Forward-secure public-key encryption eprint

dmolnar dmolnar at
Tue May 28 09:35:38 PDT 2002

Forward-secure public-key encryption has been discussed here, on
sci.crypt, and elsewhere. To recap - the goal is that an adversary who
breaks into your computer today can't read messages sent/received
yesterday. In the interactive case, you use ephermal Diffie-Hellman. The
non-interactive case is more complicated and has had some ideas considered
by Ross Anderson, Adam Back, and David Hopwood (among others). Cypherpunks
relevance: forward security is nice for remailers.

Anyway, there's a new eprint up which shows how to construct such a scheme
starting from an ID-based encryption scheme by Boneh + Franklin.

"A Forward-Secure Public-Key Encryption Scheme"
Jonathan Katz

It's worth noting that the scheme this is based on has code available.


More information about the cypherpunks-legacy mailing list