New result in predicate encryption: disjunction support
Scott Guthery
sbg at acw.com
Sun May 4 20:21:48 EDT 2008
[Moderator's Note: Top posting is discouraged. --Perry]
What I meant was that the crypogram decrypted with a correct f(I)=1 key
yields the encrypted message "Meet you at Starbucks at noon 0000000000000"
whereas decryption with a wrong, f(I)=0, key yields "Let's go down to Taco
Bell at midnight". Padding with 0's doesn't help.
Cheers, Scott
-----Original Message-----
From: owner-cryptography at metzdowd.com
[mailto:owner-cryptography at metzdowd.com] On Behalf Of Jonathan Katz
Sent: Sunday, May 04, 2008 1:20 PM
To: cryptography at metzdowd.com
Subject: RE: New result in predicate encryption: disjunction support
On Sun, 4 May 2008, Scott Guthery wrote:
> One useful application of the Katz/Sahai/Waters work is a counter to
> traffic analysis. One can send the same message to everyone but
> ensure that only a defined subset can read the message by proper key
> management. What is less clear is how to ensure that decrytion with
> the wrong key doesn't yield an understandable (and actionable) message.
This is actually pretty easy to do by, e.g., padding all valid messages with
sufficiently-many 0s. Decryption with an incorrect key will result in
something "random" that is unlikely to end with the requisite number of 0s
(and so will be discarded).
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list