On Sun, 7 May 2000, dmolnar wrote:
>
> Hi,
>
> I came across the term "indeterministic cryptosystem" while
> reading the paper "MIXes in Mobile Communications Systems : Location
> Management with Privacy" by Federrath, Jerichow, and A. Pfitzmann.
> http://www.semper.org/sirene/lit/abstr96.html#FeJP1_96
I think "indeterministic cryptosystem" is just a cumbersome rewording of
the idea of probabilistic cryptosystems. And about mixnetworks, see the
publications of Markus Jakobsson.
May be the simplest idea to grasp is millimix, where the ciphertexts are
maintained in alphabetic order, and then mixed by several independent
mixservers. Every mixserver reencrypted the ciphertexts and then resorted
the list. He also proved in ZK that the reencryption was done correctly.
Now if at least one mixserver is honest, complete anonymity is guaranteed
(by anonymity I mean that seeing the output of the last mixserver, nobody
http://lpcs.math.msu.ru/~pentus/http://lpcs.math.msu.ru/~pentus/http://lpcs.math.msu.ru/~pentus/can
bind even a single ciphertext with the original encrypter of it).
Helger
