An (χY)-random system takes inputs X1X2,... ∈ χ and generates, for each new input X i , an output Y i ∈ Y, depending probabilistically on X1,..., Xi and Y1,..., Yi-1. Many cryptographic systems like block ciphers, MAC-schemes, pseudo-random functions, etc., can be modeled as random systems, where in fact Yi often depends only on Xi, i.e., the system is stateless. The security proof of such a system (e.g. a block cipher) amounts to showing that it is indistinguishable from a certain perfect system (e.g. a random permutation).We propose a general framework for proving the indistinguishability of two random systems, based on the concept of the equivalence of two systems, conditioned on certain events. This abstraction demonstrates the common denominator among many security proofs in the literature, allows to unify, simplify, generalize, and in some cases strengthen them, and opens the door to proving new indistinguishability results.We also propose the previously implicit concept of quasi-randomness and give an efficient construction of a quasi-random function which can be used as a building block in cryptographic systems based on pseudorandom functions.
Weitere Kapitel dieses Buchs durch Wischen aufrufen
- Indistinguishability of Random Systems
- Springer Berlin Heidelberg