Erdős–Straus conjecture: Difference between revisions

From formulasearchengine
Jump to navigation Jump to search
en>Giftlite
wlink
en>Mogism
m Cleanup/Typo fixing, typo(s) fixed: the the → the using AWB
 
Line 1: Line 1:
{{Refimprove|date=July 2007}}
Wilber Berryhill is what his spouse loves to contact him and he completely enjoys this name. To climb is some thing I really appreciate performing. Ohio is where my house is but my spouse desires us to move. I am an invoicing officer and I'll be promoted soon.<br><br>My blog - tarot card readings ([http://165.132.39.93/xe/visitors/372912 just click the following article])
 
In [[cryptography]], the concept of a '''verifiable random function''' was introduced by [[Silvio Micali|Micali]], [[Michael O. Rabin|Rabin]], and [[Salil Vadhan|Vadhan]].<ref>{{cite conference | first = Silvio | last = Micali | coauthors = Rabin, Michael O.; Vadhan, Salil P. | title = Verifiable random functions | booktitle = Proceedings of the 40th IEEE Symposium on Foundations of Computer Science | pages = 120–130 | year = 1999 }}</ref> It is a [[pseudo-random function]] that provides publicly verifiable proofs of its outputs' correctness. Given an input value ''x'', the owner of the secret [[key (cryptography)|key]] SK can compute the function value ''y'' = ''F''<sub>SK</sub>(''x'') and the proof ''p''<sub>SK</sub>(''x''). Using the proof and the public key <math> PK = g^{SK}</math>, everyone can check that the value ''y'' = ''F''<sub>SK</sub>(''x'') was indeed computed correctly, yet this information cannot be used to find the secret key.
 
The original construction was rather inefficient. Recently, an efficient and practical verifiable random function was proposed by Yevgeniy Dodis and Aleksandr Yampolskiy.<ref>{{cite conference | first = Yevgeniy | last = Dodis| coauthors = Yampolskiy, Aleksandr. | title = A Verifiable Random Function With Short Proofs and Keys | booktitle = 8th International Workshop on Theory and Practice in Public Key Cryptography | pages = 416–431 | year = 2005}}</ref> In their construction,
:<math> F_{SK}(x) = e(g, g)^{1/(x+SK)} \quad\mbox{and}\quad p_{SK}(x) = g^{1/(x+SK)}, </math>
where ''e''(·,·) is a [[bilinear map]].
To verify whether <math>F_{SK}(x)</math> was computed correctly or not, one can check
if <math>e(g^x PK, p_{SK}(x))=e(g,g)</math>.
 
The proof of security relies on a new [[decisional bilinear Diffie-Hellman inversion assumption]], which asks given <math>(g, g^{x}, \ldots, g^{(x^q)}, R)</math> as input to distinguish <math>R=e(g,g)^{1/x}</math> from random.
 
==References==
<references/>
 
[[Category:Cryptographic algorithms]]
 
 
{{Crypto-stub}}

Latest revision as of 18:02, 8 January 2015

Wilber Berryhill is what his spouse loves to contact him and he completely enjoys this name. To climb is some thing I really appreciate performing. Ohio is where my house is but my spouse desires us to move. I am an invoicing officer and I'll be promoted soon.

My blog - tarot card readings (just click the following article)