[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[seph@MIT.EDU: Re: [freehaven-dev] universally verifiable secret sharing]




Yes, you're right.  Excellent.  The document is identified by the
public key that is used to sign the pieces.  Pieces not signed by that
key don't belong to the corresponding document.  The retrieval process
takes as input the public key and retrieves all the parts signed by
that public key.

	Cheers,
	Ron


------- Start of forwarded message -------
To: freehaven-dev@seul.org
Subject: Re: [freehaven-dev] universally verifiable secret sharing 
In-Reply-To: Your message of "Thu, 27 Jan 2000 14:32:23 EST."
             <Pine.OSF.4.05.10001271038030.30918-100000@hcs.harvard.edu> 
Date: Thu, 27 Jan 2000 16:10:06 -0500
From: Joseph Sokol-Margolis <seph@MIT.EDU>
Sender: owner-freehaven-dev@seul.org
Reply-To: freehaven-dev@seul.org
X-To-Get-Off-This-List: mail majordomo@seul.org, body unsubscribe freehaven-dev

> * universal verification : _anyone_, not just the parties involved
> 	                  in the original sharing, can verify 
>                           whether a given share is "valid." 

In the system Roger and talked about, this was mostly done. Each piece
of data contained, in addition to the data, the owner (a mix-net
address), a public key, and a signiture.

This reduces the problem of verfication to verification that the key
contained is the correct one. You could further reduce it, by not
containing a public key, and assuming pk servers. (though this has the
disadvantage of limiting each mix address to a given key)

seph
------- End of forwarded message -------