STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
A key distribution system equivalent to factoring
Journal of Cryptology
Society and Group Oriented Cryptography: A New Concept
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Cryptographic Computation: Secure Faut-Tolerant Protocols and the Public-Key Model
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
How to Solve any Protocol Problem - An Efficiency Improvement
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Multiparty Computations Ensuring Privacy of Each Party's Input and Correctness of the Result
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
How to generate and exchange secrets
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
Hi-index | 0.00 |
This paper connects two areas of recent cryptographic research: secure distributed computation, and group-oriented cryptography. We construct a probabilistic public-key encryption scheme with the following properties: - It is easy to encrypt using the public keys of any subset of parties, such that it is hard to decrypt without the cooperation of every party in the subset. - It is easy for any private key holder to give a "witness" of its contribution to the decryption (e.g., for parallel decryption). - It is "blindable": From an encrypted bit it is easy for anyone to compute a uniformly random encryption of the same bit. - It is "xor-homomorpbic": From two encrypted bits it is easy for anyone to compute an encryption of their xor. - It is "compact": The size of an encryption does not depend on the number of participants.Using this joint encryption scheme as a tool, we show how to reduce the message complexity of secure computation versus a passive adversary (gossiping faults).