I don't see why you'd want split keys when it's already homomorphic. What would be the additional gain of that? Unless they need half the key to do the homomorphic computations.
Also, homomorphic encryption and computation is usually slow. VERY slow. On Sun, Feb 19, 2012 at 17:22, Nico Williams <n...@cryptonector.com> wrote: > On Sun, Feb 19, 2012 at 10:08 AM, Florian Weimer <f...@deneb.enyo.de> wrote: > > * Saqib Ali: > > > >> Can somebody explain me how this so-called Homomorphic split-key > >> encryption works? > > > > Isn't this just a protocal which performs a cryptographic primitive > > using split key material, without actually recombining the keys? > > (Traditional Shamir secret sharing needs a trust party for key > > recombination.) > > The key part is the homomorphism. ISTR this from a few years ago, and > I see wikipedia has an OK article on the subject: > > > http://en.wikipedia.org/wiki/Homomorphic_encryption#Fully_homomorphic_encryption > > The idea is that you could even write an entire program this way, > which allows you to run it on untrusted systems without leaking the > program or data to those systems. It seems unlikely to get deployed > anytime soon. > > Nico > -- > _______________________________________________ > cryptography mailing list > cryptography@randombit.net > http://lists.randombit.net/mailman/listinfo/cryptography >
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
