Abstract
Time-Lock Puzzles (TLPs) are a powerful tool for concealing messages until a predetermined point in time. When solving multiple puzzles, in many cases, it becomes crucial to have the ability to batch-solve puzzles, i.e., simultaneously open multiple puzzles while working to solve a single one. Unfortunately, all previously known TLP constructions that support batch solving rely on super-polynomially secure indistinguishability obfuscation, making them impractical.
In light of this challenge, we present novel TLP constructions that offer batch-solving capabilities without using heavy cryptographic hammers. Our proposed schemes are simple and concretely efficient, and they can be constructed based on well-established cryptographic assumptions based on pairings or learning with errors (LWE). Along the way, we introduce new constructions of puncturable key-homomorphic PRFs both in the lattice and in the pairing setting, which may be of independent interest. Our analysis leverages an interesting connection to Hall’s marriage theorem and incorporates an optimized combinatorial approach, enhancing the practicality and feasibility of our TLP schemes.
Furthermore, we introduce the concept of “rogue-puzzle attacks”, where maliciously crafted puzzle instances may disrupt the batch-solving process of honest puzzles. We then propose constructions of concrete and efficient TLPs designed to prevent such attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
A trivial bound that handles malicious parties is by asking the degree to be equal to the number of puzzles batched. If every party samples a puzzle for each index, we setup a complete bipartite graph and hence a perfect matching in the malicious setting. We refer the interested reader to our full version for an alternate analysis.
- 2.
These parameters have some slack which can be optimized for deploying in real-world systems.
- 3.
This means that we always sample a distinct set.
- 4.
In the unbounded setting, the degree is 1 and the right side of the bipartite graph is the same as the left side.
- 5.
For brevity, we only show the puzzle generation algorithm.
- 6.
For value c in \(\mathbb {Z}_N\) for some q, the prover considers it as a positive integer by setting the output in \(1,\ldots ,N\).
- 7.
For brevity, we only show the puzzle generation algorithm.
- 8.
We’re overloading the notation m from previous sections. It does not match the m in the PPRF construction.
- 9.
It is possible to use a time lock puzzle that is not linearly homomorpic for this evaluation. We chose the TLP from [35] for a more direct comparison with the other two solutions.
References
Banerjee, A., Fuchsbauer, G., Peikert, C., Pietrzak, K., Stevens, S.: Key-homomorphic constrained pseudorandom functions. In: Dodis, Y., Nielsen, J.B. (eds.) Theory of Cryptography, TCC 2015. LNCS, vol. 9015, pp. 31–60. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46497-7_2
Banerjee, A., Peikert, C.: New and improved key-homomorphic pseudorandom functions. In: Garay, J.A., Gennaro, R. (eds.) Advances in Cryptology, CRYPTO 2014. LNCS, vol. 8616, pp. 353–370. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_20
Barak, B., et al.: On the (Im)possibility of obfuscating programs. In: Kilian, J. (ed.) Advances in Cryptology, CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_1
Bitansky, N., Garg, S., Lin, H., Pass, R., Telang, S.: Succinct randomized encodings and their applications. In: Servedio, R.A., Rubinfeld, R. (eds.) STOC. ACM, New York (2015)
Bitansky, N., Goldwasser, S., Jain, A., Paneth, O., Vaikuntanathan, V., Waters, B.: Time-lock puzzles from randomized encodings. In: Sudan, M. (ed.) ITCS (2016)
Blackstone, T.: a16z releases anonymous voting system for ethereum (2023). https://cointelegraph.com/news/a16z-releases-anonymous-voting-system-for-ethereum. Accessed 27 Feb 2024
Boneh, D., Boyen, X.: Secure identity based encryption without random oracles. In: Franklin, M. (ed.) Advances in Cryptology, CRYPTO 2004. LNCS, vol. 3152, pp. 443–459. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28628-8_27
Boneh, D., Goh, E.-J., Nissim, K.: Evaluating 2-DNF formulas on ciphertexts. In: Kilian, J. (ed.) Theory of Cryptography. LNCS, vol. 3378, pp. 325–341. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30576-7_18
