Lecture 2: Computational Notion of Security

# Lecture 2: Computational Notion of Security - ICS 180...

• Notes
• davidvictor
• 6
• 100% (1) 1 out of 1 people found this document helpful

This preview shows pages 1–3. Sign up to view the full content.

ICS 180: Introduction to Cryptography April 8, 2004 Lecture 2: Computational Notion of Security Lecturer: Stanislaw Jarecki 1 L ECTURE S UMMARY We introduce the notion of computational security, in contrast to the perfect security of last lec- ture, which was an information-theoretic, rather than computational notion. We review the notions of algorithm running time, assymptotic notation, and polynomial time algorithms. We introduce notions of efficient algorithms, negligible probabilities, and adversarial advantage in attacking a cryptosystem. We exemplify these notions with an example of computational security definition for (private-key) encryption, namely the indistinguishability of encryption. 2 Computational Notion of Secrecy for Encryption In the last lecture we saw that the perfect secrecy definition for encryption can be satisfied only by ciphers whose keys are as long as the messages they encrypt. With the computational notion of secrecy we try to preserve the spirit of Shannon’s perfect secrecy notion, but we relax it in two fundamental ways, which in the end allows us to actually satisfy this notion with some practical algorithms. Recall that we called a cipher perfectly secret if for every pair of messages m 0 , m 1 ∈M and ciphertext c we have Prob k ←K [ Enc ( k, m 0 ) = c ] = Prob k ←K [ Enc ( k, m 1 ) = c ] In other words, if encryptions of m 0 look exactly the same as encryptions of m 1 . The computational version of this definition will say that for every messages m 0 , m 1 , for every efficient algorithms A , the adversarial advantage of A in distinguishing encryptions of m 0 from encryptions of m 1 is negligibly small , i.e. | Prob k ←K [ A ( m 0 , m 1 , c ) = 1 | c Enc ( k, m 0 )] - Prob k ←K [ A ( m 0 , m 1 , c ) = 1 | c Enc ( k, m 1 )] | < ǫ for some negligibly small ǫ . What do we mean by “efficient algorithm” and “negligibly small” factor? By “efficient algo- rithm” we mean probabilistic polynomial time . The next section reviews what probabilistic polyno- mial time algorithms are, and recalls some associated notation. 3 Review of Algorithm Analysis First some notation (you can skip this now and only refer to it as needed): L2-1

This preview has intentionally blurred sections. Sign up to view the full version.

By Z we denote the set of integers, by N the naturals (i.e. positive integers plus zero), and by R the set of real numbers. Note that N Z R . If D, R are sets, we denote functions f from domain D to range R as f : D R . For example, f : N [0 , 1] is a function from naturals to the interval between 0 and 1 . We’ll denote assignment of a random variable according to some distribution with the sign. For example, by b ←{ 0 , 1 } we denote the event of picking a random element in set { 0 , 1 } and assigning its value to variable b . In other words, in this case b is a random bit. By Prob [ A | B ] we denote the conditional probability that event A happens given that event B happens. For example, Prob [ b = 1 | b ←{ 0 , 1 } ] = 1 / 2 , because that’s the probability that a random bit is equal to one.
This is the end of the preview. Sign up to access the rest of the document.
• Spring '04
• Jarecki
• Cryptography, Probability theory, Encryption, Big O notation, Analysis of algorithms

{[ snackBarMessage ]}

### What students are saying

• As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

Kiran Temple University Fox School of Business ‘17, Course Hero Intern

• I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

Dana University of Pennsylvania ‘17, Course Hero Intern

• The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

Jill Tulane University ‘16, Course Hero Intern