Forward-secure public-key encryption eprint
dmolnar
dmolnar at hcs.harvard.edu
Tue May 28 09:35:38 PDT 2002
Forward-secure public-key encryption has been discussed here, on
sci.crypt, and elsewhere. To recap - the goal is that an adversary who
breaks into your computer today can't read messages sent/received
yesterday. In the interactive case, you use ephermal Diffie-Hellman. The
non-interactive case is more complicated and has had some ideas considered
by Ross Anderson, Adam Back, and David Hopwood (among others). Cypherpunks
relevance: forward security is nice for remailers.
Anyway, there's a new eprint up which shows how to construct such a scheme
starting from an ID-based encryption scheme by Boneh + Franklin.
"A Forward-Secure Public-Key Encryption Scheme"
Jonathan Katz
http://eprint.iacr.org/2002/060/
It's worth noting that the scheme this is based on has code available.
http://crypto.stanford.edu/ibe/download.html
-David
More information about the cypherpunks-legacy
mailing list