Columbia University
Handout 3
E6291: Topics in Cryptography
February 2, 1999
Professor Luca Trevisan
Notes on Discrete Probability
The following notes cover, mostly without proofs, the basic notions and results of discrete
probability. Two important topics (the
birthday paradox
and
universal hash functions
)are
not covered, and they will be the subject of future notes.
1
Basic Defnitions
In cryptography we typically want to prove that an adversary that tries to break a certain
protocol has only minuscule (technically, we say “negligible”) probability of succeeding. In
order to prove such results, we need some formalism to talk about the probability that
certain events happen, and also some techniques to make computations about such proba-
bilities.
In order to model a probabilistic system we are interested in, we have to de±ne a
sample
space
and a
probability distribution
. The sample space is the set of all possible
elementary
events
, i.e. things that can happen. A probability distribution is a function that assigns a
non-negative number to each elementary event, this number being the
probability
that the
event happen. We want probabilities to sum to 1. Formally,
Defnition 1.1
For a ±nite sample space
Ω
and a function
Pr
:Ω
→
R
, we say that
Pr
is
a
probability distribution
if
1.
Pr
(
a
)
≥
0
for every
a
∈
Ω
;
2.
∑
a
∈
Ω
Pr
(
a
)=1
.
For example, if we want to model a sequence of three coin ﬂips, our sample space will be
{
Head, T ail
}
3
(or, equivalently,
{
0
,
1
}
3
) and the probability distribution will assign 1
/
8to
each element of the sample space (since each outcome is equally likely).
If we model an algorithm that ±rst chooses at random a number in the range 1
,...,
10
200
and then does some computation, our sample space will be the set
{
1
,
2
10
200
}
,and
each element of the sample space will have probability 1
/
10
200
.
We will always restrict ourselves to
±nite
sample spaces, so we will not remark it each time.
Discrete probability
is the restriction of probability theory to ±nite sample spaces. Things
are much more complicated when the sample space can be in±nite.
An
event
is a subset
A
⊆
Ω of the sample space. The probability of an event is de±ned in
the intuitive way