1
00:00:20,160 --> 00:00:25,970
Welcome to this class on Shannon's theory
so as I told you in my previous classes that,
2
00:00:25,970 --> 00:00:32,970
Shannon's theory is a very fundamental theory
in the art or science of cryptology so essentially
3
00:00:33,890 --> 00:00:39,570
it was the seminar paper in 1948 and 49 which
essentially postulated Shannon theories.
4
00:00:39,570 --> 00:00:46,350
So, they essentially form a cornerstone of
what we known as today's ciphers therefore,
5
00:00:46,350 --> 00:00:53,350
you will find that whatever we whatever basic
formulations or basic properties we find in
6
00:00:54,510 --> 00:00:59,620
today's ciphers you can essentially go back
and find that those things existed in an old
7
00:00:59,620 --> 00:01:02,460
paper in 1948and 1949.
8
00:01:02,460 --> 00:01:07,619
So we will try to understand some of the concepts
in this papers so in today's class the objectives
9
00:01:07,619 --> 00:01:11,930
will be as follows so we will try to understand
the definition of what is mean by perfect
10
00:01:11,930 --> 00:01:17,130
secrecy and prove that at given cryptosystem
is perfectly secure so that is our objective
11
00:01:17,130 --> 00:01:23,690
that is the given cryptosystem we should be
able to essentially find out whether it is
12
00:01:23,690 --> 00:01:29,690
perfectly secured are not and then we will
see that how to construct or realize a certain
13
00:01:29,690 --> 00:01:36,690
kind of perfectly secure ciphers so we call
them one time pads or O T P's so after that
14
00:01:36,690 --> 00:01:43,599
we will go into a very fundamental instrumental
we use for our these kind of proves so it
15
00:01:43,599 --> 00:01:47,099
is called entropy.
So we will try to understand what is the entropy
16
00:01:47,099 --> 00:01:52,550
and its computations and then we will follow
that up with the definition of ideal ciphers
17
00:01:52,550 --> 00:01:57,989
and conclude with some a topic called equivocation
of keys this i will gradually progress and
18
00:01:57,989 --> 00:02:00,780
you will try to understand these concepts.
19
00:02:00,780 --> 00:02:05,429
By these concepts from a part of Shannon's
theory and we will actually conclude with
20
00:02:05,429 --> 00:02:11,530
something but, may be not in today's class
so first of all what I would like to define
21
00:02:11,530 --> 00:02:18,530
what is mean by unconditional security so
essentially the idea is that we are essentially
22
00:02:19,319 --> 00:02:25,400
considering an adversary who is powerful powerfulness
means he has who has got unbounded computational
23
00:02:25,400 --> 00:02:31,810
power so the idea is that given a cipher and
given a adversary who has got unbounded computational
24
00:02:31,810 --> 00:02:38,810
power then whether he or she is able to break
a given cryptosystem so that means when we
25
00:02:39,590 --> 00:02:44,860
when we talk about unconditional security
it concerns the security of cryptosystems
26
00:02:44,860 --> 00:02:50,610
when the adversary has unbounded computational
power so unbounded computational power means
27
00:02:50,610 --> 00:02:55,920
it has got infinite resources so infinite
resources means what it has got infinite time
28
00:02:55,920 --> 00:03:01,610
it has got infinite space and a question is
whether even then whether it can break a given
29
00:03:01,610 --> 00:03:08,040
cryptosystem so what do you mean when you
say break a cryptosystem.
30
00:03:08,040 --> 00:03:11,100
Obtain by value of the key
Obtain by value of the key so, essentially
31
00:03:11,100 --> 00:03:15,380
we have seen various kinds of attacks we have
seen like various classes of attacks so we
32
00:03:15,380 --> 00:03:19,700
will be considering that we will considering
as hypertext only attack that means the adversary
33
00:03:19,700 --> 00:03:25,810
has got access to the only the cipher text
and given an unbounded computational power
34
00:03:25,810 --> 00:03:32,280
whether the adversary is able to ascertain
the value of the key so, the question always
35
00:03:32,280 --> 00:03:37,400
which comes to your mind is when is a given
cipher unconditionally secured.
36
00:03:37,400 --> 00:03:41,920
So, in order to understand that we will use
some theory of probability and we will try
37
00:03:41,920 --> 00:03:48,920
to understand how what is a model of an unconditional
adversary and it is an unbounded adversary
38
00:03:49,400 --> 00:03:54,250
and try to understand what is the definition
of an unconditional I mean unconditional security
39
00:03:54,250 --> 00:04:01,250
we also called that perfect security.
that is the basically we have as we have said
40
00:04:04,930 --> 00:04:09,880
that the cos curved principle essentially
said that the algorithm is open so the security
41
00:04:09,880 --> 00:04:14,730
lies only in the value of the key so the value
of the key is not known to adversary so the
42
00:04:14,730 --> 00:04:18,539
adversary knows the algorithm everybody knows
the algorithm the algorithm is in the public
43
00:04:18,539 --> 00:04:22,860
domain so what you do not know is the value
of the key and a question is where you can
44
00:04:22,860 --> 00:04:26,160
ascertain value of the key so therefore,
45
00:04:26,160 --> 00:04:33,160
we will use certain times in probability i
call that as a priori probability and a posteriori
46
00:04:35,410 --> 00:04:41,560
probability so the idea is as follows so whatever
encryption you considered is basically a function
47
00:04:41,560 --> 00:04:48,560
it is a function from the domain of a plaintext
to cipher text therefore, as we have seen
48
00:04:49,960 --> 00:04:54,630
in our old classical ciphers they essentially
comprised of what they considered for example,
49
00:04:54,630 --> 00:04:59,380
let us consider biggest the alphabetic alphabets
making of the plain text.
50
00:04:59,380 --> 00:05:03,930
So therefore, how many possible letters or
symbols are there there're 26 letters or symbols
51
00:05:03,930 --> 00:05:09,880
so that so these 26 letters or symbols have
been somehow transformed and converted into
52
00:05:09,880 --> 00:05:16,550
a cipher text therefore, all of these letters
like a b c d's so and so, on to z has got
53
00:05:16,550 --> 00:05:21,690
some probabilities as we have said like in
English language e is the most according most
54
00:05:21,690 --> 00:05:26,220
figurely according letter.
