[cryptography] Homomorphic split-key encryption OR snake oil crypto

Natanael natanael.l at gmail.com
Sun Feb 19 16:40:57 EST 2012


There are multiparty computation too, but that's a bit different since it's
essentially an encrypted VM where everybody runs one part. It could do the
same thing without a snigle trusted party, though.

On Sun, Feb 19, 2012 at 22:34, James A. Donald <jamesd at echeque.com> wrote:

> On 2012-02-20 2:08 AM, Florian Weimer wrote:
> >> Can somebody explain me how this so-called Homomorphic split-key
> >> encryption works?
>
> Homomorphic means you combine the keys without finding out the key that
> you are combining - Everyone gives you an encrypted copy of their key
> fragment, and when you are done, you have an encrypted copy of the combined
> key.
>
>
>
> > Isn't this just a protocal which performs a cryptographic primitive
> > using split key material, without actually recombining the keys?
> > (Traditional Shamir secret sharing needs a trust party for key
> > recombination.)
> >
> > If yes, you might want to look for "RSA Threshold Cryptography" and
> > similar work.
>
> My understanding is that RSA Threshold always requires a "trusted" party,
> which makes it useless.  If you have a party that is actually trusted, just
> let him count the votes or whatever.  The cryptography does not do you any
> good.
>
> The only protocol that I am aware of that performs cryptographic
> operations on a split key with needing a trusted party,  uses Gap Diffie
> Hellman groups.
>
> All known Gap Diffie Hellman Groups consist of an elliptic curve which
> supports a bilinear pairing from the curve to integers modulo some large
> prime.
>
> ______________________________**_________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/**mailman/listinfo/cryptography<http://lists.randombit.net/mailman/listinfo/cryptography>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20120219/60815247/attachment.html>


More information about the cryptography mailing list