1

Is there any system out there currently, which can generate a nonce, which all nodes on a distributed network can agree and calculate the same nonce at the same time, but one an attacker cannot pre compute, for example a week in advance, and would only have the correct nonce at the same time as the network.

If this is not currently possible what steps are needed to create such a system?

Mike Ounsworth
  • 57,707
  • 21
  • 150
  • 207
Rich
  • 11
  • 1
  • Note: this question was re-posted on crypto.SE with more detail. [\[link\]](https://crypto.stackexchange.com/questions/32644/possible-to-generate-a-one-time-secret-which-all-nodes-on-the-distributed-networ) – Mike Ounsworth Feb 10 '16 at 19:31
  • I'm voting to close this question as off-topic because it is a cross-post – schroeder Feb 10 '16 at 23:45

1 Answers1

1

[Note: This question has been re-posted on crypto.SE.]

Let's break down the problem into two parts:

The first problem is that you want something that looks random to an outside attacker (ie is unpredictable), but can be computed by anybody in the know.

That sounds a lot like a Cryptographically secure pseudorandom number generator (CPRNG) where all nodes use the same seed. Then each hour (or each minute) you could take the next number in the random sequence - ie current_nonce = cprng.getSequence()[ numberOfHoursSinceLaunch() ];.

The problem that needs to be solved is the Key Distribution Problem - or in this case, the Seed Distribution Problem (since the seed is acting as the shared secret).

You could look at Key Agreement Protocols:

In cryptography, a key-agreement protocol is a protocol whereby two or more parties can agree on a key in such a way that both influence the outcome. ... Protocols that are useful in practice also do not reveal to any eavesdropping party what key has been agreed upon.

Or you could go lower-tech and have an admin place the seed on each node by some secure method (SSH, USB key, etc). Or you could set up a client-authenticated TLS network where each node has a client cert that they can use to request the seed. There are many ways to skin this particular cat.

EDIT in response to re-post on crypto.se:

The second problem is that you want some system where even if a node has all the seeds material, it can not compute the secret until some fixed time in the future. This is actually a commonly asked question on Security.SE and Crypto.SE. The generic name for this is Time-Capsule Cryptography, on a Time-Lock Puzzle. Here is a famous post on the topic. There are solutions to this, but they all have the flavour of "if you run your processor on full, it will take them at least X days to compute the secret. I don't think that is what you want.

A practical solution to this problem would be to give each node a client-SSL cert. Have a master server that generates the nonces, then have the nodes log in to the master using their certs to retrieve the daily nonce.

Community
  • 1
Mike Ounsworth
  • 57,707
  • 21
  • 150
  • 207