So, therefore, they have got some probability
55
00:05:26,220 --> 00:05:32,150
distribution initially before the cipher text
starts and that is what we call as the a priori
56
00:05:32,150 --> 00:05:38,250
probability and that is getting essentially
therefore, we denote by the term p p x so
57
00:05:38,250 --> 00:05:44,210
as if you can see here we denote by the term
p p x a priori probability of a plain text
58
00:05:44,210 --> 00:05:50,180
and therefore, this is the probability that
is assigned to every letter or symbol of the
59
00:05:50,180 --> 00:05:56,669
plain text before the encryption has started
so, essentially the key also has got a probability
60
00:05:56,669 --> 00:06:01,660
distribution and therefore, now on the in
when the encryption function takes place.
61
00:06:01,660 --> 00:06:07,810
Therefore, what happens is that the plain
text gets converted into the cipher text so
62
00:06:07,810 --> 00:06:13,930
if we consider a cryptosystem where the plain
text and the cipher text both comprises of
63
00:06:13,930 --> 00:06:19,430
say English letters then the initial frequency
of probability distribution of the plain text
64
00:06:19,430 --> 00:06:25,490
is getting transformed into a different probability
so therefore, that so there is a probability
65
00:06:25,490 --> 00:06:29,930
transformation therefore, let us consider
like for example, by as we have said that
66
00:06:29,930 --> 00:06:36,449
p p x denotes a priori probability of the
plain text similarly, we have got p k which
67
00:06:36,449 --> 00:06:43,449
denotes the a priori probability of the key
so the cipher text is generated by applying
68
00:06:43,900 --> 00:06:49,600
the encryption function therefore, if we consider
that plain text the plain text by x or denote
69
00:06:49,600 --> 00:06:56,110
the plain text by x and there is an encryption
functions e and based upon the value of the
70
00:06:56,110 --> 00:07:02,030
key we know that why x is getting transformed
into y. So, what we no doubt here is that
71
00:07:02,030 --> 00:07:06,660
the both the probability distribution that
the plain that is the plain text and the key
72
00:07:06,660 --> 00:07:12,820
are independent because when you are choosing
the key in general we do not think about what
73
00:07:12,820 --> 00:07:17,130
is the value of the plain text therefore,
the two distributions that is the plain text
74
00:07:17,130 --> 00:07:22,930
distribution and the key distribution they
are independent this observation is actually
75
00:07:22,930 --> 00:07:28,580
very important so please commit your memory
that the plain text distribution and the key
76
00:07:28,580 --> 00:07:35,580
distributions are independent we will use
that in our future calculations then we obtain
77
00:07:35,910 --> 00:07:40,630
the cipher text by applying the value of the
plain text and also the chosen value of the
78
00:07:40,630 --> 00:07:47,630
key and we obtain as a cipher text in the
probability distribution now.
79
00:07:48,960 --> 00:07:53,680
What the attacker wants to do is that it wants
to compute the a posteriori probability of
80
00:07:53,680 --> 00:07:59,580
the plain text so the idea is as follows before
going to the complications the idea is as
81
00:07:59,580 --> 00:08:03,820
follows
So the idea is like this that is when you
82
00:08:03,820 --> 00:08:08,539
obtain the cipher text what you do is that
we have got certain values of the symbols
83
00:08:08,539 --> 00:08:12,740
so what you do is that you guess the value
of the key and then you try to decrypt the
84
00:08:12,740 --> 00:08:18,590
cipher text I mean so the moment you decrypt
the cipher text what you obtain is the plain
85
00:08:18,590 --> 00:08:22,840
text.
So this plain text what you obtain this also
86
00:08:22,840 --> 00:08:29,840
has got a distribution and that is called
the a posteriori probability now if you are
87
00:08:30,120 --> 00:08:35,959
a posteriori probability matches with your
applied probability then probably our guess
88
00:08:35,959 --> 00:08:42,800
of the key was correct by what if you obtain
for example, if you if your guess is wrong
89
00:08:42,800 --> 00:08:47,100
then may be when you go back then the plain
text that you have obtained does not make
90
00:08:47,100 --> 00:08:52,990
any sense so let us I mean if you are not
really clear we can make it clear by the example
91
00:08:52,990 --> 00:08:57,889
of may be a shift cipher so consider a shift
cipher so in shift cipher what did we do every
92
00:08:57,889 --> 00:09:04,050
letter was transform by some other letter.
So for example, it could be a shift may be
93
00:09:04,050 --> 00:09:08,920
a fixed shift or maybe a not a fixed shift
but, we had basically done some transformations
94
00:09:08,920 --> 00:09:14,929
therefore, for example, there is a legible
or other meaningful English language text
95
00:09:14,929 --> 00:09:21,139
consider a paragraph of meaningful English
language so when you apply shift cipher gets
96
00:09:21,139 --> 00:09:26,259
transformed into another set of alphabets
which essentially does not make any sense
97
00:09:26,259 --> 00:09:31,160
so what did we do for our crypt analysis we
essentially guessed the value of the key and
98
00:09:31,160 --> 00:09:38,029
then decrypted back so when we decrypt back
we can what we can do is that what we can
99
00:09:38,029 --> 00:09:42,929
check what is the original plain text that
is our objective also so when you go back
100
00:09:42,929 --> 00:09:48,040
we guess the value of the key we go back and
obtain the plain text now these plain text
101
00:09:48,040 --> 00:09:53,329
or these paragraph that we obtain which is
probably the plain text has got a probability
102
00:09:53,329 --> 00:09:59,410
distribution but, that is actually based upon
the value of the key after the ciphering after
103
00:09:59,410 --> 00:10:04,470
the value of the cipher text that is given
the value of the cipher text what is the probability
104
00:10:04,470 --> 00:10:08,439
distribution of the corresponding plain text.
So these probability distribution is defined
105
00:10:08,439 --> 00:10:14,519
as the a posteriori probability and if your
guess of the key was correct for a shift cipher
106
00:10:14,519 --> 00:10:19,589
then that paragraph could have definitely
made a sense you could have been a meaningful
107
00:10:19,589 --> 00:10:25,279
text nobody encrypts a meaningless text that
is the basic assumption so if some encrypts
108
00:10:25,279 --> 00:10:30,100
the meaningless text then I am really not
bothered so therefore, the idea is that if
109
00:10:30,100 --> 00:10:35,910
that make sense that means essentially in
the probability distribution that we obtain
110
00:10:35,910 --> 00:10:41,819
in the corresponding text should essentially
match with our normal English language therefore,
111
00:10:41,819 --> 00:10:46,660
in that case my a posteriori probability matches
with the a priori probability and if that
112
00:10:46,660 --> 00:10:53,389
is so then the value of the key is correct
should you understand the idea behind this
113
00:10:53,389 --> 00:10:58,160
therefore, there is a definite idea where
Shannon postulated this therefore, essentially
114
00:10:58,160 --> 00:11:02,879
it tries to explain mathematically what we
did for our crypt analysis.
