Materials

Use the raw slides (pdf) before lecture to take notes.

Summary

• Review of perfect security: the ciphertext carries no information about the message
• Indistinguishable security: simpler definition. “For any pair of messages, c is equally likely to be the ciphertext for either message.” This notion turns out to be equivalent to perfect security.
• One-time pad (Vernam) satisfies perfect security.
  • List of weaknesses of the one-time pad.
  • Keys must be inherently long.
• If you want to use smaller keys for convenience, you have to weaken the security notion.
• Computational security
  • how can we compare functions? e.g. polynomial vs exponential
  • Asymptotic approach
• Indistinguishable encryption
  • Security game INDCPA