#### DMCA

## Progress on Probabilistic Encryption Schemes by (2006)

### Citations

1379 | S: Probabilistic encryption - Goldwasser, Micali - 1984 |

1006 | Public-Key Cryptosystems Based on Composite Degree Residuosity Classes
- Paillier
(Show Context)
Citation Context ... from the original Goldwasser-Micali scheme, which first defined the idea of probabilistic cryptography. These schemes are all based on finding the discrete log with very high residuosity classes. In =-=[14]-=-, the author mentions how these probabilistic schemes evolved from GoldwasserMicali in varying degrees: Benaloh’s scheme [3], Naccache and Stern scheme [11], Okamoto and Uchiyama scheme [12], Paillier... |

896 | Cryptography - Theory and Practice - Stinson - 1995 |

207 | A New Public-key Cryptosystem as Secure as Factoring.
- Okamoto, Uchiyama
- 1998
(Show Context)
Citation Context ...asses. In [14], the author mentions how these probabilistic schemes evolved from GoldwasserMicali in varying degrees: Benaloh’s scheme [3], Naccache and Stern scheme [11], Okamoto and Uchiyama scheme =-=[12]-=-, Paillier’s scheme which I discuss, and Damg˚ard-Jurik’s system [7] which I also discuss. Schemes not possessing this lineage don’t have this distinction but may still have the necessary characterist... |

157 |
Introduction to Cryptography with Coding Theory (2nd edn
- Trappe, Washington
- 2005
(Show Context)
Citation Context ...e majority of the work is computing the value x0 from the private key values p and q and the value xt+1. The way we know this works starts with the fact that x p−1 2 t of Fermat’s Little Theorem (see =-=[16]-=-) which states: Theorem 1 If p is a prime and p does not divide a, then a p−1 ≡ 1 mod p. ≡ 1. This is true because This works in our case because xt is a quadratic residue so we know x 1 2 t exists an... |

131 |
An efficient probabilistic public-key encryption scheme which hides all partial information
- Blum, Goldwasser
- 1985
(Show Context)
Citation Context ...al for normal encryption than this one. 6 Blum-Goldwasser Scheme 6.1 History After the Goldwasser-Micali scheme came the Blum-Goldwasser scheme in 1985, which is based on the Blum-Blum-Shub generator =-=[4]-=-. The Blum-Goldwasser scheme is comparable in speed to another public key scheme, RSA. With this in mind, it does seem possible that this scheme may have potential to be studied and used in applicatio... |

42 | A new public-key cryptosystem - Naccache, Stern - 1997 |

40 |
A Generalisation, a Simplification and some
- Damg˚ard, Jurik
(Show Context)
Citation Context ...he current implementation seems a bit slow. I will show the results from my own testing later on and compare it with other schemes. 8 Damg˚ard-Jurik Scheme 8.1 History The Damg˚ard-Jurik cryptosystem =-=[5]-=- was first introduced just after Paillier’s in 2000. Damg˚ard-Jurik is really just a modification to Paillier’s system that allows a user to increase the size of the encrypted value. Due to its nature... |

24 |
Totient Function,
- Weisstein
- 1999
(Show Context)
Citation Context ...unction is the Carmichael function, which seems much less known and is generally denoted as λ(n) or just λ with the n assumed. The function is defined as follows with some interesting properties [18] =-=[19]-=-: Definition 5 For n the product of two primes p and q, λ(n) = lcm(p − 1, q − 1). For any w ∈ Z ∗ n 2, w λ = 1 mod n and w λn = 1 mod n 2 . We can now talk about the framework that will be used for en... |

12 | Extensions to the paillier cryptosystem with applications to cryptological protocols
- Jurik
- 2003
(Show Context)
Citation Context ...volved from GoldwasserMicali in varying degrees: Benaloh’s scheme [3], Naccache and Stern scheme [11], Okamoto and Uchiyama scheme [12], Paillier’s scheme which I discuss, and Damg˚ard-Jurik’s system =-=[7]-=- which I also discuss. Schemes not possessing this lineage don’t have this distinction but may still have the necessary characteristics. When looking for probabilistic characteristics, keep in mind th... |