115
00:11:02,879 --> 00:11:09,879
for example, English language plain text all
of us know so the adversary also has a fade
116
00:11:13,619 --> 00:11:18,819
amount of idea of that so the idea has an
access to that I mean the adversary has an
117
00:11:18,819 --> 00:11:24,589
access to that as well it has also access
to the encryption function so I am repeating
118
00:11:24,589 --> 00:11:31,429
this because it should go into your mind so
for example, now consider that in the probability
119
00:11:31,429 --> 00:11:36,319
distribution on p and key k in this a probability
distribution therefore, so this we have understood
120
00:11:36,319 --> 00:11:41,189
that the probability distributions on p and
k that is the plain text and the k in this
121
00:11:41,189 --> 00:11:46,139
a probability distribution on c which is the
cipher text and what is the cipher text we
122
00:11:46,139 --> 00:11:53,139
can denote as follows like for a given k c
k x is equal to e k x where x is belongs to
123
00:11:53,489 --> 00:11:59,209
the corresponding plain text so this is symbol.
So the question is that so this is the fundamental
124
00:11:59,209 --> 00:12:05,339
question does the cipher text leak information
about the plain text therefore, given the
125
00:12:05,339 --> 00:12:10,329
cipher text y now what we shall do is the
we shall compute the a posteriori probability
126
00:12:10,329 --> 00:12:16,040
of the plain text we denote that by p p x
given y so you have understand this so what
127
00:12:16,040 --> 00:12:21,959
is this symbol called this is conditional
probability therefore, we applied the principles
128
00:12:21,959 --> 00:12:27,679
of conditional probability and we can actually
compute this value so p p x given y and see
129
00:12:27,679 --> 00:12:34,239
whether it matches with that of the a priori
probability of the plain text so if this matches
130
00:12:34,239 --> 00:12:39,679
with the a priori probability of the plain
text then probably my key is correct therefore,
131
00:12:39,679 --> 00:12:45,790
if we would have wanted a proper amount of
security are where we would say as a perfect
132
00:12:45,790 --> 00:12:49,319
security then we can actually denote this
as follows.
133
00:12:49,319 --> 00:12:56,319
You would have written like p p x given y
that is equal to p p x so what does it mean
134
00:13:01,040 --> 00:13:08,040
so this is the basic idea of a perfect secrecy
or perfect security what does it mean.
135
00:13:13,869 --> 00:13:20,869
therefore, I really do not know what to do
so the idea is that do not know why this is
136
00:13:36,129 --> 00:13:43,009
not shown there so let us continue I am try
I mean what I am trying to say it to you is
137
00:13:43,009 --> 00:13:48,319
that p p x given y is equal to p p x therefore,
probably
138
00:13:48,319 --> 00:13:55,319
I had written out here somewhere so p p x
given y is equal to p p x so which means that
139
00:13:57,730 --> 00:14:04,730
for all x given y belongs to p and for all
y which belongs to c this result holds that
140
00:14:05,059 --> 00:14:10,639
is the crypto system has got perfect secrecy
if this is our case and what does it mean
141
00:14:10,639 --> 00:14:17,639
it means that the a posteriori it means that
essentially given the value of y that probability
142
00:14:18,290 --> 00:14:24,160
is distribution of x is indistinguishable
from the probability distribution of x when
143
00:14:24,160 --> 00:14:28,049
you are not given in any value of y so which
means what which means that a cipher text
144
00:14:28,049 --> 00:14:35,049
y is not giving you any additional information
so you see that slowly you are trying to understand
145
00:14:35,309 --> 00:14:42,089
the meaning of information or the meaning
of uncertainty so information and uncertainty
146
00:14:42,089 --> 00:14:48,869
are quite related so we are trying to say
how those things are formally destroyed mathematically
147
00:14:48,869 --> 00:14:55,869
destroyed.
I you are not understood so there was he so
148
00:14:57,879 --> 00:15:04,379
what I am trying to say is that suppose consider
an symbol shift cipher and consider that this
149
00:15:04,379 --> 00:15:09,079
is the probability distribution of x so that
is I have describe by p p x what is the normal
150
00:15:09,079 --> 00:15:13,730
English language description now you consider
that you have done a shift cipher so which
151
00:15:13,730 --> 00:15:18,309
means what you have got a y cipher text now
I am saying to you that given this distribution
152
00:15:18,309 --> 00:15:23,049
of y whether the now what you can do is that
you can the guess value of the key and obtain
153
00:15:23,049 --> 00:15:26,629
like the plain text so that is nothing but,
so the probability distribution now that you
154
00:15:26,629 --> 00:15:31,579
have obtain is p p x given y so if these two
things so that is what I have trying to say
155
00:15:31,579 --> 00:15:37,949
if these two things match then essentially
this means that this y is not giving you any
156
00:15:37,949 --> 00:15:42,609
extra information because even then it is
still the same so it is not giving you any
157
00:15:42,609 --> 00:15:46,699
additional information so,
158
00:15:46,699 --> 00:15:52,480
Let us talk lets I think get I mean I think
this will gets clear with the help of an example
159
00:15:52,480 --> 00:15:57,279
therefore, let see one example therefore,
consider this is the cryptosystem obvious
160
00:15:57,279 --> 00:16:00,970
just with the sort of diagrammatic representation
of the cryptosystem.
