At 5:05 AM +0800 3/8/2000, Arrianto Mukti Wibowo wrote:
>Hi,
>
>I want to know whether there is a crypto building block which doesn't allow
>someone to open an encrypted message before a certain date.
>
>[Damn hard. Math functions don't grok "date". The only reasonable way
>to do this without a trusted third party is to pick an encryption
>algorithm that will take at least as long to decrypt (in likely
>available computer time) as are needed. -Perry]
>
>In another word, I need to know several "date/time-related" crypto papers
>around. Can somebody give me pointers?
>
Here is something I posted to sci.crypt on the subject in 1996. (You
can find it at http://deja.com/usenet by searching on the thread: '
Cryptographically secured "Time Vaults" '):
PGP and the Packwood problem.
Arnold G. Reinhold
January 19, 1996
The downfall of Senator Packwood of Oregon after his diaries were
subpoenaed by the Ethics committee of the US Senate may have
brought to justice a man who abused the public trust, but it must also
worry historians. Even though Packwood helped surface his
diaries by attempting to use them in his own defense, many
politicians will be reluctant to keep candid, private diaries in the future.
Cryptography can provide at least a partial answer to this
problem. I would propose that some recognized historical societies publish a
series of PGP public keys. The corresponding private
keys would be held in escrow for a fixed time frame and then
released to the public at one year intervals on or about December 31. Thus
there might be a 1996 key which would become public on Dec 31, 1996, a
1997 key that would be revealed on December 31, 1997, and so on. The
keys could be produced at a special event held in conjunction with a
historical or cryptography meeting. Two
hundred years worth of keys, say through the year 2100 could be
generated at one session. The secret keys would be kept both in magnetic
and printed form, say in a Swiss bank. Or the secret keys might also be
split into thirds, with two copies of each third and distributed to six
societies world wide.
Anyone who wished could down load one of the keys from the
standard key servers. The key fingerprints might be printed in
one or more historical journals. A diarist could simply use the key to
encrypt his work or use the key to encrypt his own private key. The later
option would allow him access to his own diaries. He
could destroy his unencrypted key when trouble arose, before it was
subpoenaed.
There is always the threat that a judge could attempt to subpoena the
historical societies' private keys. That is why the keys should be kept in
countries whose laws would make that difficult. Since the keys might be
used by more than one individual, the societies might have a strong
argument against releasing them.
There is also the danger that technology might overtake the
public key technology that was used in making the keys, In that case the
historical societies could make new, longer keys. Since the existence of most
diaries would still be secret, the diarists or their estates could
super-encrypt
with the new keys.
The technology threat suggests another option for a secret diarist: He
could make a guess as to when a certain key size is likely to be breakable.
He could then make a key of that size and throw away the public key. If he
did this in front of witnesses, he could have a subpoena-proof diary with
confidence that his words would
become readable eventually.
