The Dancing Bear: A New Way of Composing Ciphers
This note presents a new way of composing cryptographic primitives which makes some novel combinations possible. For example, one can do threshold decryption using standard block ciphers, or using an arbitrary mix of different decryption algorithms – such as any three keys out of two AES keys, a 3DES key, an RSA key and a one-time pad. We also provide a new way to combine different types of primitive, such as encryption and signature. For example, Alice can construct a convertible signature that only Bob can verify, but which he can make world-verifiable using an AES key. We can incorporate even more exotic primitives, such as micropayments and puzzles, into compound constructs.
Previously, there had been two basic ways to combine cryptographic primitives. One could either design a compound primitive, perhaps using the homomorphic properties of discrete exponentiation, or one could embed several primitives into a protocol. Neither is ideal for all applications, and both have been extremely vulnerable to design errors. We provide a third construction that also allows the designer to do new things. We show, for example, how to incorporate cyclic dominance into a cryptographic mechanism, and how it might be used in a digital election scheme. Our new construction not only complements existing ways of composing crypto primitives; it also has the virtue of simplicity.
KeywordsBlock Cipher Stream Cipher Cryptographic Primitive Homomorphic Property Fast Software Encryption
Unable to display preview. Download preview PDF.
- 2.Anderson, R.J.: Security Engineering – A Guide to Building Dependable Distributed Systems. Wiley, Chichester (2001)Google Scholar
- 3.Anderson, R., Needham, R.: Robustness principles for public key protocols. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 236–247. Springer, Heidelberg (1995)Google Scholar
- 7.Byers, J.W., Luby, M., Mitzenmacher, M.: A Digital Fountain Approach to Asynchronous Reliable Multicast. In: IEEE J-SAC, Special Issue on Network Support for Multicast Communication, vol. 20(8), pp. 1528–1540 (October 2002); earlier version as ICSI Technical Report TR-98-005, and SIGCOMM 1998Google Scholar
- 9.Chaum, D.: Blind Signatures for Untraceable Payments. In: Proceedings of Crypto 1982, pp. 199–203. Plenum Press, New York (1983)Google Scholar
- 13.Danezis, G., Dingledine, R., Mathewson, N.: Mixminion – Design of a Type III Anonymous Remailer Protocol. In: Proceedings of the 2003 IEEE Symposium on Security and Privacy (2003)Google Scholar
- 14.Dill, D.: Verified Voting.org, http://www.verifiedvoting.org/
- 15.Goldwasser, S., Waisbard, E.: Transformation of Digital Signature Schemes into Designated Confirmer Signature Schemes. In: First Theory of Cryptography Conference (February 04) and MIT TR 329 (March 2003)Google Scholar
- 19.Walters, S., Turnbull, D.: Cabinet Minister in Vote Rigging Enquiry. Mail on Sunday, pp. 1, 8, 9 (May 4, 2003)Google Scholar
- 21.Rjašková, Z.: Electronic Voting Schemes, at: http://people.ksp.sk/~zuzka/elevote.pdf
- 23.Sen, A.: Collective Choice and Social Welfare, Holden-Day and Oliver and Boyd (1970)Google Scholar
- 24.Simon, D.R.: Anonymous Communication and Anonymous Cash. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 61–73. Springer, Heidelberg (1996)Google Scholar
- 26.Wagner, D., Schneier, B.: Analysis of the SSL 3.0 Protocol. In: The Second USENIX Workshop on Electronic Commerce, Proceedings, November 1996, pp. 29–40. USENIX Press (1996)Google Scholar