Skip to main content

Time-Lock Puzzles with Efficient Batch Solving

  • Conference paper
  • First Online:
Advances in Cryptology – EUROCRYPT 2024 (EUROCRYPT 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14652))

Abstract

Time-Lock Puzzles (TLPs) are a powerful tool for concealing messages until a predetermined point in time. When solving multiple puzzles, in many cases, it becomes crucial to have the ability to batch-solve puzzles, i.e., simultaneously open multiple puzzles while working to solve a single one. Unfortunately, all previously known TLP constructions that support batch solving rely on super-polynomially secure indistinguishability obfuscation, making them impractical.

In light of this challenge, we present novel TLP constructions that offer batch-solving capabilities without using heavy cryptographic hammers. Our proposed schemes are simple and concretely efficient, and they can be constructed based on well-established cryptographic assumptions based on pairings or learning with errors (LWE). Along the way, we introduce new constructions of puncturable key-homomorphic PRFs both in the lattice and in the pairing setting, which may be of independent interest. Our analysis leverages an interesting connection to Hall’s marriage theorem and incorporates an optimized combinatorial approach, enhancing the practicality and feasibility of our TLP schemes.

Furthermore, we introduce the concept of “rogue-puzzle attacks”, where maliciously crafted puzzle instances may disrupt the batch-solving process of honest puzzles. We then propose constructions of concrete and efficient TLPs designed to prevent such attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    A trivial bound that handles malicious parties is by asking the degree to be equal to the number of puzzles batched. If every party samples a puzzle for each index, we setup a complete bipartite graph and hence a perfect matching in the malicious setting. We refer the interested reader to our full version for an alternate analysis.

  2. 2.

    These parameters have some slack which can be optimized for deploying in real-world systems.

  3. 3.

    This means that we always sample a distinct set.

  4. 4.

    In the unbounded setting, the degree is 1 and the right side of the bipartite graph is the same as the left side.

  5. 5.

    For brevity, we only show the puzzle generation algorithm.

  6. 6.

    For value c in \(\mathbb {Z}_N\) for some q, the prover considers it as a positive integer by setting the output in \(1,\ldots ,N\).

  7. 7.

    For brevity, we only show the puzzle generation algorithm.

  8. 8.

    We’re overloading the notation m from previous sections. It does not match the m in the PPRF construction.

  9. 9.

    It is possible to use a time lock puzzle that is not linearly homomorpic for this evaluation. We chose the TLP from [35] for a more direct comparison with the other two solutions.

References

  1. Banerjee, A., Fuchsbauer, G., Peikert, C., Pietrzak, K., Stevens, S.: Key-homomorphic constrained pseudorandom functions. In: Dodis, Y., Nielsen, J.B. (eds.) Theory of Cryptography, TCC 2015. LNCS, vol. 9015, pp. 31–60. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46497-7_2

  2. Banerjee, A., Peikert, C.: New and improved key-homomorphic pseudorandom functions. In: Garay, J.A., Gennaro, R. (eds.) Advances in Cryptology, CRYPTO 2014. LNCS, vol. 8616, pp. 353–370. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_20

  3. Barak, B., et al.: On the (Im)possibility of obfuscating programs. In: Kilian, J. (ed.) Advances in Cryptology, CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_1

  4. Bitansky, N., Garg, S., Lin, H., Pass, R., Telang, S.: Succinct randomized encodings and their applications. In: Servedio, R.A., Rubinfeld, R. (eds.) STOC. ACM, New York (2015)

    Google Scholar 

  5. Bitansky, N., Goldwasser, S., Jain, A., Paneth, O., Vaikuntanathan, V., Waters, B.: Time-lock puzzles from randomized encodings. In: Sudan, M. (ed.) ITCS (2016)

    Google Scholar 

  6. Blackstone, T.: a16z releases anonymous voting system for ethereum (2023). https://cointelegraph.com/news/a16z-releases-anonymous-voting-system-for-ethereum. Accessed 27 Feb 2024

  7. Boneh, D., Boyen, X.: Secure identity based encryption without random oracles. In: Franklin, M. (ed.) Advances in Cryptology, CRYPTO 2004. LNCS, vol. 3152, pp. 443–459. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28628-8_27

  8. Boneh, D., Goh, E.-J., Nissim, K.: Evaluating 2-DNF formulas on ciphertexts. In: Kilian, J. (ed.) Theory of Cryptography. LNCS, vol. 3378, pp. 325–341. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30576-7_18

  9. Boneh, D., Lewi, K., Montgomery, H., Raghunathan, A.: Key homomorphic PRFs and their applications. In: Canetti, R., Garay, J.A. (eds.) Advances in Cryptology, CRYPTO 2013. LNCS, vol. 8042, pp. 410–428. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_23

