2007 | OriginalPaper | Buchkapitel
On Expected Probabilistic Polynomial-Time Adversaries: A Suggestion for Restricted Definitions and Their Benefits
verfasst von : Oded Goldreich
Erschienen in: Theory of Cryptography
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
This paper concerns the possibility of developing a coherent theory of security when feasibility is associated with
expected
probabilistic polynomial-time (
expected
PPT). The source of difficulty is that the known definitions of
expected
PPT
strategies
(i.e.,
expected
PPT
interactive
machines) do not support natural results of the type presented below. To overcome this difficulty, we suggest new definitions of
expected
PPT strategies, which are more restrictive than the known definitions (but nevertheless extend the notion of
expected
PPT
non-interactive
algorithms). We advocate the conceptual adequacy of these definitions, and point out their technical advantages. Specifically, identifying a natural subclass of black-box simulators, called
normal
, we prove the following two results:
1
Security proofs that refer to all
strict
PPT adversaries (and are proven via normal black-box simulators) extend to provide security with respect to all adversaries that satisfy the restricted definitions of
expected
PPT.
1
Security composition theorems of the type known for
strict
PPT hold for these restricted definitions of
expected
PPT, where security means simulation by normal black-box simulators.
Specifically, a normal black-box simulator is required to make an expected polynomial number of steps, when given oracle access to
any strategy
,
where each oracle call is counted as a single step
. This natural property is satisfies by most known simulators and is easy to verify.