TLSE — Time-Locked Symmetric Encryption

By Muhammed Shafin P
Project Repository: https://github.com/hejhdiss/TLSE

TLSE (Time-Locked Symmetric Encryption) introduces an innovative, time-bound encryption model that eliminates the need for traditional key exchange or network-based synchronization. Designed entirely for offline use, TLSE generates a unique encryption key every minute using the current time (HHMM) and a user-defined secret phrase. This approach ensures zero key exchange over networks and is ideal for air-gapped systems, CTF challenges, and secure communications in hostile environments.

The Innovation of TLSE
The fundamental breakthrough of TLSE lies in its use of time as a shared constant between sender and receiver. Instead of distributing keys or relying on handshake protocols, TLSE allows both parties to independently generate the same symmetric key for any given minute, provided they share a common secret phrase exchanged out-of-band. This drastically reduces the attack surface, removing the vulnerabilities inherent in most key exchange systems.

The key derivation process involves three primary steps: combining the user-defined phrase with the current time in HHMM format, passing the result through a proprietary transformation algorithm unique to each binary, and hashing the output using SHA-256 to produce a 256-bit key. This key is then used with AES-256 in either CBC or GCM mode for encryption and decryption.

Internal Security Architecture
TLSE is engineered with advanced binary protections beyond traditional encryption. Its executable is obfuscated using multiple layers, including control flow confusion, runtime string decryption, anti-disassembly traps, hash-based function names, and internal symbol renaming. These features make reverse engineering extremely difficult, if not impossible.

A proprietary encoding phase is core to the key derivation process. This internal algorithm, embedded in the binary and not disclosed publicly, ensures that no unauthorized or alternative implementation can generate valid keys—even if the base formula is understood. As a result, only binaries created by the original author can perform valid encryption and decryption, adding a layer of authentication and integrity verification.

Synchronization Without Communication
One of TLSE’s standout features is its automatic synchronization capability. If a message cannot be decrypted with the current or adjacent minute’s key, the system attempts a full scan of all 1,440 possible keys across a 24-hour period. Once a valid decryption occurs, TLSE aligns itself to that reference minute for the remainder of the session. This removes the need for synchronized clocks, timestamp headers, or network time servers, making TLSE ideal for zero-setup secure exchanges.

Use Cases and Applications
TLSE is well-suited for environments where confidentiality and offline operation are paramount. These include:

Local encrypted messaging
Clipboard encryption
Air-gapped command execution
Time-based unlock challenges (e.g., CTFs)
Secure boot verification in embedded systems
Offline device authentication

Because the keys change every minute and never persist, TLSE ensures high temporal security. Even if a key is compromised, it becomes useless within 60 seconds. The obfuscation of output via Unicode-level transformation helps it evade standard pattern detection, making it suitable for stealth operations.

Development Status and Future Plans
Currently in the conceptual and prototype phase, TLSE is part of the Aetherokrypt Research Series led by Muhammed Shafin P. Future versions may include public PoC releases, CTF binaries, and optional enhancements like multi-factor authentication, external PIN pairing, and device-bound secrets.

Development is focused on proving the effectiveness of minute-based key derivation under real-world conditions, formalizing the synchronization algorithm, optimizing performance, and exploring applications in embedded systems. Cross-platform compatibility, security auditing, and community contributions are welcomed, with core logic and proprietary encoding remaining under author control.

Licensing and Contribution
TLSE is licensed under Creative Commons Attribution-ShareAlike 4.0 (CC BY-SA 4.0). While the conceptual framework is open for public reuse, the proprietary encoding logic remains the intellectual property of the author. Derivative works are encouraged to adopt MIT or Apache 2.0 licenses for broader community and commercial adoption.

Developers interested in contributing or integrating TLSE concepts are encouraged to collaborate directly. Proposals, forks, and experimental variants are welcome, especially in areas such as security auditing, embedded applications, or alternative time-granularity approaches.