  10. Boneh, D., Naor, M.: Timed commitments. In: Bellare, M. (ed.) Advances in Cryptology, CRYPTO 2000. LNCS, vol. 1880, pp. 236–254. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44598-6_15

  11. Brakerski, Z., Döttling, N., Garg, S., Malavolta, G.: Leveraging linear decryption: rate-1 fully-homomorphic encryption and time-lock puzzles. In: Hofheinz, D., Rosen, A. (eds.) TCC (2019)

    Google Scholar 

  12. Brakerski, Z., Döttling, N., Garg, S., Malavolta, G.: Factoring and pairings are not necessary for IO: circular-secure LWE suffices. In: Bojanczyk, M., Merelli, E., Woodruff, D.P. (eds.) ICALP (2022)

    Google Scholar 

  13. Brakerski, Z., Vaikuntanathan, V.: Constrained key-homomorphic PRFs from standard lattice assumptions - or: How to secretly embed a circuit in your PRF. In: Dodis, Y., Nielsen, J.B. (eds.) Theory of Cryptography, TCC 2015. LNCS, vol. 9015, pp. 1–30. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46497-7_1

  14. Burdges, J., De Feo, L.: Delay encryption. In: Canteaut, A., Standaert, F.X. (eds.) Advances in Cryptology, EUROCRYPT 2021. LNCS, vol. 12696, pp. 302–326. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77870-5_11

  15. Carmer, B., Malozemoff, A.J., Raykova, M.: 5Gen-C: multi-input functional encryption and program obfuscation for arithmetic circuits. In: CCS (2017)

    Google Scholar 

  16. Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai trees, or how to delegate a lattice basis. J. Cryptol. 25(4), 601–639 (2012)

    Google Scholar 

  17. Chandran, N., Raghuraman, S., Vinayagamurthy, D.: Reducing depth in constrained PRFs: from bit-fixing to \(\textbf{NC}^1\). In: Cheng, C., Chung, K., Persiano, G., Yang, B. (eds.) Public-Key Cryptography, PKC 2016. LNCS, vol. 9615, pp. 359–385. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49387-8_14

  18. Chen, L., Harrison, K., Soldera, D., Smart, N.P.: Applications of multiple trust authorities in pairing based cryptosystems. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) Infrastructure Security, InfraSec 2002. LNCS, vol. 2437, pp. 260–275. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45831-X_18

  19. Cline, D., Dryja, T., Narula, N.: Clockwork: an exchange protocol for proofs of non front-running. The Stanford Blockchain Conference 2020 (2020)

    Google Scholar 

  20. Döttling, N., Hanzlik, L., Magri, B., Wohnig, S.: McFly: verifiable encryption to the future made practical. In: Baldimtsi, F., Cachin, C. (eds.) Financial Cryptography and Data Security, FC 2023, pp. 252–269. Springer, Cham (2024). https://doi.org/10.1007/978-3-031-47754-6_15

  21. Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Conference on the Theory and Application of Cryptographic Techniques (1986)

    Google Scholar 

  22. Freitag, C., Komargodski, I., Pass, R., Sirkin, N.: Non-malleable time-lock puzzles and applications. In: Nissim, K., Waters, B. (eds.) Theory of Cryptography, TCC 2021. LNCS, vol. 13044, pp. 447–479. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-90456-2_15

  23. Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: FOCS (2013)

    Google Scholar 

  24. Garg, S., Gentry, C., Sahai, A., Waters, B.: Witness encryption and its applications. IACR Cryptol. ePrint Arch. (2013)

    Google Scholar 

  25. Gay, R., Jain, A., Lin, H., Sahai, A.: Indistinguishability obfuscation from simple-to-state hard problems: new assumptions, new techniques, and simplification. In: Canteaut, A., Standaert, F.-X. (eds.) Advances in Cryptology. EUROCRYPT 2021. LNCS, vol. 12698, pp. 97–126. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77883-5_4

  26. Gay, R., Pass, R.: Indistinguishability obfuscation from circular security. In: Khuller, S., Williams, V.V. (eds.) STOC (2021)

    Google Scholar 

  27. Groth, J., Kohlweiss, M., Maller, M., Meiklejohn, S., Miers, I.: Updatable and universal common reference strings with applications to zk-SNARKs. In: Shacham, H., Boldyreva, A. (eds.) Advances in Cryptology. CRYPTO 2018. LNCS, vol. 10993, pp. 698–728. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_24

  28. Hall, P.: On representatives of subsets. J. Lond. Math. Soc. (1935)

    Google Scholar 

  29. Hopcroft, J.E., Karp, R.M.: An n5/2 algorithm for maximum matchings in bipartite graphs. SIAM J. Comput. 2(4), 225–231 (1973)

