• zepplenzap@lemmy.one
    link
    fedilink
    arrow-up
    15
    ·
    5 months ago

    If I’m reading the code correctly, this uses the duration of your “time lock” as the duration for how long it will perform scrypt operations on the key derivation.

    In other words, if you say you want to “lock” the secret for 5 days, the code will perform scrypt to generate the key for 5 days!!! Then it expects you to remember the iteration count to decrypt it.

    I don’t see any use case where that’s a useful mechanism. Especially since it ignores other computers are likely faster at scrypt then yours is.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      3
      ·
      5 months ago

      I think it’ll generate 5 days converted into seconds number of operations.

      To decrypt however, you have to do all those operations, so I think it would take 5 days to decrypt. Even if you wait 10 days to start the operation

      • Markaos@lemmy.one
        link
        fedilink
        arrow-up
        4
        ·
        5 months ago
        def generate_proof_of_work_key(initial_key, time_seconds):
            proof_key = initial_key
            end_time = time.time() + time_seconds
            iterations = 0
            while time.time() < end_time:
                proof_key = scrypt(proof_key, salt=b'', N=SCRYPT_N, r=SCRYPT_R, p=SCRYPT_P, key_len=SCRYPT_KEY_LEN)
                iterations += 1
            print(f"Proof-of-work iterations (save this): {iterations}")
            return proof_key
        
        
        def generate_proof_of_work_key_decrypt(initial_key, iterations):
            proof_key = initial_key
            for _ in range(iterations):
                proof_key = scrypt(proof_key, salt=b'', N=SCRYPT_N, r=SCRYPT_R, p=SCRYPT_P, key_len=SCRYPT_KEY_LEN)
            return proof_key
        

        The first function is used during the encryption process, and the while loop clearly runs until the specified time duration has elapsed. So encryption would take 5 days no matter how fast your computer is, and to decrypt it, you’d have to do the same number of iterations your computer managed to do in that time. So if you do the decryption on the same computer, you should get a similar time, but if you use a different computer that is faster at doing these operations, it will decrypt it faster.

        • Redjard@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          2
          ·
          5 months ago

          What is the threat szenario?
          If you are smart about parallelization and have access to custom hardware, couldn’t you turn 5 days into 1 hour or less?

          • Markaos@lemmy.one
            link
            fedilink
            arrow-up
            2
            ·
            5 months ago

            Yes, that’s exactly the problem - there’s nothing wrong with the encryption used, but it’s IMHO incorrect to call it time-based when it’s “work-based” and it just so happens that the specific computer doing the encryption works at a given speed.

            I don’t call my laptop’s FDE time-based encryption just because I picked an encryption that takes it 10 seconds to decrypt the key.

    • Célia@lemmy.blahaj.zone
      link
      fedilink
      arrow-up
      2
      ·
      5 months ago

      If it really works like this, the time lock would vary depending on the device. Encrypt for a long time on a potato, decrypt in seconds on a good computer.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    3
    ·
    5 months ago

    This seems interesting. But for something so complex I would really like them to have a white paper to see how they achieve this.

    https://eprint.iacr.org/2023/189 Other systems, for instance, use a third party network to broadcast the parts of the secret that are needed to decrypt over time. So you’re relying on a third-party service, and if that third party service disappears you can’t unencrypt

    • Markaos@lemmy.one
      link
      fedilink
      arrow-up
      5
      ·
      5 months ago

      It’s a very short Python script and I’m confident I get the general idea - there’s absolutely nothing related to current time in the decryption process. What they refer to as a “time lock” is just encrypting the key in a loop (so the encrypted key from one loop becomes the plain text for the next one) for the specified duration and then telling you how many iterations were done. That number then becomes a second part of the password - to decrypt, you simply provide the password and the number of iterations, nothing else matters.