Information-theoretic security

Perfect security or even perfect secrecy is a term coined by Claude Shannon concept from information theory and cryptology. A perfectly secure encryption method is characterized in that a generated key with him text allows no inference on the corresponding plaintext. In such a method is proven mathematically, that an attacker knows the key text, apart from the length of the plaintext can not gain further information about this. He can not decrypt or even break the entire process the ciphertext so.

Definition

We need the components of an encryption method: Let the set of all possible plaintexts, the amount of the encryption key and the set of all possible ciphertexts. These amounts each have a finite number of elements. Furthermore, it is an encryption function and the corresponding decryption function.

Plaintexts usually occur not occur with equal probability. This is for example depending on the language used or any protocol followed the conversation. denotes the probability of a plain text occurs.

An encryption method is called perfectly secure when the occurrence of a given ciphertext is stochastically independent of having a certain plaintext exists. Thus, the following equation holds for all plaintexts and ciphertexts all.

Starts an attacker a key text that it is not possible for him to evaluate statistical abnormalities of the plaintext space. Is he trying to guess at associated plaintext, it is really only with the likelihood that he would too if he does not know the intercepted ciphertext and blind advises a plain text.

Shannon's Theorem

In 1949, Shannon proved the following theorem, which explains the conditions under which an encryption method is perfectly safe.

Be was and for all. The encryption method is perfectly safe if and only if the probability distribution on the key space is the uniform distribution and if there is exactly one key for each plaintext and ciphertext of each, so that.

Practice

From the set of Shannon shows that in perfectly safe procedure, the probability distribution on the key space must be the uniform distribution. Statistical deviations may cause the system is uncertain. Therefore, cryptographically secure random number generators should be used for key generation.

Shannon was able to show that perfectly secure encryption method actually exist. An example is the one-time pad. Such use perfectly safe procedure is usually complicated in practice. For real- time applications such as the Internet, they are therefore rarely used.