Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:11:02
Ray Jones (rjones@pobox.com)
31 Aug 1998 21:22:38 +0000
bram <bram@gawth.com> writes:
> That problem is tantamount to Alice and Bob both writing down some number
> and then trying to determine if they have the same number written down,
> which I believe a very clever and practical protocol was discovered for
> just recently, I don't have a reference though.
i believe something very similar to this is discussed in AC, though i
don't have my copy here right now, so can't be sure. this protocol
might work:
Alice and Bob each choose a random salt (Sa and Sb), and trade them.
they each compute H(Sa+Sb+Number), where Number is their personal
number/fetish/secret, and H is a secure hash.
they then take turns sending each other a bit from the result. if the
bits match at each step, they can be reasonably sure they started with
the same secret. they can iterate with new salt values until they're
convinced.
if the bits don't match, the protocol can be broken off. it's very
hard for one party to fool the other party into thinking that they
have the same number unless they actually do.
the salt values are to ensure that the result they are comparing is
unique each time, rather than to prevent dictionary attacks. if the
number of secrets is small, that's a concern. only exchanging a
single bit, then choosing new salt values and iterating avoids this, i
think.
ray jones
(of course, IANAC)
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:11:02