Unformatted text preview: umber of people can find out the order of their ages by a sequence of honest applications of the protocol; and no participant can learn the age of another. Protocol #3
Alice likes to do kinky things with teddy bears. Bob has erotic fantasies about marble tables. Both are pretty embarrassed by their particular fetish, but would love to find a mate who shared in their...um...lifestyle. Here at the Secure Multiparty Computation Dating Service, we’ve designed a protocol for people like them. We’ve numbered an astonishing list of fetishes, from “aardvarks” to “zoot suits.” Discreetly separated by a modem link, Alice and Bob can participate in a secure multiparty protocol. Together, they can determine whether they share the same fetish. If they do, they might look forward to a lifetime of bliss together. If they don’t, they can part company secure in the knowledge that their particular fetish remains confidential. No one, not even the Secure Multiparty Computation Dating Service, will ever know. Here’s how it works: (1) Using a oneway function, Alice hashes her fetish into a sevendigit string. (2) Alice uses the sevendigit string as a telephone number, calls the number, and leaves a message for Bob. If no one answers or the number is not in service, Alice applies a oneway function to the telephone number until she finds someone who can play along with the protocol. (3) Alice tells Bob how many times she had to apply the oneway hash function to her fetish. (4) Bob hashes his fetish the same number of times that Alice did. He also uses the sevendigit string as a telephone number, and asks the person at the other end whether there were any messages for him. Note that Bob has a chosenplaintext attack. He can hash common fetishes and call the resulting telephone numbers, looking for messages for him. This protocol only really works if there are enough possible plaintext messages for this to be impractical. There’s also a mathematical protocol, one similar to Protocol #2. Alice knows a,...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details