From: cvs@openprivacy.orgCVS update: openprivacy/htdocs/notes
Date: Saturday March 3, 19101 @ 0:20
Author: fen
CVSWEB Options: -------------------
Main CVSWeb: http://openprivacy.org/cgi-bin/cvsweb/cvsweb.cgi
View this module: http://openprivacy.org/cgi-bin/cvsweb/cvsweb.cgi/openprivacy/htdocs/notes
-----------------------------------
Update of /usr/local/cvs/public/openprivacy/htdocs/notes
In directory giga:/home/fen/projects/openprivacy/htdocs/notes
Modified Files:
crypto-siblings.txt
Log Message:
answer: el gamal
*****************************************************************
File: openprivacy/htdocs/notes/crypto-siblings.txt
CVSWEB Options: -------------------
CVSWeb: Annotate this file: http://openprivacy.org/cgi-bin/cvsweb/cvsweb.cgi/openprivacy/htdocs/notes/crypto-siblings.txt?annotate=1.2
CVSWeb: View this file: http://openprivacy.org/cgi-bin/cvsweb/cvsweb.cgi/openprivacy/htdocs/notes/crypto-siblings.txt?rev=1.2&content-type=text/x-cvsweb-markup
CVSWeb: Diff to previous version: http://openprivacy.org/cgi-bin/cvsweb/cvsweb.cgi/openprivacy/htdocs/notes/crypto-siblings.txt.diff?r1=1.2&r2=1.1
-----------------------------------
Index: openprivacy/htdocs/notes/crypto-siblings.txt
diff -u openprivacy/htdocs/notes/crypto-siblings.txt:1.1 openprivacy/htdocs/notes/crypto-siblings.txt:1.2
--- openprivacy/htdocs/notes/crypto-siblings.txt:1.1 Fri Mar 2 23:22:37 2001
+++ openprivacy/htdocs/notes/crypto-siblings.txt Sat Mar 3 00:20:59 2001
@@ -51,3 +51,67 @@
Further, anonymous proof of connection should be possible.
Any ideas or pointers will be most gratefully accepted.
+
+---
+
+From: Benjamin Goldberg <goldbb2@earthlink.net>
+Subject: Re: beyond "group signatures": how to prove sibling relationships?
+Newsgroups: sci.crypt
+Date: Sat, 03 Mar 2001 06:37:06 GMT
+Organization: EarthLink Inc. -- http://www.EarthLink.net
+Path: sn-us!sn-xit-02!supernews.com!nntp-relay.ihug.net!ihug.co.nz!feeder.via.net!newsfeed1.earthlink.net!newsfeed2.earthlink.net!newsfeed.earthlink.net!newsmaster1.prod.itd.earthlink.net!newsread1.prod.itd.earthlink.net.POSTED!not-for-mail
+Message-ID: <3AA0917B.33CF1999@earthlink.net>
+X-Mailer: Mozilla 4.04 [en] (Win95; I)
+MIME-Version: 1.0
+References: <87lmqng0ff.fsf@openprivacy.org>
+Content-Type: text/plain; charset=us-ascii
+Content-Transfer-Encoding: 7bit
+Lines: 42
+NNTP-Posting-Host: 209.246.85.208
+X-Complaints-To: abuse@earthlink.net
+X-Trace: newsread1.prod.itd.earthlink.net 983601426 209.246.85.208 (Fri, 02 Mar 2001 22:37:06 PST)
+NNTP-Posting-Date: Fri, 02 Mar 2001 22:37:06 PST
+Xref: sn-us sci.crypt:166500
+
+I'm not sure if this is quite what you want, but what about ElGamal type
+PK systems? Either ECC, or DH.
+
+ECC/ElGamal encryption works as follows:
+Common to both parts:
+some curve with many points on it. The more, the merrier :)
+The private key
+a = a random integer
+The public key:
+P = a random point
+Q = aP
+Encrypt:
+r = a random integer
+ct = (rP,rQ + pt)
+Decrypt:
+pt = ct[1] - a*ct[0]
+
+Call a, T, and call (Pi,Qi), (Pj,Qj), Ci and Cj.
+
+As many public keys as desired can be created from one private key.
+They could be considered siblings.
+
+AFAIKS, (1) and (2) are fulfilled.
+
+(3) It is possible to prove that T is the parent of Ci, simply by
+encrypting a random nonce with Ci, and decrypting with T, and sending
+the nonce back to the holder of the Ci.
+
+(4) To learn that Ci and Cj are siblings, with the help of T:
+r0 = a random number
+r1 = a random point
+ct = (r0(Pi+Pj), r0(Qi+Qj)+r1)
+Ask T to decrypt this.
+T sends back a plaintext, which has the value r1 iff Ci and Cj are
+siblings.
+
+I think that (4b) is also fulfilled, but I'm not certain what is mean by
+anonymously, in (4a).
+
+--
+The difference between theory and practice is that in theory, theory and
+practice are identical, but in practice, they are not.
This archive was generated by hypermail 2b30 : Sat Mar 03 2001 - 00:21:00 PST