Wk3 - More on perfect secrecy, one-time pad, entropy

# Wk3 - More on perfect secrecy, one-time pad, entropy -...

• Notes
• Nancyyyyyyyyyy
• 9

This preview shows pages 1–3. Sign up to view the full content.

CPSC/PMAT 418 Introduction to Cryptography More on Perfect Secrecy, One-Time Pad, Entropy Renate Scheidler Department of Mathematics & Statistics Department of Computer Science University of Calgary (Original slides from Mike Jacobson, with modifications by Mark Bauer and Renate Scheidler) Week 3 Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 3 1 / 33 Outline 1 Computing p ( C | M ) and p ( C ) 2 The Vernam One-Time Pad 3 Entropy Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 3 2 / 33 Computing p ( C | M ) and p ( C ) Computing p ( C | M ) and p ( C ) Recall that perfect secrecy is equivalent to p ( M | C ) = p ( M ) for all messages M and all ciphertexts C that occur. How can we determine p ( C | M ) and p ( C )? For any message M ∈ M , we have p ( C | M ) = X K ∈K E K ( M )= C p ( K ) . That is, p ( C | M ) is the sum of probabilities p ( K ) over all those keys K ∈ K that encipher M to C . Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 3 3 / 33 Computing p ( C | M ) and p ( C ) Number of Keys in the Sum Usually there is at most one key K with E K ( M ) = C for given M and C . However, some ciphers can transform the same plaintext into the same ciphertext with different keys. A monoalphabetic substitution cipher will transform a message into the same ciphertext with different keys if the only differences between the keys occur for characters which do not appear in the message Eg. key1 = ECONOMICS, key2 = ECONOMY, and we encrypt a message of at most 6 characters). Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 3 4 / 33

This preview has intentionally blurred sections. Sign up to view the full version.

Computing p ( C | M ) and p ( C ) Example: Computing p ( C | M ) M = { a , b } , K = { K 1 , K 2 , K 3 } , and C = { 1 , 2 , 3 , 4 } . Encryption is given by the following table: Key M = a M = b K 1 C = 1 C = 2 K 2 C = 2 C = 3 K 3 C = 3 C = 4 Thus, p (1 | a ) = p ( K 1 ) , p (1 | b ) = 0 , p (2 | a ) = p ( K 2 ) , p (2 | b ) = p ( K 1 ) , p (3 | a ) = p ( K 3 ) , p (3 | b ) = p ( K 2 ) , p (4 | a ) = 0 , p (4 | b ) = p ( K 3 ) . Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 3 5 / 33 Computing p ( C | M ) and p ( C ) Description of E K Consider a fixed key K . The mathematical description of the set of all possible encryptions (of any plaintext) under this key K is exactly the image of E K , i.e. the set E K ( M ) = { E K ( M ) | M ∈ M} . Key M = a M = b K 1 C = 1 C = 2 K 2 C = 2 C = 3 K 3 C = 3 C = 4 In the previous example, we have E K 1 ( M ) = { 1 , 2 } E K 2 ( M ) = { 2 , 3 } E K 3 ( M ) = { 3 , 4 } . Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 3 6 / 33 Computing p ( C | M ) and p ( C ) Computation of p ( C ) For a key K and ciphertext C E K ( M ), consider the probability p ( D K ( C )) that the message M = D K ( C ) was sent. Then p ( C ) = X K ∈K C E K ( M ) p ( K ) p ( D K ( C )) . That is, p ( C ) is the sum of probabilities over all those keys K ∈ K under which C has a decryption under key K , each weighted by the probability that that key K was chosen. Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 3 7 / 33 Computing p ( C | M ) and p ( C ) Example, cont. The respective probabilities of the four ciphertexts 1 , 2 , 3 , 4 are: p (1) = p ( K 1 ) p ( a ) , p (2) = p ( K 1 ) p ( b ) + p ( K 2 ) p ( a ) p (3) = p ( K 2 ) p ( b ) + p ( K 3 ) p ( a ) , p (4) = p ( K 3 ) p ( b ) If we assume that every key and every message is equally probable, i.e. p ( K 1 ) = p ( K 2 ) = p ( K 3 ) = 1 / 3 and p ( a ) = p ( b ) = 1 / 2, then p (1) = 1 3 · 1 2 = 1 6 , p (2) = 1 3 · 1 2 + 1 3 · 1 2 = 1 3 p (3) = 1 3 · 1 2 + 1 3 · 1 2 = 1 3 , p (4) = 1 3 · 1 2 = 1 6
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

### What students are saying

• As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

Kiran Temple University Fox School of Business ‘17, Course Hero Intern

• I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

Dana University of Pennsylvania ‘17, Course Hero Intern

• The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

Jill Tulane University ‘16, Course Hero Intern