Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [hashed-elgamal]

7 questions
5
votes
2 answers

Elgamal test vectors

I know that Elgamal algorithms have fallen out of fashion, and they are not included in any widespread cryptographic standard nowadays. However, they are still present in several popular crypto libraries (bouncy castle, botan, cryptopp, etc). One…
SquareRootOfTwentyThree
  • 1,755
  • 12
  • 17
5
votes
3 answers

Malleability of ElGamal and Hashed ElGamal

Question: Suppose A encrypts a number $x$ which indicates her bid on a contract, using ElGamal encryption. Say that the encryption of $x$ produces a ciphertext $c$. Explain how E can modify $c$ to make it an encryption of $100 \cdot x$. Answer: E is…
Bobby S
  • 1,973
  • 4
  • 23
  • 30
2
votes
0 answers

Understanding ElGamal encryption for a Mental Poker Case

I am looking to understand ElGamal encryption as it is used in a specic context described below. I am interested in creating a practical form of Mental Poker for games other than poker developed by Phillip Golle in 2005 found here:…
Mercure
  • 31
  • 2
2
votes
0 answers

Source of encryption scheme used in blockchain based IoT

I've found the following encryption scheme UserA: $$sk_A, pk_A = sk_A \cdot G$$ UserB: $$sk_B, pk_B = sk_B \cdot G$$ Enc: UserA $$u \in \mathbb{Z}_q^* \\ Y = u \cdot pk_B \\ S = H(U) \oplus m \\ C = (S, Y)$$ Dec: UserB $$Y \cdot sk_B^{-1} = u \cdot…
coolgirl Leon
  • 21
  • 2
1
vote
1 answer

Why $1\leq r\leq p-1$ verification is needed for (hashed) Elgamal signature?

I am reading the "Handbook of Applied Cryptography" by Menezes et al. (hashed) ElGamal Signature verification in this book talks about verification of $1\leq r\leq p-1$. Subsequently, this book also provides a justification for this verification…
mxant
  • 131
  • 3
0
votes
0 answers

Using GP/PARI how would you solve this randomised Elgamal question?

I know how to solve this question manually, but I don't know how to solve it using the program gp/pari. It is based on randomised Elgamal Let p = 739. Given the following ciphertext of some message m1 encrypted using randomized Elgamal, what is the…
Sarah
  • 1
0
votes
1 answer

Why Bellare-Micali Oblivious Transfer Construction requires ElGamal with hashed key?

The idea of the Bellare-Micali Oblivious Transfer Constructions is the following: Informally, the receiver is required to generate two public keys $y_b$, $y_{b-1}$ such that it knows only the secret key paired with $y_b$ (where $b$ is its choice…
Lorenzo
  • 149
  • 8