Small rewriting

This commit is contained in:
Fabrice Mouhartem 2018-02-12 15:02:04 +01:00
parent 19440fa656
commit 723cc66560

View File

@ -102,9 +102,11 @@ In cryptology, it is also important to consider the success probability of algor
an attack is successful if the probability that it succeed is noticeable. an attack is successful if the probability that it succeed is noticeable.
\index{Negligible function} \index{Negligible function}
\scbf{Notation.} Let $f : \NN \to [0,1]$ be a function. The function $f$ is said to be \emph{negligible} if $f(n) = n^{-\omega(1)}_{}$, and this is written $f(n) = \negl[n]$. \begin{definition}[Negligible, noticeable, overwhelming probability] \label{de:negligible}
Non-negligible functions are also called \emph{noticeable} functions. Let $f : \NN \to [0,1]$ be a function. The function $f$ is said to be \emph{negligible} if $f(n) = n^{-\omega(1)}_{}$, and this is written $f(n) = \negl[n]$.\\
And if $f = 1- \negl[n]$, $f$ is said to be \emph{overwhelming}. Non-negligible functions are also called \emph{noticeable} functions.\\
Finally, if $f = 1- \negl[n]$, $f$ is said to be \emph{overwhelming}.
\end{definition}
Once that we define the notions related to the core of the proof, we have to define the objects on what we work on. Once that we define the notions related to the core of the proof, we have to define the objects on what we work on.
Namely, defining what we want to prove, and the hypotheses on which we rely, also called ``hardness assumption''. Namely, defining what we want to prove, and the hypotheses on which we rely, also called ``hardness assumption''.
@ -279,6 +281,4 @@ Therefore, the existence of a simulator $\widehat{\adv}$ that does not use $pk$
For $\PKE$, the simulation-based definition for chosen plaintext security is the same as the indistinguishability security~\cite[Se. 5.2.3]{Gol04}. For $\PKE$, the simulation-based definition for chosen plaintext security is the same as the indistinguishability security~\cite[Se. 5.2.3]{Gol04}.
As indistinguishability based model are easier to manipulate, that's why this is the most common definition for security against chosen plaintext attacks for $\PKE$. As indistinguishability based model are easier to manipulate, that's why this is the most common definition for security against chosen plaintext attacks for $\PKE$.
For other primitives, such as Oblivious Transfer ($\OT$) described in Chapter~\ref{ch:ac-ot}, the simulation-based definitions are strictly stronger than indistinguishability definitions~\cite{CF01}. For other primitives, such as Oblivious Transfer ($\OT$) described in Chapter~\ref{ch:ac-ot}, the simulation-based definitions are strictly stronger than indistinguishability definitions~\cite{CF01}.
Therefore, it is preferable to have security proofs of the strongest possible definitions in theoretical cryptography. Therefore, it is preferable to have security proofs of the strongest \emph{possible} definitions in theoretical cryptography.