Abstract
A whistleblower is a person who leaks sensitive information on a prominent individual or organisation engaging in an unlawful or immoral activity. Whistleblowing has the potential to mitigate corruption and fraud by identifying the misuse of capital. In extreme cases whistleblowing can also raise awareness about unethical practices to individuals by highlighting dangerous working conditions. Obtaining and sharing the sensitive information associated with whistleblowing can carry great risk to the individual or party revealing the data. In this paper we extend the notion of timed-release encryption to include a new security property which we term implicit authentication, with the goal of making the practice of whistleblowing safer.
We formally define the new primitive of timed-release encryption with implicit authentication (TRE-IA), providing rigorous game-base definitions. We then build a practical TRE-IA construction that satisfies the security requirements of this primitive, using repeated squaring in an RSA group, and the RSA-OAEP encryption scheme. We formally prove our construction secure and provide a performance analysis of our implementation in Python along with recommendations for practical deployment and integration with an existing whistleblowing tool SecureDrop.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Numerical analysis also indicated that over thousands of trials, independent of the size of \(\phi (N)\), the average number of iterations the while loop must run until a suitable challenge was found was 3.3.
References
Edward Snowden’s Motive Revealed: He Can ‘Sleep at Night’ (2014). https://www.nbcnews.com/feature/edward-snowden-interview/edward-snowdens-motive-revealed-he-can-sleep-night-n116851
SecureDrop Whistleblower Submission System (2021). https://securedrop.org
Signal Messaging (2021). https://signal.org/en
The Tor Project (2021). https://www.torproject.org
Abdi, H.: Coefficient of variation. In: Encyclopedia of Research Design (2010)
Barker, E., Chen, L., Roginsky, A., Vassilev, A., Davis, R., Simon, S.: SP 800-56b rev. 2, recommendation for pair-wise key-establishment using integer factorization cryptography. ITL Computer Security Resource Center (2019)
Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44448-3_41
Bellare, M., Rogaway, P.: Optimal asymmetric encryption. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92–111. Springer, Heidelberg (1995). https://doi.org/10.1007/BFb0053428
Berglez, P., Gearing, A.: The panama and paradise papers. The rise of a global fourth estate. Int. J. Commun. 12, 20 (2018)
Berti, F., Koeune, F., Pereira, O., Peters, T., Standaert, F.: Ciphertext integrity with misuse and leakage: definition and efficient constructions with symmetric primitives. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 37–50 (2018)
Blum, L., Blum, M., Shub, M.: A simple unpredictable pseudo-random number generator. J. Comput. 15, 364–383 (1986)
Boneh, D., Bonneau, J., Bünz, B., Fisch, B.: Verifiable delay functions. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 757–788. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96884-1_25
Boneh, D., Naor, M.: Timed commitments. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 236–254. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44598-6_15
Burdges, J., De Feo, L.: Delay encryption. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12696, pp. 302–326. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77870-5_11
Carmichael, R.: Note on a new number theory function. Bull. Am. Math. Soc. (1910)
Cathalo, J., Libert, B., Quisquater, J.-J.: Efficient and non-interactive timed-release encryption. In: Qing, S., Mao, W., López, J., Wang, G. (eds.) ICICS 2005. LNCS, vol. 3783, pp. 291–303. Springer, Heidelberg (2005). https://doi.org/10.1007/11602897_25
Chvojka, P., Jager, T., Slamanig, D., Striecks, C.: Versatile and sustainable timed-release encryption and sequential time-lock puzzles (extended abstract). In: Bertino, E., Shulman, H., Waidner, M. (eds.) ESORICS 2021. LNCS, vol. 12973, pp. 64–85. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-88428-4_4
Cormen, T., Leiserson, C., Rivest, R., Stein, C.: Introduction to Algorithms. MIT Press, Cambridge (2009)
Friedlander, J., Pomerance, C., Shparlinski, I.: Period of the power generator and small values of Carmichael’s function. Am. Math. Soc. Math. Comput. 70, 1591–1605 (2000)
