[troymc]

Here's a way to encrypt something with an actual timelock, which works because physics. More specifically, it works because there is a maximum speed that information can travel through space: the speed of light.

Step 1: Generate a large number of named public/private keypairs and put the private keys on a spacecraft. Also give the spacecraft a communication system and a long-lived RTG (an energy source getting its energy from the decay of some radioactive materials).

Step 2: Send the spacecraft to land on the surface a distant body in the solar system, such as one of the moons of Neptune.

Step 3: To encrypt a message such that it's guaranteed to not be cracked in less than some specified time, encrypt it several times, using the known named public keys.

To decrypt the message, you've got to send it out to the distant spacecraft and ask it to decrypt the outer layer of encryption, using the private key corresponding to the outer layer's public key. It does that and you get back a message but it might still have several layers of encryption. Repeat until all those layers are removed.

There are tricks to speed things up by sending a spacecraft out towards Neptune, but they don't speed things up too much (because spacecraft travel much slower than light). The amount of speedup possible is left as an exercise for the reader. There's still a lower bound on the required time until full decryption.

Inspired by the TOR network.

[pjerem]

The spacecraft should generate the key pairs itself once it landed and send the public keys to earth to be sure no human stole the private keys.

But, while fun, your idea is not that stupid.

If the spacecraft continuously generate key pairs, you could even avoid landing it and "just" throw it in some direction, Voyager style (if you can afford rebuilding some every few decades) or on some orbit in the solar system. You don’t have to pay for the landing tech.

I wouldn’t even be surprised that this could be viable economically. It doesn’t sound that much technologically difficult

[troymc]

These are all good improvements. Thanks!

My thinking now is that you could send the spacecraft out to Neptune and do a gravity-assist maneuver there, sending the spacecraft into a large orbit around the Sun, with a high perihelion.

[bigyikes]

>I wouldn’t even be surprised that this could be viable economically.

Do you imagine there's a large market for physically-based time locked encryption?

Hard to imagine there's a ton of paying customers lol

[pjerem]

I really don't know. I wouldn't be surprised that, on the entire planet, a niche market could exist that would want to pay the premium over say, giving an envelope to a notary.

You could also change the business model to allow NOT decrypting messages by paying the message author (and take a commission) but I guess that would attract more than shady customers :)

[lucb1e]

> Inspired by the TOR network.

Because it has such high delays? Basically revealing the information which the onion service or exit node encrypted for you only after, potentially, a few trips around the globe?

That makes me think this can be achieved without spacecraft, by just having geographically distributed private keys (even just a few kilometers; you just need the light delays to dominate over processing delays).

And I don't think you need more than two keys: if you wrap it in A(B(A(B(message)))), then party B cannot work on the first layer but first needs to send it to A, party A cannot decrypt the second layer but first needs to sent it back to B, etc. One of the parties could be your recipient, so that would also work with an expensive one-off spacecraft.

> land on the surface a distant body in the solar system

landing is a lot more difficult than staying in Neptune's orbit (notice how many moon-bound spacecraft crashed, even only in recent years!); you'll get the same characteristics by just going out to a desired orbit.

Also note that the amount of delay between Earth and <your orbit, such as Neptune's> will vary wildly

[Valgrim]

One could build a service just around the fact that the fastest theorical time it takes to transmit information around earth is around 130ms. This means that the absolute maximum number of layers that could be used in a day is well below 1 million. Scale that over a few billion layers or more, and reveal a new key every roundtrip, and you would've got yourself a much simpler timelock encryption.

The problem that arise is (and which is solved by the spacecraft to Neptune) is that with any earth based system, someone could secretly move copies of both ends closer together, secretly, and decrypt the lock faster than expected. Putting a spacecraft on a trajectory with no realistic chance of ever coming back makes this possibility impossible (as long as the layers of keys are encrypted only when the spacecraft arrived at its destination. Even if the delay between earth and neptune vary wildly, it is predictable, and any local system could piggyback a larger scale system like this for safety

[denton-scratch]

> will vary wildly

Neptune is about 30AU from the Sun. The Earth's distance from Neptune will presumably vary somewhere between 28AU and 32AU. Light travels 1AU in about 8 minutes, 28AU in about 224 minutes, 30AU in about 240 minutes, and 32AU in about 256 minutes. Depending on your use-case, that's not a particularly wild variation.

