From: Karl Barrus <elee9sf@Menudo.UH.EDU>
Date: Wed, 10 Feb 93 13:55:53 PST
To: cypherpunks@toad.com
Subject: Re: timed-release crypto
Message-ID: <199302102154.AA20926@Menudo.UH.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Tim May writes:
>...I could publicly post an encrypted message to this list, or in one
>of the "pools," and then scatter the decryption key in several pieces
>with several members of this list, paying them $1 each to "hold" their
>piece for, say, a month.  At the end of the month, they would fulfill
>their end of the bargain by forwarding the piece they hold to some
>public place or pool and the decryption key would be reconstituted...

Cypherpunks, this is an experiment we can try right here right now.
We certainly have the anonymous mail facilities, pools, and
encryption, as well as a digital bank we could use to "pay" people :-)

Splitting a decryption key is fairly easy: we could use the simple XOR
method.  Say you want to encrypt a message of length m and split the
key among n people.  Choose n-1 sequences of m random bits (coin
flips, cryptographically strong pseudo-random number sequences, etc)
and XOR the message with all the random sequences (call the result
M').  Then your split secret is the M' and the n-1 sequences.  To
recover the message, calculate the XOR of M' and the n-1 sequences.
Providing for an n-out-of-m scheme takes more work and number theory,
but that can be done as well.

/-----------------------------------\
| Karl L. Barrus                    |
| elee9sf@menudo.uh.edu             | <- preferred address
| barrus@tree.egr.uh.edu (NeXTMail) |
\-----------------------------------/