. 29.
    A.C. Yao, How to Generate and Exchange Secrets, in Proc. of FOCS 86.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Giovanni Di Crescenzo
    • 1
  • Rafail Ostrovsky
    • 2
  • Sivaramakrishnan Rajagopalan
    • 2
  1. 1.Computer Science DepartmentUniversity of California San DiegoLa JollaUSA
  2. 2.Bell Communications ResearchMorristownUSA

Personalised recommendations