Re: Truncated multiplication (is it secure???)

Sebastian Gottschalk <seppi@xxxxxxxxx> (07-03-25 23:06:15):

I just wondered why you focussed so much on inverting the
function. For serious protocols like DH, one has focussed on proving
that all other attacks (like combining the intercepted values in a
clever way) can be reduced on the hardness of the inversion of the
function. If this wouldn't be the case, the inverting the function
should be the hardest of all possible approaches.

I'm always looking for clear definitions. Given an operation that is
commutative, associative and (as I know now) not idempotent, with
operands and result statistically unrelated, can't it be used to create
a secure key exchange right away?

What I liked about XEVRON is the idea to reduce the result of the
multiplication in such a way that it's hard to invert it. Its
definition is badly flawed, the scheme is insecure, but still the
original idea isn't that bad.


Regards,
E.S.


--
From the fact that this CGI program has been written in Haskell, it
follows naturally that this CGI program is perfectly secure.
.

Relevant Pages

  • Re: Truncated multiplication (is it secure???)
    ... create a secure key exchange right away? ... but it has shown to be insecure in that particular case. ... From the fact that this CGI program has been written in Haskell, ...
    (sci.crypt)
  • Re: Truncated multiplication (is it secure???)
    ... is commutative, associative and not idempotent, with ... operands and result statistically unrelated, ... create a secure key exchange right away? ... From the fact that this CGI program has been written in Haskell, ...
    (sci.crypt)