Abstract
As encryption schemes useful in developing secure anonymous systems, linear equation based encryption, probabilistic, commutative and verifiable re-encryption, and threshold ElGamal encryption schemes are introduced. Linear equation based encryption functions are additive, and they enable entities to calculate sums of data owned by others without knowing individual values, and probabilistic, commutative and verifiable re-encryption functions enable entities to encrypt data while concealing the correspondences between encrypted data and their decrypted forms from anyone including the owners of the data. Finally, threshold ElGamal encryption functions disable entities to decrypt encrypted data without the cooperation among t out of n authorities (t = n), while ensuring correct decryptions when at least t authorities are honest. All encryption schemes are extensively used in the following parts of this book, e.g. for developing anonymous communication systems, anonymous authentication systems, electronic payment, procurement, and voting systems.
TopIntroduction
This chapter discusses various encryption algorithms important especially in developing anonymous systems, i.e. algorithms with additive, multiplicative, probabilistic, commutative, or verifiable feature are introduced. In anonymous systems, to maintain privacies of data owners for example, entities are frequently required to calculate averages, variances, etc. of data without knowing the individual data, or to encrypt data in the ways where no one including the data owners and entities that encrypt the data can know the correspondences between the encrypted data and their decrypted forms. These requirements are satisfied by encryption algorithms with the above features. Firstly additive encryption functions that enable entities to calculate sums of data without knowing individual values are discussed. Then discussions about probabilistic, commutative and verifiable re-encryption schemes, which enable entities to encrypt data while concealing the correspondences between encrypted data and their decrypted forms from anyone including the owners of the data, follow. The threshold ElGamal encryption schemes discussed in the last section disable entities to decrypt encrypted data without the cooperation among t out of n authorities (t ≤ n), while ensuring correct decryptions when at least t authorities are honest.