How to break a practical MIX and design a new one.
In: Preneel, B, (ed.)
ADVANCES IN CRYPTOLOGY - EUROCRYPT 2000.
(pp. 557 - 572).
A MIX net takes a list of ciphertexts (c(1), - - -, c(N)) and outputs a permuted list of the plaintexts (m(1), - - -,m(N)) without revealing the relationship between (c(1), - - -,c(N)) and (m(1), - - -, m(N)). This paper first shows that the Jakobsson's MIX net of Eurocrypt'98, which was believed to be resilient and very efficient, is broken. We next propose an efficient t-resilient MIX net with O(t(2)) servers in which the cost of each MIX server is O(N). Two new concepts are introduced, existential-honesty and limited-open-verification. They will be useful for distributed computation in general.
|Title:||How to break a practical MIX and design a new one|
|Event:||19th Annual Eurocrypt Conference on Theory and Application of Cryptographic Techniques|
|Dates:||2000-05-14 - 2000-05-18|
|UCL classification:||UCL > School of BEAMS
UCL > School of BEAMS > Faculty of Engineering Science
Archive Staff Only