161
00:16:00,970 --> 00:16:05,769
So, you see that this is a very simple transformation
which says that your plain text comprises
162
00:16:05,769 --> 00:16:12,189
of the letters a and b and your cipher text
comprises of the letters or symbols 1 2 3
163
00:16:12,189 --> 00:16:19,189
and 4 so what is the transformation the transformation
says that you can start with a and if your
164
00:16:19,429 --> 00:16:26,429
k is k 1 then you go to 1 if your k is k 2
then you go to2 if k is k 3 you go to 3 similarly,
165
00:16:30,989 --> 00:16:37,069
the other transformations so what you see
is that if your plain text is b then also
166
00:16:37,069 --> 00:16:42,720
you get some other mappings like 2 3 and 4
therefore, this is the corresponding mapping
167
00:16:42,720 --> 00:16:48,910
that we are concerned with now let us try
to understand sudden things about what we
168
00:16:48,910 --> 00:16:54,790
are just described so, for example, consider
that your plain text which forms the set of
169
00:16:54,790 --> 00:17:00,709
p equal to a b has got a probability distribution.
So, which means you're a has a probability
170
00:17:00,709 --> 00:17:06,189
distribution a b has a probability distribution
so essentially follows the probability distributions
171
00:17:06,189 --> 00:17:09,949
therefore, a has a probability of occurring
and b also has a probability of occurring
172
00:17:09,949 --> 00:17:16,040
so what is the probability of occurring of
a it is say 1 by 4 so this is given so what
173
00:17:16,040 --> 00:17:23,040
is the probability of occurrence of b it is
3 by 4 note that I mean the probability of
174
00:17:23,939 --> 00:17:28,360
occurrence of a plus the probability of occurrence
of b is equal to unity so this is obvious
175
00:17:28,360 --> 00:17:34,180
because a and b are the only possible texts
symbols so what is the value of k the k could
176
00:17:34,180 --> 00:17:40,520
be k 1 k 2 and probably k 3 also, this is
the mistake here therefore, so consider that
177
00:17:40,520 --> 00:17:47,520
suppose there's key called k 1 and the probability
distribution of k 1 is half and the probability
178
00:17:48,800 --> 00:17:54,490
distribution of k I mean the probability of
occurrence of k 2 and k 3 as same so what
179
00:17:54,490 --> 00:18:00,450
is that it is equal to 1 by 4 so what is the
cipher text the cipher text is 1 2 3 and 4.
180
00:18:00,450 --> 00:18:05,450
Now the question is what is the a posteriori
probabilities of the plain text given in the
181
00:18:05,450 --> 00:18:10,660
cipher text from c so which means that we
have been provided the corresponding cipher
182
00:18:10,660 --> 00:18:16,390
text and the question is what is the a posteriori
probability of the plain text so which means
183
00:18:16,390 --> 00:18:22,790
what is the probability of occurrence of say
a or b once you have been given say the cipher
184
00:18:22,790 --> 00:18:28,460
text is 1 or 2 or may be 3 or 4 so you will
consider one such case now this encryption
185
00:18:28,460 --> 00:18:34,290
function is often represented by this table
also, you see that a is the plain text k 1
186
00:18:34,290 --> 00:18:41,290
is the key then your cipher text is one similarly,
you can also check other such mappings is
187
00:18:41,760 --> 00:18:43,560
this clear.
188
00:18:43,560 --> 00:18:50,560
So, I will keep this figure and I will try
to compute the value of the a posteriori probability
189
00:18:53,430 --> 00:18:57,350
as follows therefore, first of all let us
try to understand what is the probability
190
00:18:57,350 --> 00:19:01,560
that one occurs at the cipher text.
So, what is that probability so you see that
191
00:19:01,560 --> 00:19:07,550
one could have occurred only from a in this
matrix so that means we would like to multiply
192
00:19:07,550 --> 00:19:12,140
because you already told you whether plain
text distribution and the key distribution
193
00:19:12,140 --> 00:19:17,650
are independent distributions so in order
to obtain the probability of 1we can simply
194
00:19:17,650 --> 00:19:22,770
multiply the probability that a occurrence
of a multiply with the probability of the
195
00:19:22,770 --> 00:19:29,450
key k 1 so what is the probability of a it
is equal to 1 by 4 and the probability of
196
00:19:29,450 --> 00:19:35,670
occurrence of k 1 is half so multiply 1 by
4 with half and obtain 1 by 8 so that is the
197
00:19:35,670 --> 00:19:41,420
probability of occurrence of 1 similarly,
we can also obtain the probability of occurrence
198
00:19:41,420 --> 00:19:47,290
of three it is slightly more complicated because
three can occurred from a as well as b but,
199
00:19:47,290 --> 00:19:52,600
in this case you see that this a and these
b are two exclusive cases therefore, we can
200
00:19:52,600 --> 00:19:57,650
apply the theory of or theorem of a priori
probability and what we can do is that we
201
00:19:57,650 --> 00:20:02,610
can multiply the probability of occurrence
of a with the probability of occurrence of
202
00:20:02,610 --> 00:20:08,880
k 3 and add that with the probability of occurrence
of b multiply by the probability of occurrence
203
00:20:08,880 --> 00:20:12,930
of k 2.
So, this is symbol so what we can do is that
204
00:20:12,930 --> 00:20:17,640
we can just simply multiply 1 by 4 with 1
by 4 add that product with the 3 by 4 and
205
00:20:17,640 --> 00:20:24,640
1 by 4 and this works to 1 by 4 so this is
actually 1 by 16 plus 3 by 16 not 1 by 1 so
206
00:20:26,910 --> 00:20:32,260
it is equal to 1 by 4 so likewise I can also
compute the other probabilities so you see
207
00:20:32,260 --> 00:20:37,550
that we can obtain the probability of the
cipher texts as follows but, our question
208
00:20:37,550 --> 00:20:42,890
is what our question is to find out the a
posteriori probability which means is given
209
00:20:42,890 --> 00:20:49,890
the cipher text is 2 I would like to compute
what is the probability of occurrence of a
210
00:20:53,690 --> 00:20:58,320
so this is quite simple likewise if i say
you for example, that the cipher text is 1and
211
00:20:58,320 --> 00:21:03,640
ask you what is the probability of occurrence
of b what is the answer it is 0 you can easily
212
00:21:03,640 --> 00:21:08,300
compute so you see that does it match with
the probability of occurrence of b no which
213
00:21:08,300 --> 00:21:10,260
means that it is not a.
