A cryptographic function that enables decryption based on length of time or other specified time.
https://port-1337-time_crypt-hamu515426.codeanyapp.com/
There is a secret you want exposed only after a certain amount of time or at an exact date and time. You do not want yourself or anyone else to know this secret until we have reached this time-based requirement.
We create a web based SaaS where we create a public and private key. Secrets are encrypted and the SaaS decrypts it based on stored private key as well as the valid timestamp.
The respository is where this method is defined.
create
Generates a new passcode at the specified time by encoding the passcode and the expiry time into a new PGP message utilizing the SaaS's private key. This returns the PGP message that the user can save.
unlock
Manually check if the message generated can be unlocked based on time. If it is, return the passcode.
locked
Returns currently locked passcodes.
The software runs on Python 3. We can install all libraries by running the command pip install
and then the library, e.g. pip install fastapi
and then pip install "uvicorn[standard]"
, etc.
fastapi
"uvicorn[standard]"
pgpy
python-dateutil --upgrade
requests
If you haven't already, save the content below to a file named timecrypt.service
.
[Unit] Description=The SaaS for time_crypt After=network.target [Service] WorkingDirectory=/git/clone/path/time_crypt/ ExecStart=/which/uvicorn main:app --reload --host 0.0.0.0 --port 1337 Restart=always [Install] WantedBy=multi-user.target
sudo cp timecrypt.service /etc/systemd/system/
If you installed Uvicorn using pip, you can find its path with:
which uvicorn
If a path is returned, it's globally accessible. Otherwise, adjust your PATH variable or provide the full path in the service file.
sudo systemctl daemon-reload
Start the service:
sudo systemctl start timecrypt.service
Enable the service to start on boot:
sudo systemctl enable timecrypt.service
To ensure your service has started successfully and to view its logs, use:
sudo systemctl status timecrypt.service
--reload
flag in the ExecStart
command. The reload flag is more suited for development as it restarts the server when code changes are detected.This overviews how we can utilize the API in the real-world use case that the algorithm was made for. The requirements are that this algorithm works regardless of the padlock technologies. Often, manufacturers of time-lock mechanisms make low-quality physical locks. Even if they improved, it may not be as effective against lock-picking compared to heavy-duty padlocks. Here, we present a solution that combines the two. We give the user a combination to put into multiple combination padlocks that is meant to be forgotten. If the user remembers, they can request a new random combination. The combination is made up of 8 characters or digits. This means that this algorithm can be reused for many types of combination padlock technology in the past or present without additional costs.
unlock
api and return the passcode if it's past the lock time.Although the number of digits can be configured, the 8 digits that were meant to be "forgotten" is based on Miller's law that humans are able to remember about 7, plus or minus 2, objects in their short-term memory. 8 digits were also chosen because of the lack of availability of commerical locks and safes with more than 8 digits for their unlock combinations.
From the root directory,
python -m http.server