{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,1,12]],"date-time":"2023-01-12T17:17:48Z","timestamp":1673543868586},"reference-count":47,"publisher":"Association for Computing Machinery (ACM)","issue":"2","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Inf. Syst. Secur."],"published-print":{"date-parts":[[2008,3]]},"abstract":"A timed-release cryptosystem allows a sender to encrypt a message so that only the intended recipient can read it only after a specified time. We formalize the concept of a secure timed-release public-key cryptosystem and show that, if a third party is relied upon to guarantee decryption after the specified date, this concept is equivalent to identity-based encryption; this explains the observation that all known constructions use identity-based encryption to achieve timed-release security. We then give several provably-secure constructions of timed-release encryption: a generic scheme based on any identity-based encryption scheme, and two more efficient schemes based on the existence of cryptographically admissible bilinear mappings. The first of these is essentially as efficient as the Boneh-Franklin Identity-Based encryption scheme, and is provably secure and authenticated in the random oracle model; the final scheme is not authenticated but is provably secure in the standard model (i.e., without random oracles).<\/jats:p>","DOI":"10.1145\/1330332.1330336","type":"journal-article","created":{"date-parts":[[2008,2,28]],"date-time":"2008-02-28T14:02:33Z","timestamp":1204207353000},"page":"1-44","update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":44,"title":["Provably Secure Timed-Release Public Key Encryption"],"prefix":"10.1145","volume":"11","author":[{"given":"Jung Hee","family":"Cheon","sequence":"first","affiliation":[{"name":"Seoul National University, Korea"}]},{"given":"Nicholas","family":"Hopper","sequence":"additional","affiliation":[{"name":"University of Minnesota - Twin Cities"}]},{"given":"Yongdae","family":"Kim","sequence":"additional","affiliation":[{"name":"University of Minnesota - Twin Cities"}]},{"given":"Ivan","family":"Osipkov","sequence":"additional","affiliation":[{"name":"University of Minnesota - Twin Cities"}]}],"member":"320","published-online":{"date-parts":[[2008,5]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"crossref","unstructured":"Abdalla M. Bellare M. and Rogaway P. 2001. The oracle Diffie-Hellman assumptions and an analysis of DHIES. In <it>Cryptographer's Track at the RSA Conference<\/it>. Abdalla M. Bellare M. and Rogaway P. 2001. The oracle Diffie-Hellman assumptions and an analysis of DHIES. In <it>Cryptographer's Track at the RSA Conference<\/it>.","DOI":"10.1007\/3-540-45353-9_12"},{"key":"e_1_2_1_2_1","unstructured":"An J. H. 2001. Authenticated encryption in the public-key setting: security notions and analyses. http:\/\/eprint.iacr.org\/2001\/079\/. An J. H. 2001. Authenticated encryption in the public-key setting: security notions and analyses. http:\/\/eprint.iacr.org\/2001\/079\/."},{"key":"e_1_2_1_3_1","doi-asserted-by":"crossref","unstructured":"Bellare M. Desai A. Pointcheval D. and Rogaway P. 1998. Relations among notions of security for public-key encryption schemes. In <it>Annual International Cryptology Conference (CRYPTO'98)<\/it>. Bellare M. Desai A. Pointcheval D. and Rogaway P. 1998. Relations among notions of security for public-key encryption schemes. In <it>Annual International Cryptology Conference (CRYPTO'98)<\/it>.","DOI":"10.1007\/BFb0055718"},{"key":"e_1_2_1_4_1","unstructured":"Bellare M. and Goldwasser S. 1996. Encapsulated key escrow. Tech. rep. Laboratory for Computer Science MIT TR-688. Bellare M. and Goldwasser S. 1996. Encapsulated key escrow. Tech. rep. Laboratory for Computer Science MIT TR-688."},{"key":"e_1_2_1_5_1","unstructured":"Bellare M. and Palacio A. 2002. Protecting against key exposure: Strongly key-insulated encryption with optimal threshold. http:\/\/eprint.iacr.org\/2002\/064\/. Bellare M. and Palacio A. 2002. Protecting against key exposure: Strongly key-insulated encryption with optimal threshold. http:\/\/eprint.iacr.org\/2002\/064\/."