Here’s what I would need my program to do:
a. The program generates some random password and encrypts a file with it.
b. I need to be able to retrieve that password, but not until a day later.
Seems trivial, but there are two requirements:
- The program must be resistant to windows clock tampering (one shouldn’t be able to simply move the clock ahead 1 day, and get the password that way)
- The program must be resistant to debug tampering (a person with access to source code, shouldn’t be able to retrieve the password)
I know I can get time from time server, which would get around requirement #1, but that still leaves requirement #2. With the source code available, anyone could just modify data received from time server, and fool the application into thinking 1 day has already passed.
Is what I’m trying to do (given the requirements) even possible?
EDIT:
Assume encryption stage IS tamper proof.
To answer one of the questions – the whole point of the application is for a user to be able to hide information from himself for a specific time period (think timed safe where you are not able to open it until a specific time elapses).
I’d say it wasn’t possible. They key thing it is dependant on time which you have no control over. In theory even trying to get it from a time server is susceptible to a man in the middle attack style since I don’t think there is likely to be any encryption on the time checking (though I could be wrong). So without being able to rely on any measurement of time I think you’re after the impossible.