[cryptography] Homomorphic split-key encryption OR snake oil crypto

Ali, Saqib docbook.xml at gmail.com
Sun Feb 19 16:55:20 EST 2012

Hi James,

I am still not sure why you need homomorphism in this case. What is
the benefit of using homomorphism to porticor's customer, for example?


On Sun, Feb 19, 2012 at 1:34 PM, James A. Donald <jamesd at echeque.com> wrote:
> On 2012-02-20 2:08 AM, Florian Weimer wrote:
>>> Can somebody explain me how this so-called Homomorphic split-key
>>> encryption works?
> Homomorphic means you combine the keys without finding out the key that you
> are combining - Everyone gives you an encrypted copy of their key fragment,
> and when you are done, you have an encrypted copy of the combined key.
>> Isn't this just a protocal which performs a cryptographic primitive
>> using split key material, without actually recombining the keys?
>> (Traditional Shamir secret sharing needs a trust party for key
>> recombination.)
>> If yes, you might want to look for "RSA Threshold Cryptography" and
>> similar work.
> My understanding is that RSA Threshold always requires a "trusted" party,
> which makes it useless.  If you have a party that is actually trusted, just
> let him count the votes or whatever.  The cryptography does not do you any
> good.
> The only protocol that I am aware of that performs cryptographic operations
> on a split key with needing a trusted party,  uses Gap Diffie Hellman
> groups.
> All known Gap Diffie Hellman Groups consist of an elliptic curve which
> supports a bilinear pairing from the curve to integers modulo some large
> prime.
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography

More information about the cryptography mailing list