-----BEGIN PGP SIGNED MESSAGE-----
At 01:25 PM 5/7/00 -0400, dmolnar wrote:
...
>An "indeterministic cryptosystem" is defined there as one in which
>"equal plaintext blocks are encrypted to different ciphertext
>blocks."
...
> 1) is the term "indeterministic cryptosystem" formally
> defined anywhere?
I've seen the term ``nondeterministic cryptosystem'' or ``randomized
cryptosystem,'' which I've understood to mean cryptosystems which can
map one plaintext into some huge number of ciphertexts, all of which
may be decrypted back to the original plaintext. There may be some
nuances of definition I'm missing. Have you looked in the _Handbook
of Applied Cryptography_ or in _Applied Cryptography_? If you look
under the above two terms, I think you may find a formal definition.
(_HAC_ is more likely to have a formal definition, I think.)
...
> You might also want a cryptosystem to be
> what I call "recipient-hiding" -- a ciphertext gives
> up no information about to whom it has been encrypted.
I've seen discussion of how to do this. It's pretty easy to do with
ElGamal variants, and I think it can be done with RSA, though I don't
recall all the details. (I'm away from my books right now, in case
that's not obvious.)
>Thanks much,
>-David Molnar
- --John Kelsey, [EMAIL PROTECTED]
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.1 Int. for non-commercial use
<http://www.pgpinternational.com>
Comment: foo
iQCVAwUBORdyVyZv+/Ry/LrBAQE+owP9GfL7BzDgd2GzJng5EJ79x56acD9/hRXO
fO6wt/mBVgQhovbhj+Lfequg9PCQmvfhXdryTKoDfOIClz3nfIeGI1FDSflKg7z8
qa5R8HdpFVJ/dqsBNUoUnaznEVeSTZr+EbxGHshFavVc7RL6eaB0oGINP3bNLKFB
nKS8N2DXEnY=
=356F
-----END PGP SIGNATURE-----
