150 likes | 428 Views
CIS 5371 Cryptography. 3. Private-Key Encryption and Pseudorandomness B ased on: Jonathan Katz and Yehuda Lindel , Introduction to Modern Cryptography. A Computational Approach to Cryptography. Computational secrecy is a weaker notion of secrecy that is based on the assumption that
E N D
CIS 5371 Cryptography 3. Private-Key Encryption and Pseudorandomness Based on: Jonathan Katz and Yehuda Lindel, Introduction to Modern Cryptography
A Computational Approach to Cryptography • Computational secrecyis a weaker notion of secrecy that is based on the assumption that • the success probability of breaking the system by any adversary with bounded computational resources is negligible. For example, less than using the fastest available supercomputer running for 200 years.
A Computational Approach • Security is only preserved against efficient adversaries • Adversaries can potentially succeed with some very small probability (small enough so that we are not concerned that this will ever really happen)
The asymptotic approach –an example The effect that availability of faster computers might have on security in practice • Say we have a cryptographic scheme where honest parties are required to run for cycles and for which an adversary is running for cycles can succeed in breaking the scheme with probability .
The asymptotic approach –an example • The asymptotic approach has the advantage of not depending on any specific assumptions regarding, e.g., the type of computer an adversary will use.
Efficient Algorithms Generating randomness There are a number of ways random bits are obtained in practice. • One solution is to use a hardware random number generator that generates random bit-streams based on certain physical phenomena like thermal/electrical noise or radioactive decay. • Another possibility is to use software random number generators which generate random bit-streams based on unpredictable behavior such as the time between key-strokes, movement of the mouse, hard disk access times, and so on.
Efficient Algorithms Generating randomness • Some modern operating systems provide functions of this sort. Note that, in either of these cases, the underlying unpredictable event is unlikely to directly yield uniformly-distributed bits, and so further processing of the initial bit-stream is needed. • Techniques for doing this are complex and poorly understood.
Efficient Algorithms Generating randomness • One must be careful in how random bits are chosen, and the use of badly designedor inappropriate random number generators can often leave a good cryptosystem vulnerable to attack. • Particular care must be taken to use a random number generator that is designed for cryptographic use, rather than a general-purpose random number generator which may be fine for some applications but not cryptographic ones