New result in predicate encryption: disjunction support

Scott Guthery sbg at
Sun May 4 12:37:27 EDT 2008

A group member asked me to elaborate on:

> - No knowledge of which groups can be successfully authenticated is 
> known to the verifier

What this tries to say is that the verifier doesn't need to have a list of
all authenticable groups nor can the verifier draw any conclusions about
other authenticable groups based on authenticating one group.

One useful application of the Katz/Sahai/Waters work is a counter to traffic
analysis.  One can send the same message to everyone but ensure that only a
defined subset can read the message by proper key management.  What is less
clear is how to ensure that decrytion with the wrong key doesn't yield an
understandable (and actionable) message.

Cheers, Scott

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list