Are there...one-way encryption algorithms

Enzo Michelangeli em at em.no-ip.com
Sun Nov 16 22:54:10 EST 2003


Amir and others,

First, I'd like to thank all who have taken time to reply, either on- or
off-list.

All suggestions so far are related to public-key algorithms; I had myself
thought about simply raising a generator g to the plaintext, or to a
suitable injective function of the plaintext, in a GF(p): that doesn't
even require a key to throw away. One drawback is that, with the possible
exception of ECC-based methods, the minimum size of the cryptotext becomes
larger than I'd like.

Anyway, the intended use is for primary keys in transaction databases, in
replacement of the PAN (a.k.a. credit card number). Using secure hashes is
the usual way of doing such things, but the slight risk of collision,
although practically negligible, is a bit irksome (especially considering
that the plaintext is of fixed size, and therefore injectivity is not a
priori impossible), and I was wondering if something better can be done.

Enzo

----- Original Message ----- 
From: "Amir Herzberg" <inbox at amir.herzberg.name>
To: "'Enzo Michelangeli'" <em at em.no-ip.com>; <cryptography at metzdowd.com>
Sent: Sunday, November 16, 2003 10:44 PM
Subject: RE: Are there...one-way encryption algorithms


> Enzo asked,
> > Are there one-way encryption algorithms guaranteed to be injective
> > (i.e., deterministically collision-free)? Or are there
> > theoretical reasons against their existence?
> >
> > I'm looking for algorithms where every piece of code and data
> > is public, thus excluding conventional enciphering with a secret key.
>
> Sounds like you look for One Way Permutations... which of course exist
> (if one-way functions do). But before we get into details, it'll be
> useful if you specify your needs more precisely since imprecision is the
> mother of weaknesses and break-ins.
>
> BTW I've updated my foils on encryption and hashing which cover much of
> this topic (see in site if interested).
>
> Best, Amir Herzberg
> http://amir.herzberg.name
>
>

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list