	US 12,244,687 B2
	Tamper-resistant data encoding secure against unbounded polynomial size attack complexity
Dana Dachman-Soled, College Park, MD (US); Ilan Komargodski, Tel Aviv (IL); and Rafael N Pass, New York, NY (US)
Assigned to NTT Research Inc., Sunnyvale, CA (US); University of Maryland, College Park, College Park, MD (US); and Cornell University, Ithaca, NY (US)
Appl. No. 18/012,226
Filed by NTT RESEARCH INC., Sunnyvale, CA (US)
PCT Filed Jun. 22, 2021, PCT No. PCT/US2021/038479 § 371(c)(1), (2) Date Dec. 21, 2022, PCT Pub. No. WO2021/262716, PCT Pub. Date Dec. 30, 2021.
Claims priority of provisional application 62/705,363, filed on Jun. 23, 2020.
Prior Publication US 2023/0275741 A1, Aug. 31, 2023
Int. Cl. H04L 9/32 (2006.01); H04L 9/00 (2022.01)

CPC H04L 9/005 (2013.01) [H04L 9/3218 (2013.01)]

16 Claims

1. A messaging system secure against attacks of unbounded polynomial size, the system comprising:

a transmitter data store for storing an original message;

an encoder module configured for creating a non-malleable copy of the original message by:

generating a time-lock puzzle Z, the time-lock puzzle Z having hardness T, and being based on the original message;

generating a non-malleable commitment c, based on the original message;

generating a proof pi as a zero-knowledge proof of consistency between Z and c;

storing Z, c, and pi in the transmitter data store as the non-malleable copy of the original message;

a transmitter module configured for transmitting the non-malleable copy of the original message to a receiver; and

a decoder module at the receiver, the decoder module configured for decoding the non-malleable copy of the original message by:

verifying the proof pi;

when the proof pi is verified:

solving the time-lock puzzle Z and generating the original message as an output; and

storing the original message in a receiver data store.