Howdy #cryptography friends,
Let's say I have 1000 friends (haha, I know, right?) and I want to send each of them a number. If I put all the numbers into a list and send the list to all my friends, that sort of works, but each friend won't know which number is theirs.
So I'd like some way to tag each number in the list so each friend can quickly tell which number is theirs, but no one else can. ie, something faster than linear time search through the list would be ideal, but I'd settle for something linear if the constants are small. Maybe something like string equality as the match operation, but not a decryption.
And if someone who isn't my friend sees the list with all the tagged numbers, they shouldn't be able to tell who any of my friends are by using the tags somehow.
Me and all my 1000 friends (lol, it's still funny) all have asymmetric keypairs, so we can use those.
Is this a well-studied problem that has a name I don't know about yet? Maybe there are special-purpose tools that are a good fit for this?
Or maybe there's some clever scheme using encryption that solves this? I feel like a deterministic encryption of some well-known message for each friend gets pretty close. Then add a list-level nonce to make it randomized for each list, but not each friend. Then a friend can do the deterministic encryption using the nonce and scan through the list pretty quickly to find their number. But my asymmetric encryption primitive is randomized, so I can't quite make it work that way unless I use a different primitive.
Although, if the message to be encrypted deterministically is well-known, and the goal is not actually to protect the message, that kind of suggests encryption is the wrong tool here. I'm looking for some kind of tag that is only recognizable by the holder of the private key.
Thoughts?