J. Benaloh, "Dense Probabilistic Encryption," Proc. Workshop Selected Areas of Cryptography, pp. 120-128, 1994.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....to do encrypted polynomial evaluation (on integers, modulo some integer N whose factors are small primes) is an additively homomorphic encryption scheme a scheme which has a PLUS, but not necessarily a MULT operation. Such schemes, unlike algebraically homomorphic schemes, are known to exist [15, 92], and thus make encrypted computation of polynomials possible. Composition based approach Sander and Tschudin also propose another way to perform encrypted computation using function composition: suppose f is a rational function (the quotient of two polynomials) and suppose that Alice can ....

J. Benaloh. Dense probabilistic encryption, in Proc. of the Workshop on Selected Areas of Cryptography, 1994.

....Homomorphic Encryption Schemes We need a public key cryptosystem with a homomorphic property for some of our protocols. An encryption scheme is homomorphic if E k (x) E k (y) E k (x y) Such encryption systems are called homomorphic cryptosystems, and examples include the systems by Benaloh [15], Naccache and Stern [80] Okamoto and Uchiyama [84] and Paillier [85] A good property of homomorphic encryption schemes is that addition can be conducted based on the encrypted data without decrypting them. 2.5 Speci c Secure Two Party and Multi Party Computation Problems Goldreich pointed ....

....and blinding are done rst by Alice, then again by Bob. To perform additive blinding, we need a special public key cryptosystem that has the following property: E k (x) E k (y) E k (x y) Such systems are called homomorphic cryptosystems and examples include the systems by Benaloh [15], Naccache and Stern [80] Okamoto and Uchiyama [84] and Paillier [85] 89 Protocol for Permuting and Additive Blinding Inputs: Alice has U , Bob has V , Alice has a random permutation A and a random vector R known to her but not to Bob. Output: Bob obtains the set of N values of the form v ....

J. Benaloh. Dense probabilistic encryption. In Proceedings of the Workshop on Selected Areas of Cryptography, pages 120-128, Kingston, Ontario, Canada, May, 1994.

....could be achieved with polylogarithmic (in n) communication complexity. Homomorphic Encryption Schemes We need a public key cryptosystems with a homomorphic property for some of our protocols: E k (x) E k (y) E k (x y) Many such systems exist, and examples include the systems by Benaloh [2], Naccache and Stern [10] Okamoto and Uchiyama [13] Paillier [14] to mention a few. A useful property of homomorphic encryption schemes is that an addition operation can be conduced based on the encrypted data without decrypting them. 4 Mikhail J. Atallah et al. Yao s Millionaire Problem ....

J. Benaloh. Dense probabilistic encryption. In Proceedings of the Workshop on Selected Areas of Cryptography, pages 120-128, Kingston, ON, May 1994.

....could be achieved with polylogarithmic (in n) communication complexity. Homomorphic Encryption Schemes We need a public key cryptosystems with a homomorphic property for some of our protocols: E k (x) E k (y) E k (x y) Many such systems exist, and examples include the systems by Benaloh [3], Naccache and Stern [9] Okamoto and Uchiyama [11] Paillier [12] to mention a few. A useful property of homomorphic encryption schemes is that an addition operation can be conducted based on the encrypted data without decrypting them. 3 New Building Blocks In this section, we introduce a ....

J. Benaloh. Dense probabilistic encryption. In Proceedings of the Workshop on Selected Areas of Cryptography, pages 120--128, Kingston, ON, May 1994.

....(G; is said to be homomorphic if f forms a (group) homomorphism. That is, given f(x) and f(y) for some unknown x; y 2 G, anyone can compute f(x y) without any need for the private key. Somewhat surprisingly, this property has a wide range of applications, including secure voting protocols [8] and multiparty computation [26] In a series of talks, Rivest suggested the investigation of homomorphic signature schemes. For instance, the RSA signature scheme is a group homomorphism, as m d 1 m d 2 = m 1 m 2 ) d . This property was previously considered to be undesirable and ....

....on (Z; Besides RSA, several other homomorphic cryptosystems are currently known. Goldwasser Micali encryption takes the form of a group homomorphism Z=2Z (Z=nZ) 17] and others have proposed a number of other public key encryption schemes that have various useful homomorphic properties [15, 8, 22, 20]. Of particular interest is Sander, Young, and Yung s slick construction of an encryption algorithm that is both and and xor homomorphic [26] they note that this is the rst cryptosystem homomorphic over a semigroup. Redactable signature schemes are related in both spirit and construction to ....

J Benaloh. Dense probabilistic encryption. In Selected Areas in Cryptography, 1994.

....(G, is said to be homomorphic if f forms a (group) homomorphism. That is, given f(x) and f(y) for some unknown x, y # G, anyone can compute f(x y) without any need for the private key. Somewhat surprisingly, this property has a wide range of applications, including secure voting protocols [8] and multiparty computation [26] In a series of talks, Rivest suggested the investigation of homomorphic signature schemes. For instance, the RSA signature scheme is a group homomorphism, as m d 1 m d 2 = m 1 m 2 ) d . This property was previously considered to be undesirable and much ....

....on (Z, Besides RSA, several other homomorphic cryptosystems are currently known. Goldwasser Micali encryption takes the form of a group homomorphism Z 2Z # (Z nZ) # [17] and others have proposed a number of other public key encryption schemes that have various useful homomorphic properties [15, 8, 22, 20]. Of particular interest is Sander, Young, and Yung s slick construction of an encryption algorithm that is both and and xor homomorphic [26] they note that this is the first cryptosystem homomorphic over a semigroup. Redactable signature schemes are related in both spirit and construction to ....

