Publishing a message with a computationally enforced delay

Filip Sondej

1/28/24, 12:54 AM

I'm looking for a way to publish a message, so that it will only be publicly known after some time (let's say a few minutes). Even I shouldn't have the power to prove what my message was, before this time passes.

I was thinking of something like:

the message is encoded using my private key, then published in this encoded way
(I could prove what the message is by revealing my private key, but I really don't want to reveal my private key)
the message can also be recovered by some kind of brute-forcing, that is known to take some time
this brute-forcing doesn't reveal my private key, only the message

Is there a way to do this?

0 + 7

brute-force-attack

timed-release

knaccc

1/28/24, 1:03 AM

Does this answer your question? [Is it possible to make time-locked encrytion algorithm?](https://crypto.stackexchange.com/questions/3064/is-it-possible-to-make-time-locked-encrytion-algorithm) and [Time Capsule cryptography](https://crypto.stackexchange.com/questions/606/time-capsule-cryptography/12694)

Filip Sondej

1/30/24, 6:02 AM

@knaccc it's on a right track, but I think it doesn't fully solve this. The proposed solutions seem to only guarantee that other people can't disclose my secret before the target time. But here, **even I** want to be unable to prove what the message was, until the time passes. This is a considerably harder problem. Unless there's something about the techniques that I didn't understand?

knaccc

1/30/24, 8:13 AM

Once you choose a time-lock approach that eventually reveals the private key, your question can be simplified as "can I encrypt a message with a private key such that I cannot prove what the message is without the private key?". Regular encryption works like that - you can't tell anything about the ciphertext without the private key (other than the maximum length). So, you encrypt, then discard the private key, and then when the private key is revealed after the time-lock period only then can it be decrypted.

Filip Sondej

1/31/24, 11:46 PM

@knaccc OK, I was a bit confused but I think I know what to do now. So I can't encrypt WITH the private key, because it can be decrypted with my public key (it's the same as signing). I also can't encrypt with my public key, because then, I could just declare what the message was, and people can verify that, because they know my public key.

Filip Sondej

1/31/24, 11:46 PM

@knaccc The solution is to encrypt the pair (message, my private key) with my public key. Now revealing the contents would reveal my private key which I don't want. It still doesn't solve my original problem, because at the end the private key is revealed, but after some thinking I now don't see this as a problem for my use case. Thanks for help!

knaccc

2/1/24, 5:24 AM

"So I can't encrypt WITH the private key, because it can be decrypted with my public key" -> if you use your private key as a symmetric key for encryption, then that can't be decrypted with your public key. Btw, it happens quite frequently here that people try to simplify the question, but it ends up being counter-productive because they will have all sorts of requirements that derail attempts to try and provide a solution. I don't know why you can't have a one-time private key just for this particular purpose, and there is a lot of guesswork involved to understand what you're doing

Filip Sondej

2/2/24, 9:02 AM

Ah you're right, I didn't provide enough detail here. It's just that my full problem had quite a lot of context, so I tried to distill the core. At the end I ended up choosing a solution from a very different angle. Re symmetric cryptography: yeah, I forgot about that, good point. (And to clarify - I was fine with having one-time private keys - the crucial part was somehow disincentivising the sender from revealing the private key, so that the message CERTAINLY won't be publicly known before some time, even if the sender wants that.) Anyway, thanks, your comments helped :)

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Publishing a message with a computationally enforced delay

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.