Guessing Secrecy

  • Mohsen Alimomeni
  • Reihaneh Safavi-Naini
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7412)


Shannon’s definition of perfect secrecy captures the strongest notion of security for an encryption system and requires that the ciphertext leaks no information about the plaintext to an eavesdropper with unbounded computational power. The only known system with perfect secrecy in this model is one-time pad. Two important limitations of one-time pad in practice are, (i) the size of key space must not be less than the size of plaintext space, and (ii) the key must be chosen uniformly at random for each message to be encrypted. A number of follow up work attempt to relax these limitations by introducing relaxed or new definitions of secrecy.

In this paper we propose a new relaxation of secrecy that we call perfect guessing secrecy, or guessing secrecy for short. This is a natural definition that requires that the adversary’s success chance of the plaintext using his best guessing strategy does not change after seeing the ciphertext. Unlike perfect secrecy, guessing secrecy does allow some leakage of information but requires that the best guess of the plaintext remain the same after seeing the ciphertext. We define guessing secrecy and prove a number of results. We show that similar to perfect secrecy, in guessing secrecy the size of the key space can not be less than the size of plaintext space. Moreover, when the two sets are of equal size, one can find two families of distributions on the plaintext space and key space, such that perfect guessing secrecy is guaranteed for any pair of distributions, one from each family. In other words, perfect guessing secrecy can be guaranteed with non-uniform keys also. We also show the relation between perfect secrecy and perfect guessing secrecy. We discuss our results and propose direction of future research.


Guessing secrecy randomness perfect secrecy Information theoretic security imperfect randomness 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Shannon, C.: Communication theory of secrecy systems. Bell System Technical Journal 28, 656–715 (1949)MathSciNetzbMATHGoogle Scholar
  2. 2.
    Wyner, A.D.: The wire-tap channel. Bell Syst. Tech. J. 54(8), 1355–1367 (1975)MathSciNetzbMATHGoogle Scholar
  3. 3.
    Maurer, U.M.: Conditionally-perfect secrecy and a provably-secure randomized cipher. J. Cryptol. 5(1), 53–66 (1992)MathSciNetzbMATHCrossRefGoogle Scholar
  4. 4.
    McInnes, J.L., Pinkas, B.: On the Impossibility of Private Key Cryptography with Weakly Random Keys. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 421–435. Springer, Heidelberg (1991)Google Scholar
  5. 5.
    Dodis, Y., Spencer, J.: On the (non)universality of the one-time pad. In: Proceedings of the 43rd Symposium on Foundations of Computer Science, FOCS 2002, pp. 376–388. IEEE Computer Society, Washington, DC (2002)Google Scholar
  6. 6.
    Dodis, Y., Ong, S.J., Prabhakaran, M., Sahai, A.: On the (im)possibility of cryptography with imperfect randomness. In: Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science, pp. 196–205. IEEE Computer Society, Washington, DC (2004)CrossRefGoogle Scholar
  7. 7.
    Bosley, C., Dodis, Y.: Does Privacy Require True Randomness? In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 1–20. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Russell, A., Wang, H.: How to Fool an Unbounded Adversary with a Short Key. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 133–148. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Dodis, Y., Smith, A.: Entropic Security and the Encryption of High Entropy Messages. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 556–577. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Cachin, C., Maurer, U.M.: Unconditional Security against Memory-Bounded Adversaries. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 292–306. Springer, Heidelberg (1997)Google Scholar
  11. 11.
    Aumann, Y., Rabin, M.O.: Information Theoretically Secure Communication in the Limited Storage Space Model. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 65–79. Springer, Heidelberg (1999)Google Scholar
  12. 12.
    Ding, Y.Z., Rabin, M.O.: Hyper-Encryption and Everlasting Security. In: Alt, H., Ferreira, A. (eds.) STACS 2002. LNCS, vol. 2285, pp. 1–26. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  13. 13.
    Shannon, C.: A mathematical theory of communication. Bell System Technical Journal 27, 379–423 (1948)MathSciNetzbMATHGoogle Scholar
  14. 14.
    Cover, T.M., Thomas, J.A.: Elements of Information Theory, 2nd edn. Wiley Series in Telecommunications. John Wiley & Sons, Inc. (1991)Google Scholar
  15. 15.
    Cachin, C., Maurer, U.: Entropy measures and unconditional security in cryptography (1997)Google Scholar
  16. 16.
    Massey, J.L.: Guessing and entropy. In: Proceedings of the 1994 IEEE International Symposium on Information Theory, p. 204 (1994)Google Scholar
  17. 17.
    Zuckerman, D.: General weak random sources. In: Proceedings of the 31st Annual Symposium on Foundations of Computer Science, SFCS 1990, vol. 2, pp. 534–543. IEEE Computer Society, Washington, DC (1990)Google Scholar
  18. 18.
    Csiszar, I., Korner, J.: Broadcast channels with confidential messages. IEEE Transactions on Information Theory 24(3), 339–348 (1978)MathSciNetzbMATHCrossRefGoogle Scholar
  19. 19.
    Katz, J., Lindell, Y.: Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series). Chapman & Hall/CRC (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Mohsen Alimomeni
    • 1
  • Reihaneh Safavi-Naini
    • 1
  1. 1.Department of Computer ScienceUniversity of CalgaryCanada

Personalised recommendations