[Moderator's Note: Top posting is discouraged. --Perry]

What I meant was that the crypogram decrypted with a correct f(I)=1 key
yields the encrypted message "Meet you at Starbucks at noon 0000000000000"
whereas decryption with a wrong, f(I)=0, key yields "Let's go down to Taco
Bell at midnight".  Padding with 0's doesn't help.

Cheers, Scott 

-----Original Message-----
[mailto:[EMAIL PROTECTED] On Behalf Of Jonathan Katz
Sent: Sunday, May 04, 2008 1:20 PM
To: cryptography@metzdowd.com
Subject: RE: New result in predicate encryption: disjunction support

On Sun, 4 May 2008, Scott Guthery wrote:

> One useful application of the Katz/Sahai/Waters work is a counter to 
> traffic analysis.  One can send the same message to everyone but 
> ensure that only a defined subset can read the message by proper key 
> management.  What is less clear is how to ensure that decrytion with 
> the wrong key doesn't yield an understandable (and actionable) message.

This is actually pretty easy to do by, e.g., padding all valid messages with
sufficiently-many 0s. Decryption with an incorrect key will result in
something "random" that is unlikely to end with the requisite number of 0s
(and so will be discarded).
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to