This web site has been retired. Please follow my activities at

the personal site of patrick paul

Time-lock Cryptography With Python

| Comments

In 1999, for the 35th birthday celebration of the MIT Laboratory for Computer Science, MIT dedicated a time capsule to be opened on the 70th anniversary of the lab … “or upon solution of a cryptographic puzzle … designed to take approximately 35 years to solve.”

Cool, right? A time-lock is basically a cipher that can only be de-ciphered on one processor (i.e. not in parallel) and which is easy to encrypt and orders of magnitude more difficult to decrypt. For my use, it takes me only a second to time-lock a document where the inverse decryption takes at least a day.

In his paper introducing time-lock puzzles, Rivest (with authors Adi Shamir and David Wagner) suggests a few applications:

  • A bidder in an auction wants to seal his bid so that it can only be opened after the bidding period is closed

  • A homeowner wants to give his mortgage holder a series of encrypted mortgage payments. These might be encrypted digital cash with different decryption dates so that one payment becomes decryptable and thus usable by the bank at the beginning of each successive month

  • An individual wants to encrypt his diaries so that they are only decryptable after fifty years

Last night, I time-lock’d a few files in my Dropbox to keep me from opening them. I found a great Python implementation on github by Eric Liang which can package your document into a self-decoding Python script:

patrick@lucca:~$ git clone
patrick@lucca:~$ cd timelock/
patrick@lucca:~/timelock$ chmod u+x,g+x
patrick@lucca:~/timelock$ sudo cp /usr/local/bin/timelock
patrick@lucca:~/timelock$ cd ~
patrick@lucca:~$ sudo rm -rf timelock/

Now you can run timelock from the command-line:

patrick@lucca:~$ timelock
Usage: ./ <PARAM>
    --h|help                    display this message
    --new [time]                create a sample puzzle with solution time 'time'
    --encrypt <file> [time]     encode a file using AES with a random key
    --pack <file> [time]        pack a self-decoding file using this script
    --benchmark                 print number of operations per second
    <saved state>               print puzzle solution to stdout

patrick@lucca:~$ timelock --pack secret.tar.pgp 86400 >

To decrypt it, you just execute the resultant Python file:

patrick@lucca:~$ python > secret.tar.pgp
41775.105421 squares/s, 3,608,342,978 remaining, eta 24 hours

(Don’t forget to pipe timelock output to the new file name you desire, or else you’ll spend 24 hours decrypting it only to spam the contents to stdout!)

I like this implementation a lot. Both the ciphered document and its de-coder are self-contained in one file, and I need only ensure that I have a system running Python in ten years when I want to read my journal entries again! ;)


You may notice that my document was already tar‘d and PGP-encrypted. On my Windows host, I installed Gpg4win which adds a great right-click context menu for easily encrypting documents within the Windows Explorer (e.g. in my Dropbox folder).