On Fri, 12 May 2000, Helger Lipmaa wrote:
> On Tue, 9 May 2000, Brian Hurt wrote:
>
> AC is not a bible!
Agreed (although I do think it is a very good book). The original poster
had suggested to look for information in either AC or the HAC- and, since
I didn't remember reading about it in AC, I intended to imply you'd
probably have better luck with HAC. I did not mean to imply anything
else.
>
> To achieve even elementary security properties (like semantic security,
> not to talk about cryptosystems secure against chosen ciphertext attacks),
> a cryptosystem has to be probabilistic. PRobably the best known prob. CS
> is ElGamal, where a message m is encrypted to (mh^r,g^r), where g is a
> group element, h=g^x for some g, x is secret key, h is public key, and r
> is a newly generated random element. ElGamal can be applied over arbitrary
> group G; it can proven that ElGamal is semantically secure in so called
> generic model (where G is an ideal group). Practical instantiation where G
> is an elliptic curve group is usually called ECC.
This is the point where I admit I misunderstood what the original subject
was about, apologize, and shut up.
Brian
