Time-capsule crypto to help journalists protect their sources

Jonathan Zittrain writes, "I published an op-ed in the Boston Globe today musing on the prospects for 'time capsule encryption,' one of several ways of storing information that renders it inaccessible to anyone until certain conditions — such as the passage of time — are met. I could see libraries and archives offering such technology as part of accepting papers and manuscripts, especially in the wake of the "Belfast Project" situation, where a library promised confidentiality for accounts of the Troubles in North Ireland, and then found itself amidst subpoenas from law enforcement looking to solve long-cold cases. But the principle could apply to any person or company thinking that there's a choice between leaving information exposed to leakage, or destroying it entirely."

I'm less enthusiastic about this than Jonathan is. I think calibrating the strength of your time-capsule is very hard. If the NSA might be an order of magnitude faster than the rest of us at brute-force cryptanalysis, that means you need to make your 10-year capsule strong enough to last for 100 years just to be on the safe side. Same goes for proof-of-work.

There has been fitful research done on "time capsule cryptography," by which something can be encoded so that not even its creator can access it until after a certain amount of time. Such cryptography might depend on the kinds of "proof of work" puzzles — which require vast computing power over an extended period — that undergird the operation of bitcoin and other cryptocurrencies. Cryptocurrencies, whose operations are distributed across a number of computers, use the puzzles to prevent any one entity from taking control of the system.

What works to prevent any one party from subverting a currency could also place some of the data increasingly comprising our lives beyond the reach of a simple subpoena, by forcing the curious to wait a designated period of time before they can see what they want — even if they have legal paperwork that purports to entitle them to it sooner.

Even without relying on such complicated technologies, sensitive material can be encrypted using a key that is split into fragments, the way that it can take two simultaneous keys to launch a missile. Imagine key fragments distributed around the world to, say, 10 parties, requiring the cooperation of at least six of them to reassemble the key needed to get the documents. The parties would be instructed only to announce the keys when the original owner's specified conditions are met. Early disclosure wouldn't be impossible, but it would require a sustained effort that would only be worth undertaking if the access were a genuine priority, and one justifiable to the authorities of several countries who could each in turn pressure their respective keyholders. That kind of encryption is easy to do.

Confidential info threatened, but technology can help [Jonathan Zittrain/Boston Globe]

(Thanks, Jonathan!)

(Image: time capsule on Alcatraz, Inajeep, CC-BY)