| 摘要 |
Described is a technology comprising a system in which two distrusting parties can submit sets of encrypted keywords using two independent secret keys to a third party who can decide, using only public keys, if the underlying cleartext message of a cryptogram produced by one distrusting party matches that of a cryptogram produced by the other. The third party (e.g., a server) uses generator information corresponding to a generator of an elliptic curve group to determine whether the sets of encrypted keywords match each other. Various ways to provide the generator information based upon the generator are described. Also described is the use of one-ray randomization and two-way randomization as part of the system to protect against dictionary attacks.
|