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/168588.168596"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2005.72"},{"key":"e_1_2_1_8_1","doi-asserted-by":"crossref","unstructured":"Boneh D. and Boyen X. 2004. Efficient selective-ID secure identity based encryption without random oracles. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'04)<\/it>. Boneh D. and Boyen X. 2004. Efficient selective-ID secure identity based encryption without random oracles. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'04)<\/it>.","DOI":"10.1007\/978-3-540-24676-3_14"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/11426639_26"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1137\/S009753970544713X"},{"key":"e_1_2_1_11_1","unstructured":"Boneh D. and Franklin M. 2003. Identity based encryption from the weil pairing. In <it>Annual International Cryptology Conference (CRYPTO'03)<\/it>. Boneh D. and Franklin M. 2003. Identity based encryption from the weil pairing. In <it>Annual International Cryptology Conference (CRYPTO'03)<\/it>."},{"key":"e_1_2_1_12_1","doi-asserted-by":"crossref","unstructured":"Boneh D. and Naor M. 2000. Timed commitments. In <it>Annual International Cryptology Conference (CRYPTO'00)<\/it>. Boneh D. and Naor M. 2000. Timed commitments. In <it>Annual International Cryptology Conference (CRYPTO'00)<\/it>.","DOI":"10.1007\/3-540-44598-6_15"},{"key":"e_1_2_1_13_1","doi-asserted-by":"crossref","unstructured":"Boyen X. 2003. Multipurpose identity based signcryption: A swiss army knife for identity based cryptography. In <it>Annual International Cryptology Conference (CRYPTO'03)<\/it>. Boyen X. 2003. Multipurpose identity based signcryption: A swiss army knife for identity based cryptography. In <it>Annual International Cryptology Conference (CRYPTO'03)<\/it>.","DOI":"10.1007\/978-3-540-45146-4_23"},{"key":"e_1_2_1_14_1","unstructured":"Boyen X. Mei Q. and Waters B. 2005. Simple and eficient CCA2 security from IBE techniques. In <it>ACM Conference on Computer and Communications Security (ACM CCS'05)<\/it>. Boyen X. Mei Q. and Waters B. 2005. Simple and eficient CCA2 security from IBE techniques. In <it>ACM Conference on Computer and Communications Security (ACM CCS'05)<\/it>."},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/11818175_17"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1007\/11602897_25"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1007\/11734727_33"},{"key":"e_1_2_1_18_1","doi-asserted-by":"crossref","unstructured":"Chen L. Harrison K. Soldera D. and Smart N. 2002. Applications of multiple trust authorities in pairing based cryptosystems. In <it>Proceedings of Infrastructure Security Conference<\/it>. Chen L. Harrison K. Soldera D. and Smart N. 2002. Applications of multiple trust authorities in pairing based cryptosystems. In <it>Proceedings of Infrastructure Security Conference<\/it>.","DOI":"10.1007\/3-540-45831-X_18"},{"key":"e_1_2_1_19_1","unstructured":"Cheon J. H. Hopper N. Kim Y. and Osipkov I. 2004. Authenticated key-insulated public key encryption and timed-release cryptography. http:\/\/eprint.iacr.org\/2004\/231. Cheon J. H. Hopper N. Kim Y. and Osipkov I. 2004. Authenticated key-insulated public key encryption and timed-release cryptography. http:\/\/eprint.iacr.org\/2004\/231."},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/11889663_17"},{"key":"e_1_2_1_21_1","doi-asserted-by":"crossref","unstructured":"Cramer R. and Shoup V. 1998. A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In <it>Annual International Cryptology Conference (CRYPTO'98)<\/it>. Cramer R. and Shoup V. 1998. A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In <it>Annual International Cryptology Conference (CRYPTO'98)<\/it>.","DOI":"10.1007\/BFb0055717"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1137\/S0097539702403773"},{"key":"e_1_2_1_23_1","doi-asserted-by":"crossref","unstructured":"Crescenzo G. D. Ostrovsky R. and Rajagopalan S. 1999. Conditional oblivious transfer and timed-release encryption. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'99)<\/it>. Crescenzo G. D. Ostrovsky R. and Rajagopalan S. 1999. Conditional oblivious transfer and timed-release encryption. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'99)<\/it>.","DOI":"10.1007\/3-540-48910-X_6"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30576-7_11"},{"key":"e_1_2_1_25_1","doi-asserted-by":"crossref","unstructured":"Dodis Y. Katz J. Xu S. and Yung M. 2002. Key-insulated public key cryptosystems. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'02)<\/it>. Dodis Y. Katz J. Xu S. and Yung M. 2002. Key-insulated public key cryptosystems. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'02)<\/it>.","DOI":"10.1007\/3-540-46035-7_5"},{"key":"e_1_2_1_26_1","doi-asserted-by":"crossref","unstructured":"Dodis Y. Katz J. Xu S. and Yung M. 2003. Strong key-insulated signature schemes. In <it>Conference on Theory and Practice of Public-Key Cryptography<\/it>. Dodis Y. Katz J. Xu S. and Yung M. 2003. Strong key-insulated signature schemes. In <it>Conference on Theory and Practice of Public-Key Cryptography<\/it>.","DOI":"10.1007\/3-540-36288-6_10"},{"key":"e_1_2_1_27_1","doi-asserted-by":"crossref","unstructured":"Fujisaki E. and Okamoto T. 1999. Secure integration of asymmetric and symmetric encryption schemes. In <it>Annual International Cryptology Conference (CRYPTO'99)<\/it>. Fujisaki E. and Okamoto T. 1999. Secure integration of asymmetric and symmetric encryption schemes. In <it>Annual International Cryptology Conference (CRYPTO'99)<\/it>.","DOI":"10.1007\/3-540-48405-1_34"},{"key":"e_1_2_1_28_1","doi-asserted-by":"crossref","unstructured":"Garay J. and Pomerance C. 2003. Timed fair exchange of arbitrary signatures. In <it>Financial Cryptography<\/it>. Garay J. and Pomerance C. 2003. Timed fair exchange of arbitrary signatures. In <it>Financial Cryptography<\/it>.","DOI":"10.1007\/978-3-540-45126-6_14"},{"key":"e_1_2_1_29_1","doi-asserted-by":"crossref","unstructured":"Garay J. A. and Pomerance C. 2002. Timed fair exchange of standard signatures. In <it>Financial Cryptography<\/it>. Garay J. A. and Pomerance C. 2002. Timed fair exchange of standard signatures. In <it>Financial Cryptography<\/it>.","DOI":"10.1007\/978-3-540-45126-6_14"},{"key":"e_1_2_1_30_1","doi-asserted-by":"crossref","unstructured":"Gentry C. and Silverberg A. 2002. Hierarchical ID-based cryptography. In <it>International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT'02)<\/it>. Gentry C. and Silverberg A. 2002. Hierarchical ID-based cryptography. In <it>International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT'02)<\/it>.","DOI":"10.1007\/3-540-36178-2_34"},{"key":"e_1_2_1_31_1","doi-asserted-by":"crossref","unstructured":"Horwitz J. and Lynn B. 2002. Toward hierarchical identity-based encryption. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'02)<\/it>. Horwitz J. and Lynn B. 2002. Toward hierarchical identity-based encryption. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'02)<\/it>.","DOI":"10.1007\/3-540-46035-7_31"},{"key":"e_1_2_1_32_1","unstructured":"Kiltz E. 2006. Chosen-ciphertext secure identity-based encryption in the standard model with short ciphertexts. http:\/\/eprint.iacr.org\/2006\/122\/. Kiltz E. 2006. Chosen-ciphertext secure identity-based encryption in the standard model with short ciphertexts. http:\/\/eprint.iacr.org\/2006\/122\/."},{"key":"e_1_2_1_33_1","doi-asserted-by":"crossref","unstructured":"Kiltz E. and Galindo D. 2006. Direct chosen-ciphertext secure identity-based key encapsulation without random oracles. http:\/\/eprint.iacr.org\/2006\/034\/. Kiltz E. and Galindo D. 2006. Direct chosen-ciphertext secure identity-based key encapsulation without random oracles. http:\/\/eprint.iacr.org\/2006\/034\/.","DOI":"10.1007\/11780656_28"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1007\/11593447_37"},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/775152.775175"},{"key":"e_1_2_1_36_1","unstructured":"May T. 1993. Timed-release crypto. http:\/\/www.cyphernet.org\/cyphernomicon\/chapter14\/14.5.html. May T. 1993. Timed-release crypto. http:\/\/www.cyphernet.org\/cyphernomicon\/chapter14\/14.5.html."