Paper 2012/053

Yevgeniy Dodis

Abstract

In this note we formally show a "folklore" (but, to the best of our knowledge, not documented) fact that in order to beat the famous Shannon lower bound on key length for one-time-secure encryption, one must *simultaneously* restrict the attacker to be efficient, and also allow the attacker to break the system with some non-zero (i.e., negligible) probability. Despite being "folklore", we were unable to find a clean and simple proof of this result, despite asking several experts in the field. We hope that cryptography instructors will find this note useful when justifying the transition from information-theoretic to computational cryptography. We note that our proof cleanly handles *probabilistic* encryption, as well as a small *decryption error*.

Available format(s)
Category
Foundations
Publication info
Published elsewhere. this note is meant to be used in "introduction to cryptography" classes
Keywords
Contact author(s)
dodis @ cs nyu edu
History
Short URL
https://ia.cr/2012/053

CC BY

BibTeX

@misc{cryptoeprint:2012/053,
author = {Yevgeniy Dodis},