Boneh, D., Lewi, K., Montgomery, H., Raghunathan, A.: Key homomorphic PRFs and their applications. In: Canetti, R., Garay, J.A. (eds.) Advances in Cryptology, CRYPTO 2013. LNCS, vol. 8042, pp. 410–428. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_23
Boneh, D., Naor, M.: Timed commitments. In: Bellare, M. (ed.) Advances in Cryptology, CRYPTO 2000. LNCS, vol. 1880, pp. 236–254. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44598-6_15
Brakerski, Z., Döttling, N., Garg, S., Malavolta, G.: Leveraging linear decryption: rate-1 fully-homomorphic encryption and time-lock puzzles. In: Hofheinz, D., Rosen, A. (eds.) TCC (2019)
Brakerski, Z., Döttling, N., Garg, S., Malavolta, G.: Factoring and pairings are not necessary for IO: circular-secure LWE suffices. In: Bojanczyk, M., Merelli, E., Woodruff, D.P. (eds.) ICALP (2022)
Brakerski, Z., Vaikuntanathan, V.: Constrained key-homomorphic PRFs from standard lattice assumptions - or: How to secretly embed a circuit in your PRF. In: Dodis, Y., Nielsen, J.B. (eds.) Theory of Cryptography, TCC 2015. LNCS, vol. 9015, pp. 1–30. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46497-7_1
Burdges, J., De Feo, L.: Delay encryption. In: Canteaut, A., Standaert, F.X. (eds.) Advances in Cryptology, EUROCRYPT 2021. LNCS, vol. 12696, pp. 302–326. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77870-5_11
Carmer, B., Malozemoff, A.J., Raykova, M.: 5Gen-C: multi-input functional encryption and program obfuscation for arithmetic circuits. In: CCS (2017)
Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai trees, or how to delegate a lattice basis. J. Cryptol. 25(4), 601–639 (2012)
Chandran, N., Raghuraman, S., Vinayagamurthy, D.: Reducing depth in constrained PRFs: from bit-fixing to \(\textbf{NC}^1\). In: Cheng, C., Chung, K., Persiano, G., Yang, B. (eds.) Public-Key Cryptography, PKC 2016. LNCS, vol. 9615, pp. 359–385. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49387-8_14
Chen, L., Harrison, K., Soldera, D., Smart, N.P.: Applications of multiple trust authorities in pairing based cryptosystems. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) Infrastructure Security, InfraSec 2002. LNCS, vol. 2437, pp. 260–275. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45831-X_18
Cline, D., Dryja, T., Narula, N.: Clockwork: an exchange protocol for proofs of non front-running. The Stanford Blockchain Conference 2020 (2020)
Döttling, N., Hanzlik, L., Magri, B., Wohnig, S.: McFly: verifiable encryption to the future made practical. In: Baldimtsi, F., Cachin, C. (eds.) Financial Cryptography and Data Security, FC 2023, pp. 252–269. Springer, Cham (2024). https://doi.org/10.1007/978-3-031-47754-6_15
Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Conference on the Theory and Application of Cryptographic Techniques (1986)
Freitag, C., Komargodski, I., Pass, R., Sirkin, N.: Non-malleable time-lock puzzles and applications. In: Nissim, K., Waters, B. (eds.) Theory of Cryptography, TCC 2021. LNCS, vol. 13044, pp. 447–479. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-90456-2_15
Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: FOCS (2013)
Garg, S., Gentry, C., Sahai, A., Waters, B.: Witness encryption and its applications. IACR Cryptol. ePrint Arch. (2013)
Gay, R., Jain, A., Lin, H., Sahai, A.: Indistinguishability obfuscation from simple-to-state hard problems: new assumptions, new techniques, and simplification. In: Canteaut, A., Standaert, F.-X. (eds.) Advances in Cryptology. EUROCRYPT 2021. LNCS, vol. 12698, pp. 97–126. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77883-5_4
Gay, R., Pass, R.: Indistinguishability obfuscation from circular security. In: Khuller, S., Williams, V.V. (eds.) STOC (2021)
Groth, J., Kohlweiss, M., Maller, M., Meiklejohn, S., Miers, I.: Updatable and universal common reference strings with applications to zk-SNARKs. In: Shacham, H., Boldyreva, A. (eds.) Advances in Cryptology. CRYPTO 2018. LNCS, vol. 10993, pp. 698–728. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_24
Hall, P.: On representatives of subsets. J. Lond. Math. Soc. (1935)
Hopcroft, J.E., Karp, R.M.: An n5/2 algorithm for maximum matchings in bipartite graphs. SIAM J. Comput. 2(4), 225–231 (1973)
Jain, A., Lin, H., Sahai, A.: Indistinguishability obfuscation from well-founded assumptions. In: Khuller, S., Williams, V.V. (eds.) STOC (2021)
Jain, A., Lin, H., Sahai, A.: Indistinguishability obfuscation from LPN over \({\mathbb{F}}_p\), DLIN, and PRGs in \(NC^0\). In: Dunkelman, O., Dziembowski, S. (eds.) Advances in Cryptology, EUROCRYPT 2022. LNCS, vol. 13275, pp. 670–699. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-06944-4_23
Lewi, K., et al.: 5Gen: a framework for prototyping applications using multilinear maps and matrix branching programs. In: CCS (2016)
Lin, H., Pass, R., Soni, P.: Two-round concurrent non-malleable commitment from time-lock puzzles. IACR Cryptol. ePrint Arch. (2017)
Liu, J., Kakvi, S.A., Warinschi, B.: Extractable witness encryption and timed-release encryption from bitcoin. IACR Cryptol. ePrint Arch. (2015)
Malavolta, G., Thyagarajan, S.A.K.: Homomorphic time-lock puzzles and applications. In: Boldyreva, A., Micciancio, D. (eds.) Advances in Cryptology, CRYPTO 2019. LNCS, vol. 11692, pp. 620–649. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7_22
Naor, M., Pinkas, B., Reingold, O.: Distributed pseudo-random functions and KDCS. In: Stern, J. (ed.) Advances in Cryptology, EUROCRYPT 1999. LNCS, vol. 1592, pp. 327–346. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_23
Nikolaenko, V., Ragsdale, S., Bonneau, J., Boneh, D.: Powers-of-tau to the people: decentralizing setup ceremonies. IACR Cryptol. ePrint Arch. (2022)
Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto (1996)
Sahai, A., Waters, B.: How to use indistinguishability obfuscation: deniable encryption, and more. In: Shmoys, D.B. (ed.) STOC (2014)
Srinivasan, S., et al.: Transparent batchable time-lock puzzles and applications to Byzantine consensus. In: Boldyreva, A., Kolesnikov, V. (eds.) Public-Key Cryptography. PKC 2023. LNCS, vol. 13940, pp. 554–584. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-31368-4_20
Thyagarajan, S.A.K., Bhat, A., Malavolta, G., Döttling, N., Kate, A., Schröder, D.: Verifiable timed signatures made practical. In: CCS, pp. 1733–1750 (2020)
Thyagarajan, S.A.K., Malavolta, G., Schmid, F., Schröder, D.: Verifiable timed linkable ring signatures for scalable payments for monero. In: Atluri, V., Di Pietro, R., Jensen, C.D., Meng, W. (eds.) Computer Security. ESORICS 2022. LNCS, vol. 13555, pp. 467–486. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-17146-8_23
Wan, J., Xiao, H., Devadas, S., Shi, E.: Round-efficient Byzantine broadcast under strongly adaptive and majority corruptions. In: Pass, R., Pietrzak, K. (eds.) Theory of Cryptography, TCC 2020. LNCS, vol. 12550, pp. 412–456. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64375-1_15
Wee, H., Wichs, D.: Candidate obfuscation via oblivious LWE sampling. In: Canteaut, A., Standaert, F. (eds.) Advances in Cryptology. EUROCRYPT 2021. LNCS, vol. 12698, pp. 127–156. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77883-5_5
Acknowledgments
We thank George Lu, Brent Waters and David Wu for helpful discussions on removing coordination amongst parties. We thank Nico Döttling for helpful discussions on the lattice-based puncturable PRF.
J. D. was funded by the European Union (ERC, LACONIC, 101041207). Views and opinions expressed are, however, those of the author(s) only and do not necessarily reflect those of the European Union or the European Research Council. Neither the European Union nor the granting authority can be held responsible for them. G. M. was supported by the European Research Council through an ERC Starting Grant (Grant agreement No. 101077455, ObfusQation).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 International Association for Cryptologic Research
About this paper
Cite this paper
Dujmovic, J., Garg, R., Malavolta, G. (2024). Time-Lock Puzzles with Efficient Batch Solving. In: Joye, M., Leander, G. (eds) Advances in Cryptology – EUROCRYPT 2024. EUROCRYPT 2024. Lecture Notes in Computer Science, vol 14652. Springer, Cham. https://doi.org/10.1007/978-3-031-58723-8_11
Download citation
DOI: https://doi.org/10.1007/978-3-031-58723-8_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-58722-1
Online ISBN: 978-3-031-58723-8
eBook Packages: Computer ScienceComputer Science (R0)