Professional Documents
Culture Documents
Tutorial 4: Perfect Secrecy: Netw1002: Computer Security
Tutorial 4: Perfect Secrecy: Netw1002: Computer Security
• “Regardless of any prior information the attacker has about plaintext, ciphertext
should leak no additional information about plaintext.”
• Another definition: It means that observing cipher text should not change attacker’s
knowledge about the distribution of plaintext.
• Meaning that: the probability of plain text message M to be equal m given that cipher
text C is equal to c must be equal the probability that message M equals to m.
P(M=m | C=c) = P(M=m)
• To check that any encryption system that has perfect secrecy feature, this previous
equation should be satisfied.
CONDITIONAL PROBABILITY
• Bayes Rule:
𝑃 ( 𝐵| 𝐴 ) ∗ 𝑃 ( 𝐴 )
P ( A|B ) =
𝑃 ( 𝐵)
P(A|B) = P(A)
• The two variables X, Y are independent
• Knowledge of X does not change the probability of Y
(Knowledge of X reveals no information about Y)
P(A|B)≠ P(A)
• The two variables X, Y are dependent
• Knowledge of X changes the probability of Y
(Knowledge of X reveals information about Y)
QUESTION 1:
,
• Since:
• Therefore: OTP Algorithm is perfectly secret
QUESTION 2
Prove that, in order for a cryptographic system to be perfectly secret, a necessary but not
sufficient condition is that the number of keys is at least equal to the number of possible
plain texts.
Solution:
We need to prove that when the number of keys is less than the number of messages,
then the system is NOT perfectly secret. (# of Keys < # of Plain texts)
In this example |K| ≤ |M|; |K| = 2 and |M| = 3:
1 st System using (K1):
M C
(1,A), (2,B) & (3,X)
1 A
2 B 2nd System using (K2):
3 X (1,B), (2,X) & (3,A)
M C
QUESTION 2
1 A
p(m|c) = 2 B
P(1|x) = 3 X
p(x|1): there is no key that makes the encryption of message “1” to be “X” so p(x|1) = 0.
P(1|x) = = 0
Since that: p(1|x) ≠ p(1), therefore this system is not perfectly secret
To get a perfectly secret system, # of keys must be at least equal to # of plain texts
QUESTION 3
Can any permutation cipher be perfectly secret? Justify your answer and give examples.
Solution:
Assuming a system that uses (2-bits), recall the permutation def. which is changing the
order of the bits
Plain Text Msg (m) 00 01 10 11
00 01 10 11
00 10 01 11
=1
• Since:
• Therefore: Permutation Ciphers are not perfectly secret.
QUESTION 4
Can a general substitution cipher, i.e., using substitution tables, be perfectly secret?
Justify your answer and give an example of a perfectly secret substitution cipher (if
possible).
Solution:
This could be happen when # of keys > # of plain text messages
Assuming a system that uses only 1-bit and 2 keys (General Substitution Cipher)
Plain text α β
• Assume that α and β are 2 chars messages (m)
• p(α) = p and p(β) = 1 – p 0 1
1 0
• p(k1 )=p(k 2 )=1/2
Since: ) = p
Then: Case 1 is verified
QUESTION 4:
• Since:
• Then: Case 2 is Verified
QUESTION 4:
• Since:
• Since:
• Then: Case 4 is Verified
QUESTION 5:
Plain text α β
• Assume that α and β are binary messages (m)
• p(α) = p and p(β) = 1 – p 0 1
• p(k_1 )=p(k_2 )=1/2 0 1
QUESTION 5: