词条 | Hybrid argument (Cryptography) |
释义 |
In cryptography, the hybrid argument is a proof technique used to show that two distributions are computationally indistinguishable. Formal descriptionFormally, to show two distributions D1 and D2 are computationally indistinguishable, we can define a sequence of hybrid distributions D1 := H0, H1, ..., Ht =: D2 where t is polynomial in the security parameter. Define the advantage of any probabilistic efficient (polynomial-bounded time) algorithm A as where the dollar symbol ($) denotes that we sample an element from the distribution at random. By triangle inequality, it is clear that for any probabilistic polynomial time algorithm A, Thus there must exist some k s.t. 0 ≤ k < t and Since t is polynomial-bounded, for any such algorithm A, if we can show that its advantage to distinguish the distributions Hi and Hi+1 is negligible for every i, then it immediately follows that its advantage to distinguish the distributions D1 = H0 and D2 = Ht must also be negligible. This fact gives rise to the hybrid argument: it suffices to find such a sequence of hybrid distributions and show each pair of them is computationally indistinguishable.[1] ApplicationsThe hybrid argument is extensively used in cryptography. Some simple proofs using hybrid arguments are:
Notes{{div col|colwidth=30em}}1. ^Lemma 3 in Dodis's notes. {{div col end}}2. ^Theorem 1 in Dodis's notes. 3. ^Lemma 80.5, Corollary 81.7 in Pass's notes. References
1 : Cryptography |
随便看 |
|
开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。