### Abstract

We introduce a new cryptographic problem called time capsule signature. Time capsule signature is a 'future signature' that becomes valid from a specific future time t, when a trusted third party (called Time Server) publishes some trapdoor information associated with the time t. In addition, time capsule signature should satisfy the following properties: (1) If the signer wants, she can make her time capsule signature effective before the pre-defined time t. (2) The recipient of 'future signature' can verify right away that the signature will become valid no later than at time t. (3) Time Server need not contact any user at any time, and in fact does not need to know anything about the PKI employed by the users. (4) Signatures completed by the signer before time t are indistinguishable from the ones completed using the Time Server at time t. We provide the rigorous definition of time capsule signature and the generic construction based on another new primitive of independent interest, which we call identity-based trapdoor hard-to-invert relation (IDTHIR). We also show an efficient construction of ID-THIRs (and, hence, time capsule signatures) in the random oracle model, and a less efficient construction in the standard model. If the time t is replaced by a specific event, the concept of time capsule signature can be generalized to event capsule signature.

Original language | English (US) |
---|---|

Title of host publication | Lecture Notes in Computer Science |

Editors | A.S. Patrick, M. Yung |

Pages | 57-71 |

Number of pages | 15 |

Volume | 3570 |

State | Published - 2005 |

Event | 9th International Conference on Financial Cryptography and Data Security, FC 2005 - Roseau, Dominican Republic Duration: Feb 28 2005 → Mar 3 2005 |

### Other

Other | 9th International Conference on Financial Cryptography and Data Security, FC 2005 |
---|---|

Country | Dominican Republic |

City | Roseau |

Period | 2/28/05 → 3/3/05 |

### Fingerprint

### ASJC Scopus subject areas

- Computer Science (miscellaneous)

### Cite this

*Lecture Notes in Computer Science*(Vol. 3570, pp. 57-71)

**Time capsule signature.** / Dodis, Yevgeniy; Yum, Dae Hyun.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

*Lecture Notes in Computer Science.*vol. 3570, pp. 57-71, 9th International Conference on Financial Cryptography and Data Security, FC 2005, Roseau, Dominican Republic, 2/28/05.

}

TY - GEN

T1 - Time capsule signature

AU - Dodis, Yevgeniy

AU - Yum, Dae Hyun

PY - 2005

Y1 - 2005

N2 - We introduce a new cryptographic problem called time capsule signature. Time capsule signature is a 'future signature' that becomes valid from a specific future time t, when a trusted third party (called Time Server) publishes some trapdoor information associated with the time t. In addition, time capsule signature should satisfy the following properties: (1) If the signer wants, she can make her time capsule signature effective before the pre-defined time t. (2) The recipient of 'future signature' can verify right away that the signature will become valid no later than at time t. (3) Time Server need not contact any user at any time, and in fact does not need to know anything about the PKI employed by the users. (4) Signatures completed by the signer before time t are indistinguishable from the ones completed using the Time Server at time t. We provide the rigorous definition of time capsule signature and the generic construction based on another new primitive of independent interest, which we call identity-based trapdoor hard-to-invert relation (IDTHIR). We also show an efficient construction of ID-THIRs (and, hence, time capsule signatures) in the random oracle model, and a less efficient construction in the standard model. If the time t is replaced by a specific event, the concept of time capsule signature can be generalized to event capsule signature.

AB - We introduce a new cryptographic problem called time capsule signature. Time capsule signature is a 'future signature' that becomes valid from a specific future time t, when a trusted third party (called Time Server) publishes some trapdoor information associated with the time t. In addition, time capsule signature should satisfy the following properties: (1) If the signer wants, she can make her time capsule signature effective before the pre-defined time t. (2) The recipient of 'future signature' can verify right away that the signature will become valid no later than at time t. (3) Time Server need not contact any user at any time, and in fact does not need to know anything about the PKI employed by the users. (4) Signatures completed by the signer before time t are indistinguishable from the ones completed using the Time Server at time t. We provide the rigorous definition of time capsule signature and the generic construction based on another new primitive of independent interest, which we call identity-based trapdoor hard-to-invert relation (IDTHIR). We also show an efficient construction of ID-THIRs (and, hence, time capsule signatures) in the random oracle model, and a less efficient construction in the standard model. If the time t is replaced by a specific event, the concept of time capsule signature can be generalized to event capsule signature.

UR - http://www.scopus.com/inward/record.url?scp=26444461506&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=26444461506&partnerID=8YFLogxK

M3 - Conference contribution

VL - 3570

SP - 57

EP - 71

BT - Lecture Notes in Computer Science

A2 - Patrick, A.S.

A2 - Yung, M.

ER -