Perfect cipher
214
00:21:10,260 --> 00:21:16,030
Perfect cipher so this is the symbol check
but, we will try to compute little bit complex
215
00:21:16,030 --> 00:21:22,370
situation which says that what is the a posteriori
probability of a given that cipher text is
216
00:21:22,370 --> 00:21:28,180
2 we will just try to understand this complicated
thing although we are easily understood that
217
00:21:28,180 --> 00:21:33,780
the this is not a perfect cipher why because
we have to essentially go to the generalization
218
00:21:33,780 --> 00:21:38,570
so generalization are always complex equation
so in order to understand that it is interesting
219
00:21:38,570 --> 00:21:44,540
to work with a simple example so let us consider
this for example, that suppose your p p a
220
00:21:44,540 --> 00:21:51,530
is given 1 is 1and your p p b given 1 is 0
so, this we of all already understood I guess
221
00:21:51,530 --> 00:21:57,690
that is your if your plain text is 1 your
cipher text can be a and that occurrence probability
222
00:21:57,690 --> 00:22:04,060
is actually 1 and if your plain text is 1
then the occurrence of b as the plain text
223
00:22:04,060 --> 00:22:08,520
is actually 0 so you would like to compute
this also and what is the a posterior probability
224
00:22:08,520 --> 00:22:15,520
that a accords as a plain text given 2 as
a cipher text so that this is two can actually
225
00:22:15,760 --> 00:22:21,360
come from two plain text it come from a as
well as it can come from b so the two can
226
00:22:21,360 --> 00:22:27,500
come when the plain text was a and the key
was k 2 or when the plain text was b and the
227
00:22:27,500 --> 00:22:30,470
key was K 1.
228
00:22:30,470 --> 00:22:35,770
K 1 so another question is given to we need
to compute the probability that it came from
229
00:22:35,770 --> 00:22:42,510
A is it that of choosing k 2 is that probability
is same as that of choosing k 2.
230
00:22:42,510 --> 00:22:47,920
No because we see that there are other mappings
where k 2 has been chosen where 2 is not the
231
00:22:47,920 --> 00:22:53,260
result for example, this one in series mapping
the k 2 is chosen but, actually have ended
232
00:22:53,260 --> 00:23:00,180
up with three as a cipher text so it is not
equal to that of choosing of the k 2 so,
233
00:23:00,180 --> 00:23:05,320
Therefore, how do we compute that therefore,
let us see I mean for example, these two can
234
00:23:05,320 --> 00:23:09,910
appear with a probability as which we can
work out as follows by having a as a plain
235
00:23:09,910 --> 00:23:16,910
text and k 2as a key therefore, A is the corresponding
plain text and k 2 is the value of the key
236
00:23:18,410 --> 00:23:22,350
so what is the probability so we know that
we have to we can multiply the probability
237
00:23:22,350 --> 00:23:27,630
of the plain text and the key because they
are independent so it is product of 1 by 4
238
00:23:27,630 --> 00:23:32,580
and 1 by 4 and it works to 1 by 16 you understand
that because product of occurrence of a is
239
00:23:32,580 --> 00:23:39,580
1 by 4 and k 2 as the key is also 1 by 4 so
multiply them it is 1 by 16 the other case
240
00:23:39,660 --> 00:23:46,660
could be by having b as the plain text and
k 1 as the key you see that the other occurrence
241
00:23:46,660 --> 00:23:52,660
the other chance could be that b was the plain
text and k 1 was the key thus k 1 is chosen
242
00:23:52,660 --> 00:23:58,960
so what is the probability of occurrence of
b it is 3 by 4 and what is the probability
243
00:23:58,960 --> 00:24:04,250
of occurrence of k 1 it is half so you multiply
them and you obtain 6 by 16
244
00:24:04,250 --> 00:24:09,490
So what is the total probability that two
can occur it is 7 by 16 so we have basically
245
00:24:09,490 --> 00:24:16,170
broken up the possibilities into two cases
so what is our desirable case now our decidable
246
00:24:16,170 --> 00:24:21,430
case is that two has occurred as a cipher
text and it has occurred from a so which is
247
00:24:21,430 --> 00:24:27,540
the first event you see that by having a as
the plain text and k two as the key what we
248
00:24:27,540 --> 00:24:32,350
have done is that what we have obtained two
from the plain text a and that is precisely
249
00:24:32,350 --> 00:24:39,040
what we want what is the probability distribution
of a given that two is your cipher text so
250
00:24:39,040 --> 00:24:46,040
what you do is that we divide 1 by 16 by 7
by 16 and we obtain the value 1 by 7 so, I
251
00:24:48,820 --> 00:24:54,890
guess you understand began now generalize
this also like consider any set of plain text
252
00:24:54,890 --> 00:24:59,730
and any corresponding set of cipher text and
any set of keys for of course, so we would
253
00:24:59,730 --> 00:25:05,850
like to generalize this idea of a posteriori
probability and this we can do by the help
254
00:25:05,850 --> 00:25:07,280
of this equation.
255
00:25:07,280 --> 00:25:13,120
Do you understand this equation so you see
that what you says as follows so it is basically
256
00:25:13,120 --> 00:25:17,770
tries to compute the value of p p x given
y so this is what exactly we are doing in
257
00:25:17,770 --> 00:25:24,320
a our example so the denominator is all possible
ways how you can actually obtain y because
258
00:25:24,320 --> 00:25:28,880
y is the cipher text so you remember in the
previous case what did we do we essentially
259
00:25:28,880 --> 00:25:34,330
took that corresponding cipher text and decrypted
them by all possible key values of the key
260
00:25:34,330 --> 00:25:38,870
and went back to the corresponding plain text
and then multiplied with the probability of
261
00:25:38,870 --> 00:25:43,730
that plain text you see what I am saying what
I am saying is that in order to compute this
262
00:25:43,730 --> 00:25:48,860
total probability that is of occurrence of
two what we did is that we took for example,
263
00:25:48,860 --> 00:25:55,860
any key like for example, choose k 1 and decrypted
this two with k one went back to the corresponding
264
00:25:56,320 --> 00:26:02,210
plain text and multiplied with the probability
of the plain text and again choose k 2 multiply
265
00:26:02,210 --> 00:26:06,870
I mean obvious of quality of k 2 and then
decrypt it and go back to a and multiply with
266
00:26:06,870 --> 00:26:12,050
the probability of a.
