Questions tagged [perfect-secrecy]
Confidentiality in a very strong sense. Ciphers reaching perfect-secrecy can't be broken to disclose informations over the plaintext from the ciphertext, even with unlimited computing power. The most known example cipher reaching perfect screcy is the one-time-pad.
186
questions
0
votes
0
answers
30
views
Is it true to claim that every ciphertext can be generated by every plaintext through a key in a perfectly secret encryption scheme?
I'm solving the exercises from the book "Introduction to Modern Cryptography" and this question popped up in my mind. What I'm asking is: in a perfectly secret encryption scheme, for every ...
1
vote
1
answer
81
views
Shannon's Perfect Security for Asymmetric Encryption
I have the following definition of Shannon's Perfect Security.
Assuming messages and keys are drawn randomly from some distribution then:
The probability of guessing plaintext m is not enhanced by ...
- 75
0
votes
1
answer
65
views
Can a perfectly secret scheme have non-uniform ciphertext distribution if the plaintext and ciphertext length is equal?
I've seen this question asking if perfect secrecy implies uniform ciphertext distribution, and I understand that this is not the case.
However, all given counterexamples seem to require a construction ...
1
vote
1
answer
83
views
Why is perfect secrecy defined under a ciphertext-only threat model?
I recently acquired Katz & Lindell's Introduction to modern cryptography (3d edition). Currently I'm on page 27 where we have the following definition:
Definition 2.3: An encryption scheme (Gen, ...
- 129
3
votes
2
answers
245
views
Katz and Lindell, proof of lemma 2.4
Can someone explain the logic behind the claim that the second equality is because we condition on the event that $M$ is equal to $m$ in the proof of Lemma 2.4 from "Introduction to Modern ...
- 133
0
votes
1
answer
159
views
Is there a TLS cipher suite with perfect forward secrecy (PFS) but without authentication, i.e. anonymous, ephemeral key exchange?
Is there a TLS cipher suite with perfect forward secrecy (PFS) but without authentication, i.e. anonymous key exchange?
I am not asking or wish to discuss the principle question whether an ...
- 103
1
vote
0
answers
64
views
Can a computationally-unbounded adversary break any cipher which is not perfectly secret?
Imagine we have a cipher defined as $(K, M, C, E, D)$ which is not perfectly secret, namely:
$\exists m_0, m_1 \in M, c \in C \text{ s.t. } P[k \leftarrow K; E(k, m_0) = c] \neq P[k \leftarrow K; E(k, ...
- 267
0
votes
0
answers
55
views
Proving if two samples hides a value?
Given two values
$r'-r \mod q$
$i - r \mod q$
Where
$r',r$ sampled randomly from $Z_q$
while i is pick arbitrarily from $Z_q$ and a secret
Can we claim that this hides $i$?
Here is my sketch:
...
2
votes
2
answers
153
views
Perfect Secrecy other than One-time Pad
The most known example cipher reaching perfect secrecy is One-time Pad, which employs modulus addition for encryption and decryption.
Is there any other well-known cipher no less practical than OTP ...
- 153
1
vote
1
answer
429
views
Does CCA security imply perfect secrecy?
Can any encryption scheme that is CCA (Chosen Ciphertext Attack) secure be considered to achieve perfect secrecy?
2
votes
1
answer
115
views
Defining the random variables $K,M,C$ and Perfect Secrecy
In many books on Cryptography, we refer to probability distributions over the key space $\mathcal{K}$, over the plaintext space $\mathcal{M}$ and over the ciphertext space $\mathcal{C}$.
Then, we let $...
- 236
1
vote
0
answers
92
views
prove of disprove the modified shannon's theorem when the correctness requirement is relaxed
Suppose the correctness requirement of private-key encryption scheme is now relaxed to require only that
$$
\Pr[Dec_k(Enc_k(m)) = m] \ge \frac{1}{2} + \epsilon.
$$
Prove of disprove that if an ...
- 21
1
vote
1
answer
55
views
Is it necessary keys to have equal propabillities for the system to have perfect secrecy?
Shannon's theorem for perfect secrecy states that
$$\forall x \in M, y \in C:\quad P[x|y]=P[x] $$
I know we need $|M|\leq |C| \leq |K|$.
If $|Μ|=|C|=|K|$ all keys should have equal probs.
If $|Μ|<|...
- 173
6
votes
6
answers
2k
views
why XOR is recommended/Used in every paper I read for encryption and decryption stream cipher?
Stream ciphers use a deceptively simple mechanism: you combine the plaintext data, bit by bit, with “key” bits, using the exclusive or operation.
Why can't I use other opeartions such as NAND, AND, ...
1
vote
0
answers
98
views
What is the simplest way to implement data encryption for Raspberry PI project that communicate through Bluetooth? [closed]
I have developed a project based on Raspberry Pi that communicates through Bluetooth with Android application, My idea is to enhance its privacy through encryption. So, I've tried ...