Cryptography Reference
In-Depth Information
Unconditional Security
If the following holds,
n
)
lim
n
H
(
K
|
C
=0
,
→∞
then the cryptosystem is said to be
unconditionally secure
.
On the other hand, we have the following.
Breakable — Theoretically
If the following holds,
n
)=0
,
lim
n
→∞
H
(
K
|
C
then the cryptosystem is said to be
theoretically breakable
.
Associated with the latter case is the following.
Unicity Distance
The shortest length
n
for which,
n
)
H
(
K
|
C
≤
1
,
is called the
unicity distance
.
Since the unicitydistance tells us that there is no more than one bit of un-
certaintyabout the possible ke, then it has onlytwo possible values. In other
words, anygiven ciphertext maybe decrpted in at most two different was.
A competent cryptanalyst would be able to determine which one. It is some-
times the case where a unicitydistance of
is assigned to those cryptosystems
that are unconditionallysecure, so as to have a unicitydistance assigned to all
possible cases.
To show how to approximate the unicitydistance, we need to explore the
following.
∞
Entropy and Redundancy in Languages
The entropy of a cryptosystem is related to the entropy of the underlying
language. We now look into this matter and examine languages in general with
applications to cryptosystems. Let
L
be a given language, such as English.
What is the entropyof
L
? It is given by
n
)
H
(
M
H
(
L
) = lim
n
.
n
→∞
This was established byShannon in [249], and it represents the average amount
of information per letter in language text, as well as the degree of uncertaintyin
determining the next letter given knowledge of a substantial amount of text. It
Search WWH ::
Custom Search