Cryptology ePrint Archive: Report 2015/870

Gambling, Computational Information and Encryption Security

Mohammad Hajiabadi and Bruce M. Kapron

Abstract: We revisit the question, originally posed by Yao (1982), of whether encryption security may be characterized using computational information. Yao provided an affirmative answer, using a compression-based notion of computational information to give a characterization equivalent to the standard computational notion of semantic security. We give two other equivalent characterizations. The first uses a computational formulation of Kelly's (1957) model for "gambling with inside information", leading to an encryption notion which is similar to Yao's but where encrypted data is used by an adversary to place bets maximizing the rate of growth of total wealth over a sequence of independent, identically distributed events. The difficulty of this gambling task is closely related to Vadhan and Zheng's (2011) notion of KL-hardness, which in certain cases is equivalent to a conditional form of the pseudoentropy introduced by Hastad et. al. (1999). Using techniques introduced to prove this equivalence, we are also able to give a characterization of encryption security in terms of conditional pseudoentropy. Finally, we reconsider the gambling model with respect to "risk neutral" adversaries in an attempt to understand whether assumptions about the rationality of adversaries may impact the level of security achieved by an encryption scheme.

Category / Keywords: foundations / Kelly criterion, pseudoentropy, computational information, semantic security, Kelly criterion

Original Publication (with major differences): Information Theoretic Security 8th International Conference, ICITS 2015, Lugano, Switzerland, May 2-5, 2015. Proceedings
DOI:
10.1007/978-3-319-17470-9_9

Date: received 7 Sep 2015

Contact author: bmkapron at uvic ca

Available format(s): PDF | BibTeX Citation

Version: 20150908:060736 (All versions of this report)

Short URL: ia.cr/2015/870

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]