Similarly we can do it for all possible keys
267
00:26:12,050 --> 00:26:16,670
so that is exactly done here so in this case
you see that you take you take the corresponding
268
00:26:16,670 --> 00:26:22,640
cipher text y you decrypt them by all possible
keys multiply with the probability of the
269
00:26:22,640 --> 00:26:27,840
I mean the corresponding the plain text and
multiply with the probability of the key and
270
00:26:27,840 --> 00:26:34,840
then the sigma of all possible of such keys
and in interesting case is that is the fact
271
00:26:35,400 --> 00:26:40,560
that your that your x has occurred as the
plain text and you essentially multiply them
272
00:26:40,560 --> 00:26:47,560
with all possible keys which essentially takes
you from the value of x to the value of y
273
00:26:47,650 --> 00:26:54,650
so essentially it is therefore, this is exactly
what we have seen in the previous example
274
00:26:56,640 --> 00:27:01,890
is this generalization clear to us.
275
00:27:01,890 --> 00:27:08,890
Yes therefore, so now essentially we know
how to compute the value p p x given y and
276
00:27:09,350 --> 00:27:14,910
we essentially I think I have already defined
but, I mean given you the idea this is the
277
00:27:14,910 --> 00:27:20,190
formal definition it says that a crypto system
has got perfect secrecy if the value of p
278
00:27:20,190 --> 00:27:26,760
p x given y is equal to the value of p p x
for all x given belongs to p and all for all
279
00:27:26,760 --> 00:27:31,530
y belongs to c and now the value of p p x
we already know we can engage this previous
280
00:27:31,530 --> 00:27:35,720
equation to the calculate the value of p p
x given y because you see that on the hand
281
00:27:35,720 --> 00:27:39,870
side everything is known to us we know the
value of the key we know the value of the
282
00:27:39,870 --> 00:27:44,559
I mean the probability distribution of the
plain text as well as the I mean the probability
283
00:27:44,559 --> 00:27:50,200
distribution of the key and therefore, we
can use this equation because we have also
284
00:27:50,200 --> 00:27:55,700
know the mapping that we know the decryption
function so we can use this formula to calculate
285
00:27:55,700 --> 00:28:01,360
the value of p p x given y and check whether
this value of p p x given y matches with the
286
00:28:01,360 --> 00:28:08,360
probability of p p x if p p x given y matches
with p p x then we have got perfect security.
287
00:28:09,180 --> 00:28:13,880
So that is the idea so that informally it
means that is a posteriori probability that
288
00:28:13,880 --> 00:28:20,000
plaintext is x given that y the cipher text
y is observed is identical to the a priori
289
00:28:20,000 --> 00:28:27,000
probability that the plaintext is x so that
is the definition of perfect security so then
290
00:28:27,680 --> 00:28:33,240
let see when a some examples where we can
have perfect secrecy so consider a simple
291
00:28:33,240 --> 00:28:39,860
example of a shift cipher so in a shift cipher
what we did in our i mean what we have seen
292
00:28:39,860 --> 00:28:45,840
in our little bit not so simple shift cipher
if you remember we had taken a and we have
293
00:28:45,840 --> 00:28:51,330
mapped to any of the possible outputs so there
are 26 possibilities for the first letter
294
00:28:51,330 --> 00:28:56,280
the second letter b maps to any of the symbols
except what a have been transformed to so
295
00:28:56,280 --> 00:29:01,480
there were 25 such possibilities so if we
multiply keep on multiply in such a fashion
296
00:29:01,480 --> 00:29:07,420
then the size of the key is equal to 26 factorial
we have seen that.
297
00:29:07,420 --> 00:29:13,930
So what we will try to see here is that if
each possible mapping is chosen randomly then
298
00:29:13,930 --> 00:29:20,440
shift cipher achieves perfect secrecy so we
will try to use our previous formulation and
299
00:29:20,440 --> 00:29:27,440
you will try to establish this fact if suppose
the 26 keys in the shift cipher are used with
300
00:29:28,160 --> 00:29:35,160
equal probability so what means that that
means that each plain text I mean whether
301
00:29:36,210 --> 00:29:42,880
each key occurrence of each key has got a
probability of one by 26 therefore, any plain
302
00:29:42,880 --> 00:29:47,270
text distribution the shift cipher has got
perfect secrecy so which means that actually
303
00:29:47,270 --> 00:29:54,110
we are not bothered also what is the plain
text distribution and we can still achieve
304
00:29:54,110 --> 00:30:01,110
perfect secrecy so do you see how so you see
that we have p k and c can be set to form
305
00:30:02,100 --> 00:30:09,100
the set z 26 so z 26 we have seen that if
the set of integers from 0 to 25.
306
00:30:09,460 --> 00:30:16,040
So, the k therefore, immediately understand
lies between 0 and 25 and your function is
307
00:30:16,040 --> 00:30:23,040
very simple it is just x plus k mod 26 so
idea is that if for each symbol of the plain
308
00:30:23,420 --> 00:30:29,490
text if we choose the value of the key at
random that is any mapping you can just choose
309
00:30:29,490 --> 00:30:35,000
arbitrarily then essentially if and if you
obtain the corresponding value of the cipher
310
00:30:35,000 --> 00:30:42,000
text so then the question is whether this
gives you perfect secrecy so which means that
311
00:30:42,809 --> 00:30:47,240
when you choose so it means it means we should
try to understand this fact that what we are
312
00:30:47,240 --> 00:30:52,300
saying is not such scenario in which for all
the plain text we are using the same key it
313
00:30:52,300 --> 00:30:57,830
means that for each symbol that each symbol
which you want to transmit secretly you have
314
00:30:57,830 --> 00:31:01,760
to essentially choose the value of the key
also at random.
