[Moderator's Note: Top posting is discouraged. --Perry]
What I meant was that the crypogram decrypted with a correct f(I)=1 key yields the encrypted message "Meet you at Starbucks at noon 0000000000000" whereas decryption with a wrong, f(I)=0, key yields "Let's go down to Taco Bell at midnight". Padding with 0's doesn't help. Cheers, Scott -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jonathan Katz Sent: Sunday, May 04, 2008 1:20 PM To: cryptography@metzdowd.com Subject: RE: New result in predicate encryption: disjunction support On Sun, 4 May 2008, Scott Guthery wrote: > One useful application of the Katz/Sahai/Waters work is a counter to > traffic analysis. One can send the same message to everyone but > ensure that only a defined subset can read the message by proper key > management. What is less clear is how to ensure that decrytion with > the wrong key doesn't yield an understandable (and actionable) message. This is actually pretty easy to do by, e.g., padding all valid messages with sufficiently-many 0s. Decryption with an incorrect key will result in something "random" that is unlikely to end with the requisite number of 0s (and so will be discarded). --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]