Cryptography Asked on December 24, 2021
Is there a digital signature or MAC scheme in which, the verification algorithm returns not ${text{Valid},text{Invalid}}$, but a discrete (finite or infinite) set of result such as ${text{Valid-for-A}, text{Valid-for-B}, text{Valid-for-C}, text{Invalid-for-All}}$?
This is a curiosity question. There is no limit on the nature of the scheme, it can be symmetric or asymmetric, classical, or post-quantum.
EDIT
To explain why could potentially be "Valid-for-{A,B,C}":
In PKC there could be 3 (or any number of) private keys derived from a master private key (possibly using some form of key-escrow), that can be identified and verified by the "master" public key. An application of such scheme could be "bandwidth-efficient group member authentication".
In symmetric-key cryptography, it could be an multi-party broadcast domain authenticated encryption, in which ciphertext verification don’t require computing the tag with each of the peers’ key – the recipiant instead somehow use the shared key to "decrypt" or "derive" the peer’s key. Same application as above.
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP