Bodo Moeller wrote: > The Pohlig-Hellman cipher is the modular scheme that you describe, but > observe there is a connection to the protocol above: that protocol > works only if encryption and decryption has a certain commutativity > property (decrypting B(A(M)) with key A must leave B(M), not > just some A^-1(B(A(M))) that might look entirely different), and > the Pohlig-Hellman cipher has this property.
A useful property for all sorts of things. I'm using P-H to improve Golle et al's universal encryption methods, http://www.zenadsl6186.zen.co.uk/ICURpaper3.pdf but it's a pity that Pohlig-Hellman is still slow, and that there isn't a faster algorithm with similar properties. There's lots of potential uses for one of those :) -- Peter Fairbrother --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