315
00:31:01,760 --> 00:31:06,370
So for example, there is a letter like say
ababraka dabra and if you have been encrypts
316
00:31:06,370 --> 00:31:11,760
a b c like so on then for a you have been
choose the corresponding key at random for
317
00:31:11,760 --> 00:31:16,680
b also you have to choose the key at random
for c also you have to choose the key at random
318
00:31:16,680 --> 00:31:21,450
so it does not mean that for the entire plain
text we are using the same key so for each
319
00:31:21,450 --> 00:31:27,470
symbol we are choosing a value of key at random
so what is the what do you see is the practical
320
00:31:27,470 --> 00:31:32,140
implication practical implication is you see
the practical problem the practical problem
321
00:31:32,140 --> 00:31:37,059
is that for each symbol you are choosing a
key at random so in order to decrypt also
322
00:31:37,059 --> 00:31:42,520
you require the same key so you immediately
understand that you have to transmit lots
323
00:31:42,520 --> 00:31:47,920
of keys and an it is actually in this case
the same as that number of the plain text
324
00:31:47,920 --> 00:31:54,920
that you want to transmit so if how to transmit
the key secretly then why not do it do the
325
00:31:55,630 --> 00:32:01,780
same for the plain text also so the even though
you obtain a perfect secrecy and also in a
326
00:32:01,780 --> 00:32:08,510
perfect secrecy but, that is not practical
so, we will try to first establish why it
327
00:32:08,510 --> 00:32:14,620
is a perfectly secured cipher and later on
go into a another case where we actually obtain
328
00:32:14,620 --> 00:32:21,600
a perfect secrecy it is called a onetime pad
and then talk about its practical problems
329
00:32:21,600 --> 00:32:25,940
so this is the mathematical formulation it
says that p p x given y we have already seen
330
00:32:25,940 --> 00:32:32,940
this is equal to p p x multiplied with p c
y given x divided by p c y these are same
331
00:32:33,450 --> 00:32:38,300
thing as what we have seen in the previous
equation so it is a so the denominated is
332
00:32:38,300 --> 00:32:43,179
the probability that y has occurred as the
cipher text and the numerator says that x
333
00:32:43,179 --> 00:32:47,450
is occurred as the plain text and that has
been multiplied with the probability that
334
00:32:47,450 --> 00:32:54,450
y has occurred given x is a plain text so
can you understand what is the value of this
335
00:32:55,220 --> 00:33:02,220
p c y given x it is the same as the probability
that the key has been chosen and that key
336
00:33:02,220 --> 00:33:08,390
is equal to y minus x not 26.
So, you see that when we are computed the
337
00:33:08,390 --> 00:33:14,840
value of p p x given y that was not equal
to the value of the probability of the key
338
00:33:14,840 --> 00:33:20,910
we discussed that but, in this case its equal
because if you choose the value of the key
339
00:33:20,910 --> 00:33:27,910
to be y minus x and if your plain text is
x then obviously your cipher text is y therefore,
340
00:33:28,050 --> 00:33:33,250
this probability you can denote by this symbol
it says that you can actually multiply with
341
00:33:33,250 --> 00:33:40,250
the corresponding value of the key so you
see that p c y given x is equal to the value
342
00:33:41,340 --> 00:33:46,059
that the is equal to the probability that
I mean we have to basically choose the fact
343
00:33:46,059 --> 00:33:52,420
that the key is equal to the y minus x mod
26 what is the probability that the key is
344
00:33:52,420 --> 00:33:58,570
equal to y minus x mod 26 and what is the
probability that is 1 by 26 because we have
345
00:33:58,570 --> 00:34:04,750
assumed that each key is being chosen at random.
Similarly we obtain the value of the corresponding
346
00:34:04,750 --> 00:34:08,889
value of the y occurring as the cipher text
so what is the probability that y occurred
347
00:34:08,889 --> 00:34:15,889
as cipher text so you choose all possible
keys and you decrypt your y by using your
348
00:34:17,980 --> 00:34:22,339
decryption function multiply that with the
corresponding I mean corresponding value of
349
00:34:22,339 --> 00:34:29,339
the key been chosen so what is the value of
the key 1 by 26 and what is the value in I
350
00:34:29,980 --> 00:34:35,190
mean what is d k d k y I mean what this is
some probability so you can keep it p p y
351
00:34:35,190 --> 00:34:41,349
minus k but, when you take the sigma 1 by
26 comes out and you have got a summation
352
00:34:41,349 --> 00:34:46,829
of our probabilities so what is that equal
to its equal to 1 so you have got 1 by 26
353
00:34:46,829 --> 00:34:53,829
now you see that the result is established
because p p c y given x cancels with p c y
354
00:34:54,539 --> 00:35:00,819
both of them are equal to 1 by 26 so if these
two things canceled then you have got p p
355
00:35:00,819 --> 00:35:06,739
x given y is equal to p p x so what does it
mean.
356
00:35:06,739 --> 00:35:11,589
You have got perfect secrecy why and because
here a priori probability of x given the value
357
00:35:11,589 --> 00:35:18,589
of y matches with you're a priori probability
of x so if you can do this for shift ciphers
358
00:35:18,789 --> 00:35:22,730
we can do it for any given cipher we can basically
what you have to do is that we have to compute
359
00:35:22,730 --> 00:35:29,730
these values of probabilities and try to see
whether we get a match so this was just as
360
00:35:30,109 --> 00:35:35,140
very simple example so you can if you see
your Stinson's book there are several exercises
361
00:35:35,140 --> 00:35:39,769
given and I will also give you one as an exercise
so you can just practice and if you can do
362
00:35:39,769 --> 00:35:46,769
it for one probably you can do it for others
as well so basically now let us try to think
363
00:35:48,619 --> 00:35:54,440
of a theorem or let us try to establish a
theorem it says that any encryption function
364
00:35:54,440 --> 00:36:01,239
you can or any cryptosystem essentially can
be denoted by a 5 tuple you have got p c k
365
00:36:01,239 --> 00:36:05,720
so what is that plain text cipher text and
the key and your encryption function and your
366
00:36:05,720 --> 00:36:12,700
decryption function if these five things are
defined then you have defined a cryptosystem.
367
00:36:12,700 --> 00:36:17,450
So let us consider the case that the size
of the k size of the c and the size of the
368
00:36:17,450 --> 00:36:22,640
plain text are all the same that is your cardinality
of your key and your cardinality of the cipher
369
00:36:22,640 --> 00:36:27,930
text and cardinality of the plain text are
the same so the cryptosystem offers perfect
370
00:36:27,930 --> 00:36:34,930
secrecy if and only if every key is used with
probability of 1by modulo k so in your previous
371
00:36:35,359 --> 00:36:40,119
example there were how many keys there were
26 keys and the occurrence of each key was
372
00:36:40,119 --> 00:36:47,119
1 by 26 and that lead to the fact that we
had a perfect secret system perfectly secret
373
00:36:47,249 --> 00:36:52,400
system so and for every x which belongs to
p and for every y belongs to c there is a
374
00:36:52,400 --> 00:36:58,140
unique key so that means that given x and
y there is a unique key which takes x and
375
00:36:58,140 --> 00:37:04,200
maps it y.