[lucb1e]

Oh, that is indeed less than I thought!

[troymc]

I wrote that the proposed system was inspired by the TOR network, not that it literally uses the TOR network. To send a message across the TOR network, you wrap it in a bunch of layers of encryption, and then each TOR node removes one layer: that's the similar aspect.

Your other critiques are all valid. There's still a lower bound on the total time required for full decryption. I was just trying to show that that is possible.

[lucb1e]

Not meant as critiques! And I did not assume it was using the Tor network, I understood the word "inspired" as you meant it. Clearly I need to work on my communication :(

[voxic11]

Wouldn't landing a spacecraft next to the first one allow you to decrypt messages in essentially one round trip time? So if you had a message on earth timed locked for 100 years you could transmit it your your own spacecraft next to the decrypting spacecraft and it could almost immediately get through all layers of encryption and send you back the decrypted message.

[denton-scratch]

So encryption is a fixed-time operation, requiring a single round-trip to the spacecraft. There is another time-delay at decryption, quantized into round-trip times; the minimum decryption delay is one round-trip. For a moon of Neptune, a round-trip is about 9 hours(?).

If I want my secret exposed in 20 years, I will need to wrap it in 18,000 layers of encryption, and then start the decryption process immediately.

The duration of one decryption step depends on the distance to the spaceship; it would be difficult (but not impossible?) to rely on a spaceship whose distance is always changing. It needs to be somewhere faraway, and also to be somewhere that's always going to be roughly the same distance away. A moon of Neptune is a reasonable candidate.

[troymc]

The distance between Earth and Neptune oscillates with a period of about one year because Neptune moves around the sun much slower than the Earth does. The Earth-Neptune distance oscillates between about 29 AU and 31 AU.

I checked your calculations and I get similar numbers. I don't think that tens of thousands of layers of encryption is a problem: a modern computer can store that many private keys with no problems. In fact, it should probably store three copies of each one, or do something to account for random bit flips.

[denton-scratch]

> because Neptune moves around the sun much slower than the Earth does

I think of the "1AU either way" thing as being simply that sometimes the Earth is on the other side of the Sun from Neptune, so the Earth<->Neptune distance is 1AU greater; and sometimes it's on the same side, so 1AU closer.

I didn't mean to suggest that 18,000 layers was silly; for encryption it would take seconds or less. And for decryption, having multiple layers is vital, because that's what creates the delay.

It's awkward that you have to start decrypting immediately. The ideal would be a self-contained object like a USB key, that does just one thing: after n ticks, it exposes its secret. In principle, it could be based on a mechanical clock, but it's hard to envisage a tamper-proof mechanical clock.

[Dunati]

Frist, should probably put the ship on a solar escape trajectory, so that physically intercepting it would be more difficult with time, and likely require a technological leap to accomplish. It would also be nice to have the ship on a trajectory as far away from the plane of the ecliptic as you can, to minimize occlusion and time variation based on the earth's orbit.

Next, instead of pre-seeding the ship with keys, you have it generate them (using its RTG for both power and a source of entropy) and send them back to earth at a fixed rate, possibly with the size of the keys increasing over time.

On earth, when you want to encrypt a payload to be decrypted at a future date, you calculate how many round trips it would require, then encrypt the data with that many keys from the stream, interleaved with keys generated locally. As the time will unlikely be an exact round trip time (which is ever-increasing), each end can delay the decrypt and re-transmission for some proportion of the remaining time.

[dheera]

> Generate a large number of named public/private keypairs and put the private keys on a spacecraft

I suppose, more practically, you could just put the private key in an envelope and bury it deep in a shipping container with a destination across the ocean. While in transit it's pretty damn hard to get to it.