J Benaloh. Dense probabilistic encryption. In Selected Areas in Cryptography, 1994.

....schemes with additional homomorphic properties are important in many cryptographic applications. Thus, it is surprising that only a few algebraic structures have been identified so far for which there are homomorphic encryption schemes. The Goldwasser Micali scheme and the Benaloh scheme [6] (see also [29] give us via Chinese Remaindering homomorphic schemes using Abelian groups of smooth order. The RSA scheme is homomorphic over the multiplicative group (Z=NZ) Theta for an RSA modulus N . In particular all these schemes are homomorphic in (Abelian) groups. Recently, 31, 33] ....

J. Benaloh. Dense probabilistic encryption. Proceedings of the Workshop on Selected Areas of Cryptography, pages 120--128, 1994.

....and an additional message m 0 , a random encryption of m m 0 can be easily computed. This should be done without knowing m or the secret key. Examples of semantically secure blindable encryption schemes (under appropriate assumptions) include GoldwasserMicali [23] ElGamal [15] and Benaloh [5]. In fact, for our Correlated Element Selection protocol, it is sufficient to use a weaker notion of blindability, such as the one in [33] Aside from our main application, we also observe that blindable encryption appears to be a very convenient tool for devising efficient two party protocols ....

J. Benaloh. Dense Probabilistic Encryption. In Proc. of the Workshop on Selected Areas in Cryptography, pp. 120-128, 1994.

....corollary 6 to realize CEF. Remark. The security of the scheme relies on the secrecy of g. An additively homomorphic encryption scheme based on discrete logarithms which does not have this shortcoming i.e. which can be published, is currently under development by Lipton and Sander [8] see also [2]) Their scheme is furthermore probabilistic which significantly reduces the information leakage about the original polynomial. 4.5 Preliminary Conclusions Non interactive computing with encrypted functions is a challenge to cryptography. Although some theoretical results related to CEF were ....

J. Benaloh. Dense probabilistic encryption. In Proceedings of the Workshop on Selected Areas of Cryptography, pages 120--128, 1994.

....and an additional message m 0 , a random encryption of m m 0 can be easily computed. This should be done without knowing m or the secret key. Examples of semantically secure blindable encryption schemes (under appropriate assumptions) include GoldwasserMicali [22] ElGamal [16] and Benaloh [5]. In fact, for our Correlated Element Selection protocol, it is sufficient to use a weaker notion of blindability, such as the one in [31] Aside from our main application, we also observe that blindable encryption appears to be a very convenient tool for devising efficient twoparty protocols ....

J. Benaloh. Dense Probabilistic Encryption. In Proc. of the Workshop on Selected Areas in Cryptography, pp. 120-128, 1994.

....[46] is an example of a system that combines Byzantine fault tolerance with secret sharing to provide data privacy and integrity, specifically to protect the service s private key. One might imagine a similar approach to addressing directory name integrity, perhaps using verifiable secret sharing [4] to enforce syntax requirements. However, storing different pieces of each name on different servers complicates the design, because Byzantine replicas must be exactly identical. There has been some other research on performing operations on encrypted data. Song et al. 38] developed techniques ....

J. Benaloh, "Dense Probabilistic Encryption", Selected Areas in Cryptography '94, May 1994, pp. 120-128.

....[46] is an example of a system that combines Byzantine fault tolerance with secret sharing to provide data privacy and integrity, specifically to protect the service s private key. One might imagine a similar approach to addressing directory name integrity, perhaps using verifiable secret sharing [4] to enforce syntax requirements. However, storing different pieces of each name on different servers complicates the design, because Byzantine replicas must be exactly identical. There has been some other research on performing operations on encrypted data. Song et al. 38] developed techniques ....

J. Benaloh, "Dense Probabilistic Encryption", Selected Areas in Oyptography '94, May 1994, pp. 120-128.

No context found.

J. Benaloh, "Dense Probabilistic Encryption," Proc. Workshop Selected Areas of Cryptography, pp. 120-128, 1994.

No context found.

J. Benaloh. Dense Probabilistic Encryption. Proceedings of the Workshop on Selected Areas of Cryptography, pages 120--128, 1994.

No context found.

J. Benaloh. Dense probabilistic encryption. In Proceedings of the Workshop on Selected Areas in Cryptography 1994, pages 120--128, May 1994.

No context found.

J. Benaloh. Dense probabilistic encryption. In Workshop on Selected Areas of Cryptography, pp. 120--128, 1994.

No context found.

Benaloh J (1994) Dense probabilistic encryption. In: Proc. workshop on selected areas of cryptography, pp 120--128

No context found.

J. Benaloh. Dense probabilistic encryption. In Proceedings of the Workshop on Selected Areas of Cryptography, pages 120--128, Kingston, Ontario, May 1994.

No context found.

Josh Benaloh. Dense probabilistic encryption. In Proceedings of the Workshop on Selected Areas of Cryptography, pages 120--128, Kingston, Ontario, May 1994.

No context found.

J. Benaloh. Dense probabilistic encryption. In Proceedings of the Workshop on Selected Areas of Cryptography, pages 120--128, Kingston, ON, May 1994.

No context found.

J. Benaloh, Dense probabilistic encryption, Proc. Selected Areas of Cryptography (SAC'94), Kingston, Canada, 1994, 120--128.

No context found.

J. Benaloh. Dense Probabilistic Encryption, Proceedings of the Workshop on Selected Areas of Cryptography, pp.120-128 (1994).

No context found.

J. Benaloh. Dense probabilistic encryption. In Workshop on Selected Areas of Cryptography, pages 120--128, 1994.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC