Ali, Saqib wrote:
A new protocol aims to protect privacy while allowing organizations to
share valuable information:

Any links to the actual protocol itself?  The article is a little
vague on details.  Thanks.

I did not see any discussion of the application that compares the
two encrypted objects.  Assuming the application has to decrypt it
(or there would be no point in sending the secret-key to the other
party), what prevents the application developer from writing out
the plaintext once decrypted?

Would it not have been simpler to just send out the database with
message-digests of the names?  All one party would have to do is
indicate the layout of the plaintext and the digest algorithm.
The other party would then digest their own database and compare
digested records.  There would be no need to send out secret-keys
and no possibility of someone writing out plaintext when comparing
decrypted objects.

Am I missing something?

Arshad Noor
StrongAuth, Inc.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to

Reply via email to