10 |
Cohen Benaloh. Verifiable secret-ballot elections
- Daniel
- 1987
(Show Context)
Citation Context ...l based on finding the discrete log with very high residuosity classes. In [14], the author mentions how these probabilistic schemes evolved from GoldwasserMicali in varying degrees: Benaloh’s scheme =-=[3]-=-, Naccache and Stern scheme [11], Okamoto and Uchiyama scheme [12], Paillier’s scheme which I discuss, and Damg˚ard-Jurik’s system [7] which I also discuss. Schemes not possessing this lineage don’t h... |

7 |
Carmichael’s Theorem
- Weisstein
(Show Context)
Citation Context ...ond function is the Carmichael function, which seems much less known and is generally denoted as λ(n) or just λ with the n assumed. The function is defined as follows with some interesting properties =-=[18]-=- [19]: Definition 5 For n the product of two primes p and q, λ(n) = lcm(p − 1, q − 1). For any w ∈ Z ∗ n 2, w λ = 1 mod n and w λn = 1 mod n 2 . We can now talk about the framework that will be used f... |

5 |
Java cryptography. O’Reilly &
- Knudsen
- 1998
(Show Context)
Citation Context ...tography schemes independent and flexible, I used the Java Cryptography Extension (JCE) as the framework for my software. The JCE contains a framework for building cryptography schemes and tools (see =-=[8]-=-, [17]). Some of the schemes and tools are already implemented and ready for use, but one can also create their own. This allowed me to create my own encryption software, while also using an establish... |

3 |
Java Cryptograghy Extensions, Practical Guide for Programmers
- Weiss
- 2004
(Show Context)
Citation Context ...phy schemes independent and flexible, I used the Java Cryptography Extension (JCE) as the framework for my software. The JCE contains a framework for building cryptography schemes and tools (see [8], =-=[17]-=-). Some of the schemes and tools are already implemented and ready for use, but one can also create their own. This allowed me to create my own encryption software, while also using an established imp... |

3 |
On Probabilistic Encryption and Semantic Security, Modern Cryptography, Theory & Practice
- Wenbo
- 2004
(Show Context)
Citation Context ... first to be semantically secure, if not the first. Semantic security is defined as the ciphertext not giving any useful information about the plaintext in polynomial time, except possibly the length =-=[20]-=-. This scheme introduced some new ideas, that helped to inspire a new line of probabilistic schemes. In fact, the Paillier scheme seems to have emerged from this line. Although it is significant for t... |

1 |
Cryptosystem, http://en.wikipedia.org/wiki/Paillier cryptosystem
- Anonymous
- 2006
(Show Context)
Citation Context ... circumstances and is easily computed. In fact, Paillier uses this value in his proofs. It also seems more recent sources have dropped the value of g altogether and simply replaced it with 1 + n (see =-=[1]-=-). As we will see, all good values of g are equivalent, so it makes great sense to remain with 1 + n which always works. The explanation above describing all values of β may be unnecessary. Rest assur... |

1 | Random Self-reducibility, http://en.wikipedia.org/wiki/Random Self-reducibility - Anonymous - 2006 |

1 | Symmetric Private Information Retrieval via Additive Homomorphic Probabilistic Encryption, http://www.cs.rit.edu/˜lbl6598/thesis/Lincoln Full Document.pdf
- Lincoln
- 2006
(Show Context)
Citation Context ...years of scrutiny before a new cryptosystem becomes practical and trusted. I am starting to see it used in newer protocols for electronic cash, electronic voting [1] and Private Information Retrieval =-=[9]-=-. These protocols need the additively homomorphic 27sproperties that are not common in cryptosystems. To my understanding these things are still being researched but there is much interest and they co... |