Fujisaki, E., Okamoto, T., Pointcheval, D., Stern, J.: RSA-OAEP is secure under the RSA assumption. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 260–274. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_16
Garside, J.: Panama Papers: inside the Guardian’s investigation into offshore secrets (2016). https://www.theguardian.com/news/2016/apr/16/panama-papers-inside-the-guardians-investigation-into-offshore-secrets
Gauss, C.: Disquisitiones Arithmeticae. Yale University Press (2009)
Griffin, F., Shparlinski, I.: On the linear complexity profile of the power generator. IEEE Trans. Inf. Theory 46, 2159–2162 (2000)
Hardy, G., Wright, E.: An Introduction to the Theory of Numbers. Oxford University Press, Oxford (1979)
Katz, J., Lindell, Y.: Introduction to Modern Cryptography, 2nd edn. CRC Press, Boca Raton (2014)
Lenstra, A.K., Shparlinski, I.E.: Selective forgery of RSA signatures with fixed-pattern padding. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 228–236. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45664-3_16
Liedtke, M., Mattise, J.: Leaked “pandora papers” expose how billionaires and corrupt leaders hide wealth. Guardian (Sydney) (2021)
Loe, A., Medley, L., O’Connell, C., Quaglia, E.: TIDE: a novel approach to constructing timed-release encryption. In: Nguyen, K., Yang, G., Guo, F., Susilo, W. (eds.) ACISP 2022. LNCS, vol. 13494, pp. 244–264. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-22301-3_13
Mao, W.: Timed-release cryptography. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 342–357. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45537-X_27
Girault, M., Misarsky, J.-F.: Selective forgery of RSA signatures using redundancy. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 495–507. Springer, Heidelberg (1997). https://doi.org/10.1007/3-540-69053-0_34
Miller, G.: Riemann’s hypothesis and tests for primality. J. Comput. Syst. Sci. 13(3), 300–317 (1976)
O’Donovan, J., Wagner, H., Zeume, S.: The value of offshore secrets: evidence from the panama papers. Rev. Financ. Stud. 32, 4117–4155 (2019)
Pietrzak, K.: Simple verifiable delay functions. In: 10th Innovations in Theoretical Computer Science Conference, ITCS 201 (2019)
Rabin, M.: Digitalized signatures and public-key functions as intractable as factorization. MIT/LCS/TR-212, MIT Laboratory for Computer Science (1979)
Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 120–126 (1983)
Rivest, R., Shamir, A., Wagner, D.: Time-lock puzzles and timed-release crypto. MIT/LCS/TR-684, MIT Laboratory for Computer Science (1996)
Scheuerman, W.: Whistleblowing as civil disobedience: the case of Edward Snowden. Philos. Soc. Criticism 40, 609–628 (2014)
Verble, J.: The NSA and Edward Snowden: surveillance in the 21st century. ACM SIGCAS Comput. Soc. 44, 14–20 (2014)
Wesolowski, B.: Efficient verifiable delay functions. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11478, pp. 379–407. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17659-4_13
Westfall, P.: Kurtosis as Peakedness. Am. Stat. 68, 91–195 (2014)
Zheng, Y.: Digital signcryption or how to achieve cost (signature & encryption) \(\ll \) cost(signature) + cost(encryption). In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 165–179. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052234
Zheng, Y.: A new efficient signcryption scheme in the standard model. Secur. Commun. Netw. 8(5), 703–878 (2015)
Zheng, Y., Imai, H.: How to construct efficient signcryption schemes on elliptic curves. In: Proceedings of IFIP SEC98, vol. 68, no. 5, pp. 227–233 (1998)
Zimmerman, P.: Why I Wrote PGP, Essays on PGP. Phil Zimmermann and Associates LLC (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Loe, A., Medley, L., O’Connell, C., Quaglia, E.A. (2023). Applications of Timed-Release Encryption with Implicit Authentication. In: El Mrabet, N., De Feo, L., Duquesne, S. (eds) Progress in Cryptology - AFRICACRYPT 2023. AFRICACRYPT 2023. Lecture Notes in Computer Science, vol 14064. Springer, Cham. https://doi.org/10.1007/978-3-031-37679-5_21
Download citation
DOI: https://doi.org/10.1007/978-3-031-37679-5_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-37678-8
Online ISBN: 978-3-031-37679-5
eBook Packages: Computer ScienceComputer Science (R0)