[viff-devel] Paillier based two player runtime (was: [PATCH 0 of 4] Insecure ElGamal based two player runtime)
Martin Geisler
mg at daimi.au.dk
Thu Jun 26 06:34:02 PDT 2008
"Claudio Orlandi" <orlandi at daimi.au.dk> writes:
Hi Claudio
> if you are interested just in passive security for the 2 party case
> you can implement the following protocol for multiplication.
Excellent, thank you! I'm basically interested in anything we can come
up with :-)
I have posted an implemented here:
http://thread.gmane.org/gmane.comp.cryptography.viff.patches/7
It seems to work in the limited testing I have done... The runtime
does multiplication and addition, so the comparison protocol(s) might
even work, but I haven't tested this yet.
> Converting this simple protocol to the active case is harder than
> expected, and I'm working on it right now.
Great, I'm looking forward to it! :-)
> I don't think that the ElGamal case is that interesting, as it
> basically the parties could simply send to each other a,b, and they
> will get the same result and security (none) in less time :)
You're right! I first wrote code that used the Paillier code Mikkel
had written -- then I realized the problem with the players doing
computations in different fields. That was when I switched to ElGamal,
only to then realize that it was insecure...
--
Martin Geisler
More information about the viff-devel
mailing list