[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[freehaven-dev] Literature repository, multi-e/single-d crypto scheme

In hopes of killing the space on belegost, I added a directory where
we can store related works that may be of interest to all).  Please
find the works at:


While thinking about garlic-routing for robust(er) transfer, I was
trying to find some info about a multi-party encryption / single-party
decryption scheme.  Namely, 

  A message M is encrypted by keys {e_1 ... e_n}
  M can be decrypted by any d_i \element {d_1 ... d_n}, 
      the corresponding private keys.

Most of the work I've found (Chaum, Damgard, Desmedt, Micali, Franklin,
Ateniese, and so on) deal much more with group signature schemes and
threshold crypto.  Unfortunately, this is almost the opposite of what I
was thinking about (i.e., given some group public key and group-
generated N=pq, we require some (sub)group of {d_1 ... d_n} to
incrementally reveal the message.

I think the ideal for this scheme is that 
  1) e_1 ... e_n are distinct and do not rely on each other 
     for generation,
  2) only one private key is needed.

Maybe I'm going down the wrong path, but just some thoughts I've had...
Will talk more at meeting, mailing this in case somebody not there has
any pointers to literature / ideas...


 Michael J. Freedman

Email: mfreed@mit.edu
Web:  griffen.mit.edu
Phone:   617.225.9381