[Moderator's Note: Top posting is discouraged. --Perry]

What I meant was that the crypogram decrypted with a correct f(I)=1 key
yields the encrypted message "Meet you at Starbucks at noon 0000000000000"
whereas decryption with a wrong, f(I)=0, key yields "Let's go down to Taco
Bell at midnight".  Padding with 0's doesn't help.

Cheers, Scott 

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jonathan Katz
Sent: Sunday, May 04, 2008 1:20 PM
To: cryptography@metzdowd.com
Subject: RE: New result in predicate encryption: disjunction support

On Sun, 4 May 2008, Scott Guthery wrote:

> One useful application of the Katz/Sahai/Waters work is a counter to 
> traffic analysis.  One can send the same message to everyone but 
> ensure that only a defined subset can read the message by proper key 
> management.  What is less clear is how to ensure that decrytion with 
> the wrong key doesn't yield an understandable (and actionable) message.

This is actually pretty easy to do by, e.g., padding all valid messages with
sufficiently-many 0s. Decryption with an incorrect key will result in
something "random" that is unlikely to end with the requisite number of 0s
(and so will be discarded).
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to