Question regarding common modulus on elliptic curve cryptosystems

Mon Mar 22 09:22:35 EDT 2010

[Moderator's Note: please don't top post.... --Perry]

Commutativity is a beautiful and powerful property. See "On the power of 
Commutativity in Cryptography" by Adi Shamir.
Semantic security is great and has given a new provable sense of 
security, but commutative building blocks can be combined to build the 
strangest protocols without going into deep mathematics, are better 
suited for teaching crypto and for high-level protocol design. They are 
like the "Lego" blocks of cryptography!

Now I'm working on an new untraceable e-cash protocol which has some 
additional properties. And I'm searching for a secure  commutable 
signing primitive.

Best regards,
  Sergio Lerner.

On 22/03/2010 09:56 a.m., Jonathan Katz wrote:
> Sounds like a bad idea -- at a minimum, your encryption will be 
> deterministic.
>
> What are you actually trying to achieve? Usually once you understand 
> that, you can find a protocol solving your problem already in the 
> crypto literature.
>
> On Sun, 21 Mar 2010, Sergio Lerner wrote:
>
>>
>> I looking for a public-key cryptosystem that allows commutation of 
>> the operations of encription/decryption for different users keys
>> ( Ek(Es(m)) =  Es(Ek(m)) ).
>> I haven't found a simple cryptosystem in Zp or Z/nZ.
>>
>> I think the solution may be something like the RSA analogs in 
>> elliptic curves. Maybe a scheme that allows the use of a common 
>> modulus for all users (RSA does not).
>> I've read on some factoring-based cryptosystem (like Meyer-Muller or 
>> Koyama-Maurer-Okamoto-Vantone) but the cryptosystem authors say 
>> nothing about the possibility of using a common modulus, neither for 
>> good nor for bad.
>>
>> Anyone has a deeper knowledge on this crypto to help me?
>>
>> Best regards,
>> Sergio Lerner.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com