Time capsule signature

Yevgeniy Dodis, Dae Hyun Yum

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We introduce a new cryptographic problem called time capsule signature. Time capsule signature is a 'future signature' that becomes valid from a specific future time t, when a trusted third party (called Time Server) publishes some trapdoor information associated with the time t. In addition, time capsule signature should satisfy the following properties: (1) If the signer wants, she can make her time capsule signature effective before the pre-defined time t. (2) The recipient of 'future signature' can verify right away that the signature will become valid no later than at time t. (3) Time Server need not contact any user at any time, and in fact does not need to know anything about the PKI employed by the users. (4) Signatures completed by the signer before time t are indistinguishable from the ones completed using the Time Server at time t. We provide the rigorous definition of time capsule signature and the generic construction based on another new primitive of independent interest, which we call identity-based trapdoor hard-to-invert relation (IDTHIR). We also show an efficient construction of ID-THIRs (and, hence, time capsule signatures) in the random oracle model, and a less efficient construction in the standard model. If the time t is replaced by a specific event, the concept of time capsule signature can be generalized to event capsule signature.

Original languageEnglish (US)
Title of host publicationLecture Notes in Computer Science
EditorsA.S. Patrick, M. Yung
Pages57-71
Number of pages15
Volume3570
StatePublished - 2005
Event9th International Conference on Financial Cryptography and Data Security, FC 2005 - Roseau, Dominican Republic
Duration: Feb 28 2005Mar 3 2005

Other

Other9th International Conference on Financial Cryptography and Data Security, FC 2005
CountryDominican Republic
CityRoseau
Period2/28/053/3/05

Fingerprint

Servers

ASJC Scopus subject areas

  • Computer Science (miscellaneous)

Cite this

Dodis, Y., & Yum, D. H. (2005). Time capsule signature. In A. S. Patrick, & M. Yung (Eds.), Lecture Notes in Computer Science (Vol. 3570, pp. 57-71)

Time capsule signature. / Dodis, Yevgeniy; Yum, Dae Hyun.

Lecture Notes in Computer Science. ed. / A.S. Patrick; M. Yung. Vol. 3570 2005. p. 57-71.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Dodis, Y & Yum, DH 2005, Time capsule signature. in AS Patrick & M Yung (eds), Lecture Notes in Computer Science. vol. 3570, pp. 57-71, 9th International Conference on Financial Cryptography and Data Security, FC 2005, Roseau, Dominican Republic, 2/28/05.
Dodis Y, Yum DH. Time capsule signature. In Patrick AS, Yung M, editors, Lecture Notes in Computer Science. Vol. 3570. 2005. p. 57-71
Dodis, Yevgeniy ; Yum, Dae Hyun. / Time capsule signature. Lecture Notes in Computer Science. editor / A.S. Patrick ; M. Yung. Vol. 3570 2005. pp. 57-71
@inproceedings{a648b89a8c7b478eb8f0ffe78752ac5b,
title = "Time capsule signature",
abstract = "We introduce a new cryptographic problem called time capsule signature. Time capsule signature is a 'future signature' that becomes valid from a specific future time t, when a trusted third party (called Time Server) publishes some trapdoor information associated with the time t. In addition, time capsule signature should satisfy the following properties: (1) If the signer wants, she can make her time capsule signature effective before the pre-defined time t. (2) The recipient of 'future signature' can verify right away that the signature will become valid no later than at time t. (3) Time Server need not contact any user at any time, and in fact does not need to know anything about the PKI employed by the users. (4) Signatures completed by the signer before time t are indistinguishable from the ones completed using the Time Server at time t. We provide the rigorous definition of time capsule signature and the generic construction based on another new primitive of independent interest, which we call identity-based trapdoor hard-to-invert relation (IDTHIR). We also show an efficient construction of ID-THIRs (and, hence, time capsule signatures) in the random oracle model, and a less efficient construction in the standard model. If the time t is replaced by a specific event, the concept of time capsule signature can be generalized to event capsule signature.",
author = "Yevgeniy Dodis and Yum, {Dae Hyun}",
year = "2005",
language = "English (US)",
volume = "3570",
pages = "57--71",
editor = "A.S. Patrick and M. Yung",
booktitle = "Lecture Notes in Computer Science",

}

TY - GEN

T1 - Time capsule signature

AU - Dodis, Yevgeniy

AU - Yum, Dae Hyun

PY - 2005

Y1 - 2005

N2 - We introduce a new cryptographic problem called time capsule signature. Time capsule signature is a 'future signature' that becomes valid from a specific future time t, when a trusted third party (called Time Server) publishes some trapdoor information associated with the time t. In addition, time capsule signature should satisfy the following properties: (1) If the signer wants, she can make her time capsule signature effective before the pre-defined time t. (2) The recipient of 'future signature' can verify right away that the signature will become valid no later than at time t. (3) Time Server need not contact any user at any time, and in fact does not need to know anything about the PKI employed by the users. (4) Signatures completed by the signer before time t are indistinguishable from the ones completed using the Time Server at time t. We provide the rigorous definition of time capsule signature and the generic construction based on another new primitive of independent interest, which we call identity-based trapdoor hard-to-invert relation (IDTHIR). We also show an efficient construction of ID-THIRs (and, hence, time capsule signatures) in the random oracle model, and a less efficient construction in the standard model. If the time t is replaced by a specific event, the concept of time capsule signature can be generalized to event capsule signature.

AB - We introduce a new cryptographic problem called time capsule signature. Time capsule signature is a 'future signature' that becomes valid from a specific future time t, when a trusted third party (called Time Server) publishes some trapdoor information associated with the time t. In addition, time capsule signature should satisfy the following properties: (1) If the signer wants, she can make her time capsule signature effective before the pre-defined time t. (2) The recipient of 'future signature' can verify right away that the signature will become valid no later than at time t. (3) Time Server need not contact any user at any time, and in fact does not need to know anything about the PKI employed by the users. (4) Signatures completed by the signer before time t are indistinguishable from the ones completed using the Time Server at time t. We provide the rigorous definition of time capsule signature and the generic construction based on another new primitive of independent interest, which we call identity-based trapdoor hard-to-invert relation (IDTHIR). We also show an efficient construction of ID-THIRs (and, hence, time capsule signatures) in the random oracle model, and a less efficient construction in the standard model. If the time t is replaced by a specific event, the concept of time capsule signature can be generalized to event capsule signature.

UR - http://www.scopus.com/inward/record.url?scp=26444461506&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=26444461506&partnerID=8YFLogxK

M3 - Conference contribution

VL - 3570

SP - 57

EP - 71

BT - Lecture Notes in Computer Science

A2 - Patrick, A.S.

A2 - Yung, M.

ER -