[denton-scratch]

The shipping container will reach its destination in a few weeks. You could stretch it to months by repeatedly re-shipping it, like the cop-van stolen by the longshoremen in The Wire. But if someone else wants the secret, the longer it spends in a shipping container, the more likely it is to be discovered.

If you want your secret to last for decades, a shipping container is too vulnerable.

[ttyprintk]

There are a few geocaching approaches:

Sunken chest / mysterious treasure map

Beacon of high gamma radiation / undesirable to approach for many half lives

USB key in Jimmy Hoffas pocket

[lucb1e]

My inner devil likes the "too dangerous to approach" idea :)

About the last idea, I had to look up that name:

> James Riddle Hoffa (born February 14, 1913; disappeared July 30, 1975; presumed dead July 30, 1982) was an American labor union leader who served as the president of the International Brotherhood of Teamsters (IBT) from 1957 until 1971.

Do I read it correctly if I understand "Jimmy Hoffas pocket" to be one implementation example of "any disappeared person's pocket"? Or is the specific person, their role, or their era relevant?

[ttyprintk]

You’re correct: the fame of discovering Jimmy Hoffas burial is high in pop culture. Maybe as high as Hacker News finding a usb key timelock where only a vague area is given.

[ttyprintk]

I didn’t know his middle name was “Riddle” that’s almost ironic.

[dustyleary]

Yes, Jimmy Hoffa is a "famous" disappeared person case here in America.

There are only a few "famous mysteries" that became such widespread memes in American culture. The ones I can think of are:

1. What happened to Jimmy Hoffa (who killed him?). "The Irishman" on Netflix is a Scorsese adaptation of a "nonfiction" book that documents an old Mafia hitman claiming to have killed Hoffa. (The book is nonfiction, the guy's claims are somewhat contested.)

2. What happened to Amelia Earhart? (Early female aviator who disappeared attempting to fly around the world).

3. What happened to and who was DB Cooper? (A man hijacked an airplane, traded some hostages for a duffle bag of cash at an airport when such a thing was possible, told the pilots to fly to Canada and then jumped out of the plane with a parachute and the duffle bag somewhere over the pacific northwest).

4. Who shot JFK?

[ttyprintk]

Thank you, I regret picking such a reference. Amazing to entertain that the guy who killed Hoffa could have lived long enough to write about it. As if reality suddenly became gentler, and all differences could be hugged out.

[KineticLensman]

Also, in the UK (or not), Lord Lucan

[ttyprintk]

Drone delivers a capsule into an historic minefield / make a Great Power clear an area to find it

Sow the hex digits in one crop on top of another / wait until summer to see the visible difference

[denton-scratch]

> USB key in Jimmy Hoffas pocket

First find Jimmy (embedded in concrete?). Then notice that there's no time element; Jimmy's USB key will be found when Jimmy's found, which might be tomorrow or it might be never. Then learn that he disappeared long before USB keys were invented.

I realize the suggestion was light-hearted!

[ttyprintk]

Slip a key into a random unsolved case file in LA / must digitize all files to find it

Choose a key from the DNA of a living Nobel prize winner

Place an opaque nondescript sticker over the lens of a surveillance camera in London / must disassemble all cameras to find it

Writing Sherlock Holmes level material is not hard

[dave1010uk]

This is a really cool idea using fundamental properties of physics but I don't think it works.

If the spacecraft is trusted by the person with the secret, it's much simpler to instruct the spacecraft to only disclose the secret after a set date. You don't seem to gain anything from the carded complexity.

If the spacecraft isn't trusted, there's nothing it stopping it disclosing all the key pairs at once.

I think the best bet at the moment is something like Rivest-Shamir-Wagner time lock puzzles, which requires a fixed number of sequential computations to perform.

[ur-whale]

> Send the spacecraft to land on the surface a distant body in the solar system, such as one of the moons of Neptune.

The economics of your proposal strike me as a tad weak at the knee.

[troymc]

The up-front capital expenditure might be high, yes, but it might be possible to recoup that by charging fees for the service once it's working. The Chunnel had a high capex too.

In any case, I just wanted to show that working timelock encryption system is theoretically possible. Some people claimed it wasn't.