Conditional Encryption
Introduction
Conditional encryption is a cryptographic technique where encrypted data can only be decrypted if specific, pre-defined conditions are met. Instead of giving anyone with a decryption key access to the data, access is programmatically controlled based on logic or real-world states—such as:
- A future timestamp
- A future block number
- A change in on-chain contract state
- An off-chain event or data from an Oracle
Blocklock encryption is the most commonly known and used case: a user encrypts data that can only be decrypted after a specified block height on any supported blockchain. This is ideal for:
- Sealed-bid auctions
- MEV-resistant transaction submission
- Time-delayed secrets or transfers
- Voting and quizzes
The primary reference implementation is blocklock-solidity, which enables developers to use threshold decryption across chains.
How It Works
Conditional encryption in dcipher uses a combination of threshold BLS signatures and identity-based encryption (IBE) to create a secure conditional lock mechanism. The system operates through a committee of operator nodes that collectively manage the decryption process:
- When data is encrypted, it is locked with a condition (e.g., a future block height)
- The committee nodes monitor the blockchain for the specified condition
- Once the condition is met, the committee collectively generates a threshold signature attesting to the event
- This signature serves as the decryption key, allowing any party to decrypt the data
The key innovation is that the decryption key is not pre-determined or stored anywhere. Instead, it is generated on-demand by the committee only after they have verified and attested to the condition being met. This approach removes the need for trusted intermediaries or continual off-chain monitoring. It enables secure workflows where data remains locked until the right moment — ideal for use cases like sealed-bid auctions, timed content releases, or conditional asset transfers.
Comparing Encryption Models
| Feature | Conditional Encryption (dcipher) | Traditional Encryption | Homomorphic Encryption |
|---|---|---|---|
| Condition-based Access | ✅ | ❌ | ❌ |
| Third-party-free | ✅ | ❌(key exchange required) | ✅ |
| Cross-chain Ready | ✅ | ⚠️ (with bridges) | ❌ |
| Computational Overhead | Low | Low | Low |
| Offline Decryption | ✅ | ✅ | ✅ |
Aside from the technical differences in the table above, there are key differences in the purpose of each kind of encryption:
- dcipher gives you conditional access — data stays locked until a condition is met.
- Homomorphic encryption gives you conditional processing — data can be computed over without ever being decrypted.
- Traditional encryption ensures only the key holder can read the data.
Security Assumptions
dcipher's conditional encryption relies on the following assumptions:
- Honest Majority Assumption: As long as fewer than the agreed m-of-n threshold of nodes for a given committee, future decryption keys (e.g., for a given round) remain unknown until the condition is met.
- Computational Diffie-Hellman Assumption: The current cryptography (e.g, BLS and IBE) and elliptic curve cryptography are not quantum-resistant.
- Availability Guarantee: If all nodes in the network or your chosen committee shut down, undecrypted ciphertexts will be permanently locked unless broken by a future quantum adversary.
In practice, these assumptions are mitigated by a robust validator set, crypto-economic incentives for honest behaviour of the operator nodes and proactive monitoring of network performance.
Next Steps
To learn more, visit the Guides/Blocklock or try encrypting your first blocklocked ciphertext in our Quickstart.