[Resource Topic] 2002/119: Provably Secure Public-Key Encryption for Length-Preserving Chaumian Mixes

Welcome to the resource topic for 2002/119

Provably Secure Public-Key Encryption for Length-Preserving Chaumian Mixes

Authors: Bodo Möller


Mix chains as proposed by Chaum allow sending untraceable electronic
e-mail without requiring trust in a single authority: messages are
recursively public-key encrypted to multiple intermediates (mixes),
each of which forwards the message after removing one layer of
encryption. To conceal as much information as possible when using
variable (source routed) chains, all messages passed to mixes should
be of the same length; thus, message length should not decrease when
a mix transforms an input message into the corresponding output
message directed at the next mix in the chain. Chaum described an
implementation for such length-preserving mixes, but it is not secure
against active attacks. We show how to build practical
cryptographically secure length-preserving mixes. The conventional
definition of security against chosen ciphertext attacks is not
applicable to length-preserving mixes; we give an appropriate
definition and show that our construction achieves provable security.

ePrint: https://eprint.iacr.org/2002/119

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .