With apologies for the lazy language...since there can be multiple
numbers in the encryption space that map back to the same plain text
number, can I simply think of this as a way that one of the encryption
values is 'selected' during the encrypt process?

Taking my simple example, if I encrypt E() and decrypt D() the following
to test the homomorphic properties:

E(5 + 7) mod N = 208
D(E(5) * E(7) mod N^2) = D(19)

hmm, but D(19) = D(208) = 12 so we are all good.

Regards,
Tim (hoping to get to some PIR soon!)

On 21/09/16 13:25, Ellison Anne Williams wrote:
> Ah, the math-magic of semantic encryption... :) (re: random zeta)
> 
> We can certainly walk through the proof of the semantic encryption (the
> random zeta) as it is quite mathematically beautiful, but it will take us
> even further down the algebraic path.
> 
> On Wed, Sep 21, 2016 at 8:19 AM, Tim Ellison <t.p.elli...@gmail.com> wrote:
> 
>> On 19/09/16 18:36, Walter Ray-Dulany wrote:
>> <snip/>
>>> Let's see what we've got.
>>>
>>> ( (16**12)*(7**15) ) mod 225 = 208.
>>>
>>> I will leave it as an exercise to check that the decryption of 208 is in
>>> fact 12.
>>
>> I like a challenge :-)
>>
>> So we got to p=3, q=5, and my encrypted value c=208.
>>
>> Following the Wideskies Pallier decryption algorithm,
>> Step (2):
>> N = p * q
>>   = 15
>>
>> lambda(N) = lcm(p-1,q-1)
>>           = 4
>>
>> Step (3):
>> mu = lambda(N) modinverse N
>>    = 4
>>
>> Step (4):
>> c' = c^lambda(N) mod N^2
>>    = 208^4 mod 225
>>    = 46
>>
>> Step(5):
>> m' = L(c')
>>    = ((c' - 1) / N) mod N
>>    = (45 / 15) mod 15
>>    = 3
>>
>> Step(6):
>> m = (m' * mu) mod N
>>   = 12
>>
>> yay!
>>
>> The fog is slowly clearing, though I'm totally baffled about how I can
>> pick a random zeta during encryption, and it plays no part in the
>> decryption.
>>
>> Regards,
>> Tim
>>
> 

Reply via email to