|
Posted by Valery Pryamikov on July 11, 2006, 5:26 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hi,
H(m,c) = H(m)+H(c) is apparently notation for homomorphic encryption,
where + is placeholder for group operation (Google for homomorphic
encryption and you'll find tons of resources).
both raw RSA and raw ElGammal has homomorphic properties - eg. with raw
RSA (no padding)
e(m*c) = e(m)*e(c)
Example of another homomorphic cryptosystem is Pailier cryptosystem
that is often used for electronic voting, because it is homomorphic to
addition
(i.e.)
e(m+c) = e(m)+e(c)
cryptographic hash is a combination of compression function with
padding. If we only speak of compression function than it is also kind
of "homomorphic" to the message expansion, i.e. if you take compression
function and feed it with concatenation of two blocks, it is the same
as sequential application of compression function to the first and the
second blocks.
But as I wrote it already - cryptographic hash is a combination of
compression function with padding, and when compression function is
used together with f.e. Merkle-Damgaard construction/padding, we are
guaranteed against this (otherwise hash would be totally broken for
cryptographic purposes)
-Valery.
http://www.harper.no/valery
P.S. regarding "e(m*c) = e(m)*e(c)" - we all know that e=m*c^2 ;-)
Vipul Pathak wrote:
> Sorry for posting this purely theoritical question in this forum. Members
> may say that this question better suited to be posted in any other
> newsgroups. Since, I am not clear where exactly to post this question, and
> this forum also deals with security, I have posted it here. With a thought,
> that many members must be knowing in details of Hashing algorithm they use,
> here goes the question:
>
> I was asked a question in B-Level exams for Network security. Long after 6
> months, the question still remain unanswered to me. I am very interested for
> getting answer for this question. Can you please elaborate on this ?
>
> -------------------
> Consider the random cipher model with random variables M, C and K for plain
> text, cipher text and key, respectively. Give an interpretation in
> cryptographic terms of this equation:
> H(M,C) = H(M) + H(C)
>
> Also specify an example of a cryptosystem, which has this property.
> -------------------
>
> As far as I know, this is computing Hash of M and C separately and
> cancatinating them. Also, it claims that when a Hash is computed with M and
> C (combined), it is same as the cancatination. Is it possible given the
> rules of strong hash functions?
>
> Anyway, the above was my Interpretation, please let me know the Experts
> comments on this.
>
> Thanks,
>
> *(Vipul)() ;
| 
XML site map