Skip to content
Knowledge Base
Cryptography
Computational Security

Computational Security

Perfect Secrecy vs. Computational Security

Perfect secrecy emphasizes that no plaintext information is leaked, although eavesdroppers have unlimited computational power.

Computational security allows a scheme to leak information with tiny probability to eavesdroppers with bounded computing resources/running time.

Complexity Theory

Complexity theory provides a methodology for analyzing the computational complexity of different cryptographic techniques and algorithms.

Concrete Security

(t,ε)(t,\varepsilon)-indistinguishability:

  • Security may fail with probability ε\le \varepsilon
  • Restrict attention to attackers running in time t\le t, or tt CPU cycles.

If Π\Pi is (t,ε)(t, \varepsilon)-indistinguishable for all attackers A\mathcal{A} running in time at most tt, then

Pr[PrivKA,Π=1]12+ε Pr[\text{PrivK}_{\mathcal{A},\Pi} = 1] \le \frac{1}{2} + \varepsilon

(,0)(\infty,0)-indistinguishability = perfect indistinguishability

Limitation

  • Sensitive to exact computational model
  • Precise concrete guarantees are difficult to provide
  • One must be careful in interpreting concrete-security claims

Asymptotic Security

Introduce security parameter nn.

And tt is the probabilistic polynomial time (PPT) in nn.

ε\varepsilon is a negligible function in nn.

Computational Indistinguishability

  • Security may fail with probability negligible in nn
  • Restrict attention to attackers running in time polynomial in nn

Comparison

Concrete Security: A scheme is (t,ε)(t,\varepsilon)-secure if for any adversary running for time at most tt succeeds in breaking the scheme with probability at most ε\varepsilon

Asymptotic Security: A scheme is secure if any PPT adversary succeeds in breaking the scheme with probability at most negligible.

Another Definition of Encryption

A private-key encryption scheme is defined by three PPT algorithms (GenGen, EncEnc, DecDec):

  • GenGen takes as input 1n1^n, and outputs kk (assume kn\left| k \right| \ge n)
  • EncEnc takes as input a key kk and message m{0,1}m \in \{0,1\}^{*}, and outputs ciphertext cc cEnck(m) c \gets Enc_k{(m)}
  • DecDec takes key kk and ciphertext cc as input, and outputs a message mm or error.
Last updated on
Perfectly Secret Encryption