We revisit the notion of additively homomorphic encryption with a double decryption mechanism (DD-PKE), which allows for additions in the encrypted domain while having a master decryption procedure that can decrypt all properly formed ciphertexts by using a special master secret. This type of encryption is generally considered as a practical way to enforce access control in hierachical organisations where some form of malleability properties are required. Up to now, only two additively homomorphic DD-PKE schemes have been proposed: CS-Lite by Cramer and Shoup (Eurocrypt 2002), and a variant called BCP by Bresson, Catalano and Pointcheval (Asiacrypt 2003).In this work, we argue that the two existing schemes only provide partial solutions for hierarchical organisations. Essentially, this is due to the fact that the master authority, being in possession of the master secret, has no control on the validity of given ciphertexts. We say that the master is unable to "detect invalid ciphertexts", which limits the employment of such schemes in practice. Therefore, we propose the first additively homomorphic DD-PKE scheme which allows the master to detect invalid ciphertexts. In fact, our scheme has the additional property that the master decryption is independent of the users' public keys. Our solution is based on elliptic curves over rings and we prove it to be semantically secure under a DDH-related assumption. Moreover, we give experimental results on the choice of elliptic curves and their effect on the efficiency of our scheme's setup.
Abstract. In this note we extend the theory of twists of elliptic curves as presented in various standard texts for characteristic not equal to two or three to the remaining characteristics. For this, we make explicit use of the correspondence between the twists and the Galois cohomology setThe results are illustrated by examples.
Abstract“Solve puzzles for science” – so heißt es in der Ankündigung von “Foldit”. In diesem experimentellen Onlinespiel mit wissenschaftlichem Anspruch werden Aminosäureketten durch verschiedene Werkzeuge in die optimale dreidimensionale Proteinform gefaltet, gerüttelt, gedreht und gebunden. Im Wettbewerb mit anderen Internet‐Spielern kann das “Daddeln” auch der Wissenschaft nützen, sobald alternative Proteinformen entdeckt oder Falt‐Algorithmen in den Datenbanken verbessert werden.
In this paper, we describe the construction of superelliptic curves with a rational point of prescribed order on their jacobians. The construction is based on Hensel's Lemma and produces for a given integer N a superelliptic curve of genus linear in N with a rational N -division point on the jacobian. The method is illustrated with multiple examples.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.