    Google Scholar 

  30. Jain, A., Lin, H., Sahai, A.: Indistinguishability obfuscation from well-founded assumptions. In: Khuller, S., Williams, V.V. (eds.) STOC (2021)

    Google Scholar 

  31. Jain, A., Lin, H., Sahai, A.: Indistinguishability obfuscation from LPN over \({\mathbb{F}}_p\), DLIN, and PRGs in \(NC^0\). In: Dunkelman, O., Dziembowski, S. (eds.) Advances in Cryptology, EUROCRYPT 2022. LNCS, vol. 13275, pp. 670–699. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-06944-4_23

  32. Lewi, K., et al.: 5Gen: a framework for prototyping applications using multilinear maps and matrix branching programs. In: CCS (2016)

    Google Scholar 

  33. Lin, H., Pass, R., Soni, P.: Two-round concurrent non-malleable commitment from time-lock puzzles. IACR Cryptol. ePrint Arch. (2017)

    Google Scholar 

  34. Liu, J., Kakvi, S.A., Warinschi, B.: Extractable witness encryption and timed-release encryption from bitcoin. IACR Cryptol. ePrint Arch. (2015)

    Google Scholar 

  35. Malavolta, G., Thyagarajan, S.A.K.: Homomorphic time-lock puzzles and applications. In: Boldyreva, A., Micciancio, D. (eds.) Advances in Cryptology, CRYPTO 2019. LNCS, vol. 11692, pp. 620–649. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7_22

  36. Naor, M., Pinkas, B., Reingold, O.: Distributed pseudo-random functions and KDCS. In: Stern, J. (ed.) Advances in Cryptology, EUROCRYPT 1999. LNCS, vol. 1592, pp. 327–346. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_23

  37. Nikolaenko, V., Ragsdale, S., Bonneau, J., Boneh, D.: Powers-of-tau to the people: decentralizing setup ceremonies. IACR Cryptol. ePrint Arch. (2022)

    Google Scholar 

  38. Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto (1996)

    Google Scholar 

  39. Sahai, A., Waters, B.: How to use indistinguishability obfuscation: deniable encryption, and more. In: Shmoys, D.B. (ed.) STOC (2014)

    Google Scholar 

  40. Srinivasan, S., et al.: Transparent batchable time-lock puzzles and applications to Byzantine consensus. In: Boldyreva, A., Kolesnikov, V. (eds.) Public-Key Cryptography. PKC 2023. LNCS, vol. 13940, pp. 554–584. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-31368-4_20

  41. Thyagarajan, S.A.K., Bhat, A., Malavolta, G., Döttling, N., Kate, A., Schröder, D.: Verifiable timed signatures made practical. In: CCS, pp. 1733–1750 (2020)

    Google Scholar 

  42. Thyagarajan, S.A.K., Malavolta, G., Schmid, F., Schröder, D.: Verifiable timed linkable ring signatures for scalable payments for monero. In: Atluri, V., Di Pietro, R., Jensen, C.D., Meng, W. (eds.) Computer Security. ESORICS 2022. LNCS, vol. 13555, pp. 467–486. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-17146-8_23

  43. Wan, J., Xiao, H., Devadas, S., Shi, E.: Round-efficient Byzantine broadcast under strongly adaptive and majority corruptions. In: Pass, R., Pietrzak, K. (eds.) Theory of Cryptography, TCC 2020. LNCS, vol. 12550, pp. 412–456. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64375-1_15

  44. Wee, H., Wichs, D.: Candidate obfuscation via oblivious LWE sampling. In: Canteaut, A., Standaert, F. (eds.) Advances in Cryptology. EUROCRYPT 2021. LNCS, vol. 12698, pp. 127–156. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77883-5_5

Download references

Acknowledgments

We thank George Lu, Brent Waters and David Wu for helpful discussions on removing coordination amongst parties. We thank Nico Döttling for helpful discussions on the lattice-based puncturable PRF.

J. D. was funded by the European Union (ERC, LACONIC, 101041207). Views and opinions expressed are, however, those of the author(s) only and do not necessarily reflect those of the European Union or the European Research Council. Neither the European Union nor the granting authority can be held responsible for them. G. M. was supported by the European Research Council through an ERC Starting Grant (Grant agreement No. 101077455, ObfusQation).

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Giulio Malavolta .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2024 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Dujmovic, J., Garg, R., Malavolta, G. (2024). Time-Lock Puzzles with Efficient Batch Solving. In: Joye, M., Leander, G. (eds) Advances in Cryptology – EUROCRYPT 2024. EUROCRYPT 2024. Lecture Notes in Computer Science, vol 14652. Springer, Cham. https://doi.org/10.1007/978-3-031-58723-8_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-58723-8_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-58722-1

  • Online ISBN: 978-3-031-58723-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics