Talk:Cramer–Shoup cryptosystem

Cryptography: Computer science High‑importance

	This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CryptographyWikipedia:WikiProject CryptographyTemplate:WikiProject CryptographyCryptography articles
High	This article has been rated as High-importance on the importance scale.
	This article is supported by WikiProject Computer science (assessed as High-importance).

The following is incorrect. Elgamal is also a probabilistic cryptosystem. The advantage of Cramer-Shoup is the verification stage in the decryption algorithm:

In contrast to ElGamal, which is extremely malleable, Cramer-Shoup introduces a random element into the encryption process, such that a given plaintext will produce different ciphertexts on subsequent runs of the system. The consequence is that, unlike ElGamal and RSA (without padding), Cramer-Shoup is not susceptible to chosen ciphertext attack.

Anyone know the licensing information? This would probably be good to include.--Wpegden 07:07, 16 July 2006 (UTC)[reply]

H(u1, u2, e)[edit]

Every cryptographic hash function that I know of takes one argument. How does one pass three arguments? 141.149.207.158 04:17, 27 August 2006 (UTC)[reply]

It makes a hash of the combination. I guess you could say H(u1 || u2 || e) would do the trick. 129.241.211.76 (talk)

Collision resistance vs. UOWHF[edit]

Hmm, I have just taken a look at the original paper, and I found out that the property required from the hash function is not exactly collision resistance, but being drawn from a Universal One-Way Hash Function family, which is more like second preimage resistance (it is easier to achieve than collision resistance)... charles bouillaguet

External links modified[edit]

Hello fellow Wikipedians,

I have just modified one external link on Cramer–Shoup cryptosystem. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

Added archive https://web.archive.org/web/20060426194426/http://packetstorm.linuxsecurity.com/mag/crypto-gram/crypto-gram-9809.html to http://packetstorm.linuxsecurity.com/mag/crypto-gram/crypto-gram-9809.html

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 04:23, 14 August 2017 (UTC)[reply]