},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/103418.103434"},{"key":"e_1_2_1_38_1","unstructured":"Naccache D. 2005. Secure and practical identity-based encryption. http:\/\/eprint.iacr.org\/2005\/369\/. Naccache D. 2005. Secure and practical identity-based encryption. http:\/\/eprint.iacr.org\/2005\/369\/."},{"key":"e_1_2_1_39_1","unstructured":"Pederson T. P. 1991. A threshold cryptosystem without a trusted party. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'91)<\/it>. Pederson T. P. 1991. A threshold cryptosystem without a trusted party. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'91)<\/it>."},{"key":"e_1_2_1_40_1","doi-asserted-by":"crossref","unstructured":"Pointcheval D. and Stern J. 1996. Security proofs for signature schemes. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'96)<\/it>. Pointcheval D. and Stern J. 1996. Security proofs for signature schemes. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'96)<\/it>.","DOI":"10.1007\/3-540-68339-9_33"},{"key":"e_1_2_1_41_1","unstructured":"Rackoff C. and Simon D. R. 1991. Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In <it>Annual International Cryptology Conference (CRYPTO'91)<\/it>. Rackoff C. and Simon D. R. 1991. Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In <it>Annual International Cryptology Conference (CRYPTO'91)<\/it>."},{"key":"e_1_2_1_42_1","unstructured":"Rivest R. L. Shamir A. and Wagner D. A. 1996. Time-lock puzzles and timed-release crypto. Tech. rep. Laboratory for Computer Science MIT TR-684. Rivest R. L. Shamir A. and Wagner D. A. 1996. Time-lock puzzles and timed-release crypto. Tech. rep. Laboratory for Computer Science MIT TR-684."},{"key":"e_1_2_1_43_1","unstructured":"Shamus Software Ltd. MIRACL: Multiprecision integer and rational arithmetic C\/C++ library. http:\/\/indigo.ie\/mscott\/. Shamus Software Ltd. MIRACL: Multiprecision integer and rational arithmetic C\/C++ library. http:\/\/indigo.ie\/mscott\/."},{"key":"e_1_2_1_44_1","doi-asserted-by":"crossref","unstructured":"Shoup V. 2000. Using hash functions as hedge against chosen ciphertext attack. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'00)<\/it>. Shoup V. 2000. Using hash functions as hedge against chosen ciphertext attack. In <it>International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'00)<\/it>.","DOI":"10.1007\/3-540-45539-6_19"},{"key":"e_1_2_1_45_1","unstructured":"Shoup V. 2004. ISO 18033-2: An emerging standard for public-key encryption. http:\/\/shoup.net\/iso\/. Shoup V. 2004. ISO 18033-2: An emerging standard for public-key encryption. http:\/\/shoup.net\/iso\/."},{"key":"e_1_2_1_46_1","doi-asserted-by":"crossref","unstructured":"Syverson P. F. 1998. Weakly secret bit commitment: Applications to lotteries and fair exchange. In <it>Computer Security Foundations Workshop<\/it>. Syverson P. F. 1998. Weakly secret bit commitment: Applications to lotteries and fair exchange. In <it>Computer Security Foundations Workshop<\/it>.","DOI":"10.21236\/ADA464109"},{"key":"e_1_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1007\/11426639_7"}],"container-title":["ACM Transactions on Information and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1330332.1330336","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,12,28]],"date-time":"2022-12-28T21:35:32Z","timestamp":1672263332000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1330332.1330336"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008,3]]},"references-count":47,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2008,3]]}},"alternative-id":["10.1145\/1330332.1330336"],"URL":"http:\/\/dx.doi.org\/10.1145\/1330332.1330336","relation":{},"ISSN":["1094-9224","1557-7406"],"issn-type":[{"value":"1094-9224","type":"print"},{"value":"1557-7406","type":"electronic"}],"subject":["Safety, Risk, Reliability and Quality","General Computer Science"],"published":{"date-parts":[[2008,3]]},"assertion":[{"value":"2006-09-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2007-07-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2008-05-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}