The Shannon cipher system with a guessing wiretapper

The Shannon theory of cipher systems is combined with recent work on guessing values of random variables. The security of encryption systems is measured in terms of moments of the number of guesses needed for the wiretapper to uncover the plaintext given the cryptogram. While the encrypter aims at maximizing the guessing effort, the wiretapper strives to minimize it, e.g., by ordering guesses according to descending order of posterior probabilities of plaintexts given the cryptogram. For a memoryless plaintext source and a given key rate, a single-letter characterization is given for the highest achievable guessing exponent function, that is, the exponential rate of the pth moment of the number of guesses as a function of the plaintext message length. Moreover, we demonstrate asymptotically optimal strategies for both encryption and guessing, which are universal in the sense of being independent of the statistics of the source. The guessing exponent is then investigated as a function of the key rate and related to the large-deviations guessing performance.

[1]  I. Csiszár Information Theory , 1981 .

[2]  Erdal Arikan An inequality on guessing and its application to sequential decoding , 1996, IEEE Trans. Inf. Theory.

[3]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[4]  Hirosuke Yamamoto,et al.  Rate-distortion theory for the Shannon cipher system , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[5]  Neri Merhav,et al.  Joint Source-Channel Coding and Guessing with Application to Sequential Decoding , 1998, IEEE Trans. Inf. Theory.

[6]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[7]  Neri Merhav,et al.  Guessing Subject to Distortion , 1998, IEEE Trans. Inf. Theory.

[8]  J. L. Massey,et al.  An introduction to contemporary cryptology , 1988, Proc. IEEE.

[9]  Martin E. Hellman,et al.  An extension of the Shannon theory approach to cryptography , 1977, IEEE Trans. Inf. Theory.

[10]  A. Rényi On Measures of Entropy and Information , 1961 .

[11]  Hirosuke Yamamoto,et al.  Information theory in cryptology , 1991 .

[12]  Abraham Lempel,et al.  Cryptology in Transition , 1979, CSUR.