I have explained unconditional (or information-theoretical) security in my previous post (see Unconditional vs. Conditional Security ). As I have mentioned there, we can refer to unconditional security in the context of various cryptographic primitives, among which the encryption schemes (see Symmetric vs. Asymmetric Encryption ). An encryption scheme that is information-theoretically secure provides perfect secrecy (see, e.g., [1]) , because the ciphertext perfectly hides the plaintext. In other words, the adversary has the same probability to correctly indicate the message m regardless if he/she knows the corresponding ciphertext c. Hence, the knowledge of the ciphertext gives no new information about the plaintext. We ignore the length of the message - which, of course, is exposed - and assume that all the possible messages are equally long. More rigorously, the a-posteriori probability Pr[M=m/C=c] to guess the plaintext m ( a - posteriori in the sense that
Comments
Post a Comment