calofmijuck/blog
1
0
Fork 0
mirror of https://github.com/calofmijuck/blog.git synced 2025-12-06 14:53:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

[PUBLISHER] upload files #163

Browse Source 
* PUSH NOTE : 02. Symmetric Key Cryptography (1).md

* PUSH NOTE : 1. OTP, Stream Ciphers and PRGs.md

* DELETE FILE : _posts/lecture-notes/internet-security/2023-09-11-symmetric-key-cryptography-1.md

* DELETE FILE : _posts/lecture-notes/internet-security/2023-09-11-symmetric-key-cryptography-1/2023-09-07-otp-stream-cipher-prgs.md
This commit is contained in:
Sungchan Yi
2024-11-12 21:43:41 +09:00
committed by GitHub
parent b5e3a4a3b2
commit f394e395b0
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
_posts/lecture-notes/internet-security/2023-09-11-symmetric-key-cryptography-1.md → _posts/lecture-notes/internet-security/2023-09-11-symmetric-key-cryptography-1/2023-09-11-symmetric-key-cryptography-1.md
View File

@@ -5,7 +5,7 @@ math: true
categories: categories:
- Lecture Notes - Lecture Notes
- Internet Security - Internet Security
path: _posts/lecture-notes/internet-security path: _posts/lecture-notes/internet-security/2023-09-11-symmetric-key-cryptography-1
tags: tags:
- security - security
- lecture-note - lecture-note
@@ -191,22 +191,22 @@ Let $m \in \left\lbrace 0, 1 \right\rbrace^n$ be the message to encrypt. Then ch
- Encryption: $E(k, m) = k \oplus m$. - Encryption: $E(k, m) = k \oplus m$.
- Decryption: $D(k, c) = k \oplus c$. - Decryption: $D(k, c) = k \oplus c$.
This scheme is **provably secure**. See also [one-time pad (Modern Cryptography)](../modern-cryptography/2023-09-07-otp-stream-cipher-prgs.md#one-time-pad-(otp)). This scheme is **provably secure**. See also [one-time pad (Modern Cryptography)](../../modern-cryptography/2023-09-07-otp-stream-cipher-prgs/2023-09-07-otp-stream-cipher-prgs.md#one-time-pad-(otp)).
## Perfect Secrecy ## Perfect Secrecy
> **Definition.** Let $(E, D)$ be a cipher defined over $(\mathcal{K}, \mathcal{M}, \mathcal{C})$. We assume that $\lvert \mathcal{K} \rvert = \lvert \mathcal{M} \rvert = \lvert \mathcal{C} \rvert$. The cipher is **perfectly secure** if for all $m \in \mathcal{M}$ and $c \in \mathcal{C}$, > **Definition.** Let $(E, D)$ be a cipher defined over $(\mathcal{K}, \mathcal{M}, \mathcal{C})$. We assume that $\lvert \mathcal{K} \rvert = \lvert \mathcal{M} \rvert = \lvert \mathcal{C} \rvert$. The cipher is **perfectly secure** if for all $m \in \mathcal{M}$ and $c \in \mathcal{C}$,
> >
> $$ > $$
> \Pr[\mathcal{M} = m \mid \mathcal{C} = c] = \Pr[\mathcal{M} = m]. > \Pr[\mathcal{M} = m \mid \mathcal{C} = c] = \Pr[\mathcal{M} = m].
> $$ > $$
> >
> Or equivalently, for all $m_0, m_1 \in \mathcal{M}$, $c \in \mathcal{C}$, > Or equivalently, for all $m_0, m_1 \in \mathcal{M}$, $c \in \mathcal{C}$,
> >
> $$ > $$
> \Pr[E(k, m _ 0) = c] = \Pr[E(k, m _ 1) = c] > \Pr[E(k, m _ 0) = c] = \Pr[E(k, m _ 1) = c]
> $$ > $$
> >
> where $k$ is chosen uniformly in $\mathcal{K}$. > where $k$ is chosen uniformly in $\mathcal{K}$.
In other words, the adversary learns nothing from the ciphertext. In other words, the adversary learns nothing from the ciphertext.
@@ -225,7 +225,7 @@ since for each $m$ and $c$, $k$ is determined uniquely.
*Proof*. Assume not, then we can find some message $m_0 \in \mathcal{M}$ such that $m_0$ is not a decryption of some $c \in \mathcal{C}$. This is because the decryption algorithm $D$ is deterministic and $\lvert \mathcal{K} \rvert < \lvert \mathcal{M} \rvert$. *Proof*. Assume not, then we can find some message $m_0 \in \mathcal{M}$ such that $m_0$ is not a decryption of some $c \in \mathcal{C}$. This is because the decryption algorithm $D$ is deterministic and $\lvert \mathcal{K} \rvert < \lvert \mathcal{M} \rvert$.
For the proof in detail, check [Shannon's Theorem (Modern Cryptography)](../modern-cryptography/2023-09-07-otp-stream-cipher-prgs.md#shannon's-theorem). For the proof in detail, check [Shannon's Theorem (Modern Cryptography)](../../modern-cryptography/2023-09-07-otp-stream-cipher-prgs/2023-09-07-otp-stream-cipher-prgs.md#shannon's-theorem).
### Two-Time Pad is Insecure ### Two-Time Pad is Insecure