Re: How to construct such one-way key chain without hash function

laicko wrote:
In someway, I'd like the scheme could follow this condition:
E_{K_i+j}(M)= A_e( E_{K_i}{M}, j) for i,j >=0
E is the encryption algorithm, A is function, e is public known

Note that such a scheme cannot be IND-CPA secure (since it is possible for
anyone who knows the public key to detect when a message M is sent more than
once, thanks to the above equation).

If the encryption E is probabilistic, CPA secure could be hold.

No, it couldn't. I already explained why not. Consider an adversary
who requests the encryption of two plaintexts. First the adversary
requests the encryption of message M (this gets encrypted at time 1, so
it is encrypted with key K_1); then the adversary requests encryption of
the same message M (this gets encrypted with key K_2). Let C_1 and C_2
be the resulting two ciphertexts. The adversary can recognize whether
C_1 and C_2 decrypt to the same thing by checking the equation C_2 =?=
A_e(C_1, 1).

Relevant Pages

  • Re: encrypt password for webservices
    ... Requests can be multi-threaded, and some requests can even be droped if ... By associating a session with an IPrincipal object, ... > Client generates a session key and sends it to the server encrypted ... congratulations on getting a grip on security and encryption. ...
  • Re: How many people use DB encryption
    ... While I've seen and implemented some encryption on individual fields, ... not seen nor had any requests for encrypting an entire database. ... a performance penalty to your system. ...
  • Re: Encrypted network communication
    ... Bob) communicate over an insecure channel. ... This type of encryption uses a single shared, ... Secret-key encryption algorithms use a single secret key to encrypt and ... unauthorized users and a public key that can be made public to anyone. ...
  • RE: PGP scripting...
    ... cryptosystems, ... In these systems divulging your private key compromises the public ... Here is a quick over view of the public key encryption routines (the ...
  • Re: dhRichclient3 CRpcListener Authentication & Encryption Questions/Thoughts.
    ... If the clientside Encryption-property ... encryption) credentials server. ... and public key of the business server (in an encrypted ...