With apologies for the lazy language...since there can be multiple numbers in the encryption space that map back to the same plain text number, can I simply think of this as a way that one of the encryption values is 'selected' during the encrypt process?
Taking my simple example, if I encrypt E() and decrypt D() the following to test the homomorphic properties: E(5 + 7) mod N = 208 D(E(5) * E(7) mod N^2) = D(19) hmm, but D(19) = D(208) = 12 so we are all good. Regards, Tim (hoping to get to some PIR soon!) On 21/09/16 13:25, Ellison Anne Williams wrote: > Ah, the math-magic of semantic encryption... :) (re: random zeta) > > We can certainly walk through the proof of the semantic encryption (the > random zeta) as it is quite mathematically beautiful, but it will take us > even further down the algebraic path. > > On Wed, Sep 21, 2016 at 8:19 AM, Tim Ellison <[email protected]> wrote: > >> On 19/09/16 18:36, Walter Ray-Dulany wrote: >> <snip/> >>> Let's see what we've got. >>> >>> ( (16**12)*(7**15) ) mod 225 = 208. >>> >>> I will leave it as an exercise to check that the decryption of 208 is in >>> fact 12. >> >> I like a challenge :-) >> >> So we got to p=3, q=5, and my encrypted value c=208. >> >> Following the Wideskies Pallier decryption algorithm, >> Step (2): >> N = p * q >> = 15 >> >> lambda(N) = lcm(p-1,q-1) >> = 4 >> >> Step (3): >> mu = lambda(N) modinverse N >> = 4 >> >> Step (4): >> c' = c^lambda(N) mod N^2 >> = 208^4 mod 225 >> = 46 >> >> Step(5): >> m' = L(c') >> = ((c' - 1) / N) mod N >> = (45 / 15) mod 15 >> = 3 >> >> Step(6): >> m = (m' * mu) mod N >> = 12 >> >> yay! >> >> The fog is slowly clearing, though I'm totally baffled about how I can >> pick a random zeta during encryption, and it plays no part in the >> decryption. >> >> Regards, >> Tim >> >
