Name
Abstract | ||
|---|---|---|
We introduce a new cryptographic problem called time cap- sule signature. Time capsule signature is a 'future signature' that be- comes valid from a specific future time t, when a trusted third party (called Time Server) publishes some trapdoor information associated with the time t. In addition, time capsule signature should satisfy the following properties: (1) If the signer wants, she can make her time capsule signature eective before the pre-defined time t. (2) The recipient of 'future signature' can verify right away that the signature will become valid no later than at time t. (3) Time Server need not contact any user at any time, and in fact does not need to know anything about the PKI employed by the users. (4) Signatures completed by the signer before time t are indistinguish- able from the ones completed using the Time Server at time t. We provide the rigorous definition of time capsule signature and the generic construction based on another new primitive of independent in- terest, which we call identity-based trapdoor hard-to-invert relation (ID- THIR). We also show an ecient construction of ID-THIRs (and, hence, time capsule signatures) in the random oracle model, and a less ecient construction in the standard model. If the time t is replaced by a specific event, the concept of time capsule signature can be generalized to event capsule signature. In an ordinary signature scheme, the validity of a signature value is determined at the point of signature generation and never changes (unless the signer's public key is revoked). Users cannot generate the so-called 'future signature' which is not currently valid but becomes valid from a future time t. A naive way to achieve this is signing with a statement such as 'the signature of message m becomes valid from time t.' This, however, has several drawbacks. First, and least serious, the verifier is required to be aware of the current time. When time is generalized to arbitrary events (i.e., 'the signature of m becomes valid if the event e happens'), this becomes even more problematic. More seriously, however, in the naive solution the signer herself loses control over the validity of the future |
Year | DOI | Venue |
|---|---|---|
2005 | 10.1007/11507840_6 | Financial Cryptography |
Keywords | Field | DocType |
generic construction,specific future time,time server,event capsule signature,time capsule signature,new cryptographic problem,future signature,random oracle model,efficient construction,pre-defined time,trusted third party,satisfiability,standard model,public key | Trusted third party,Cryptography,Computer security,Computer science,Random oracle,Oracle,Algorithm,Ring signature,Public-key cryptography,Blind signature,Schnorr signature | Conference |
Volume | ISSN | ISBN |
3570 | 0302-9743 | 3-540-26656-9 |
Citations | PageRank | References |
8 | 0.52 | 27 |
Authors | ||
2 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Yevgeniy Dodis | 1 | 5843 | 277.49 |
| Dae Hyun Yum | 2 | 315 | 24.95 |