So we have to establish this fact that is
376
00:37:04,200 --> 00:37:09,970
for every x and y you choose or every tuple
that you form with x and y that is at given
377
00:37:09,970 --> 00:37:15,019
plain text and a given cipher text you have
a unique value of key which defines this so
378
00:37:15,019 --> 00:37:21,759
we will try to establish this fact so I will
although I will not prove but, you can easily
379
00:37:21,759 --> 00:37:27,829
understand that an equivalent definition of
perfect secrecy will be p c y given x is equal
380
00:37:27,829 --> 00:37:34,829
to p c y I leave it to you as an exercise
you can actually prove it by theorems of conditional
381
00:37:35,559 --> 00:37:41,099
probability its very simple straight forward
therefore, it says that the cipher text probability
382
00:37:41,099 --> 00:37:48,099
of y is a same as the probability of y given
x as the corresponding plain text so thus
383
00:37:49,170 --> 00:37:54,109
if perfectly secret a scheme has to following
the above two equations and both of them are
384
00:37:54,109 --> 00:38:01,109
equivalent if we can proof any one of them
the other one is proved equivalently.
385
00:38:01,410 --> 00:38:08,410
So, we observe from fact so we see that since
p c y given x is equal to p c y that is if
386
00:38:11,869 --> 00:38:17,869
you see this equation it means that if you
fix a value of x for example, as a plain text
387
00:38:17,869 --> 00:38:24,720
then your p c y given x is equal to p c y
and your p c y is greater than 0 because if
388
00:38:24,720 --> 00:38:30,059
that y I mean the occurrence of y the probability
of occurrence of y would have been 0 then
389
00:38:30,059 --> 00:38:35,349
y wouldn't have caped in the cipher text set
so that means for some cipher text at least
390
00:38:35,349 --> 00:38:40,019
for some plain text at least we have that
corresponding cipher text so immediately which
391
00:38:40,019 --> 00:38:47,019
means that this leads to the fact that p c
y given x is also greater than 0 so what I
392
00:38:48,059 --> 00:38:53,210
am trying to say is that since p c y is greater
than 0 and if you have a perfectly secured
393
00:38:53,210 --> 00:39:00,140
cipher then p c y given x being equal to p
c y this is also greater than 0 therefore,
394
00:39:00,140 --> 00:39:06,999
p c y given x is greater than 0.
So, which means that for every cipher text
395
00:39:06,999 --> 00:39:13,999
there is a key k such that y is equal to e
k x so, which means that for every cipher
396
00:39:15,369 --> 00:39:22,369
text there is a key such that y is equal to
e k x so if you think in the terms of your
397
00:39:23,339 --> 00:39:29,440
diagram you could have understood that in
this in the corresponding cipher text said
398
00:39:29,440 --> 00:39:35,069
there is no single point which is not being
mapped that is not any isolated point which
399
00:39:35,069 --> 00:39:39,660
is not mapped to any plain text therefore,
your plain text comprises of what x 1 x 2
400
00:39:39,660 --> 00:39:45,160
and so on symbols your cipher text also comprises
of y 1 y 2 and so on symbols so that is not
401
00:39:45,160 --> 00:39:51,049
a scenario where there is a cipher text symbol
say some say corresponding consider any y
402
00:39:51,049 --> 00:39:58,049
I for example, which is not mapped to any
plain text x I do you understand that.
403
00:39:58,239 --> 00:40:03,710
So, that means that for every cipher text
there is a key there is one key at least which
404
00:40:03,710 --> 00:40:10,460
will take it to that x be that any x so what
does it mean it means that the size of the
405
00:40:10,460 --> 00:40:15,660
key set is obviously at least great equal
to the value size of the cipher text it can
406
00:40:15,660 --> 00:40:19,739
be greater than that also but, it is at least
equal therefore, what I am trying to say is
407
00:40:19,739 --> 00:40:26,269
that for perfect secure ciphers the size of
the key or the cardinality of k is more than
408
00:40:26,269 --> 00:40:33,269
the cardinality cipher text so you can understand
again I mean again retaining that the fact
409
00:40:43,859 --> 00:40:49,690
what I am trying to say is that for every
cipher text y there is a key k which defines
410
00:40:49,690 --> 00:40:56,690
this mapping so that means there has to be
the number of the keys has to be at least
411
00:40:57,309 --> 00:41:01,390
equal to the numbers of the cipher text for
every cipher text symbol you have a separate
412
00:41:01,390 --> 00:41:05,960
key which will define this mapping.
So number of keys is obviously equal to the
413
00:41:05,960 --> 00:41:11,640
size of the y size of y it can be more than
that also but, at least equal therefore, the
414
00:41:11,640 --> 00:41:15,920
size of the key is greater than the size of
the c in our case consider that a size of
415
00:41:15,920 --> 00:41:22,920
k and a size of c are the same so thus there
is no cipher text therefore, now we can actually
416
00:41:24,609 --> 00:41:29,940
understand from here also that there is no
cipher text y for which there are two keys
417
00:41:29,940 --> 00:41:35,339
which take them to the same plain text why
and because your what is your size what is
418
00:41:35,339 --> 00:41:41,789
the how can you define your cipher text set
c you can define your cipher text set c by
419
00:41:41,789 --> 00:41:48,579
the set that you basically choose any plain
text x and you transform that by e k x and
420
00:41:48,579 --> 00:41:54,119
you obtain the cipher text so basically that
suppose if I fix the value of x I could have
421
00:41:54,119 --> 00:41:58,249
chosen all the possible values of keys and
i would have obtain the entire cipher text
422
00:41:58,249 --> 00:42:02,880
set.
So that we know that if we say that so this
423
00:42:02,880 --> 00:42:08,470
is your size of the cardinality of this set
is the same as that of your cipher text now
424
00:42:08,470 --> 00:42:14,450
if this is equal to the size of the value
of the set of k that is it is as same as size
425
00:42:14,450 --> 00:42:20,720
of k it means that there are no two keys which
are distinct like k 1 and k 2 such that e
426
00:42:20,720 --> 00:42:27,349
k 1 x is equal to e k 2 x because in that
case one cardinality would have been less
427
00:42:27,349 --> 00:42:32,299
one sets one of the sets cardinality would
have been lesser than the cardinality of k
428
00:42:32,299 --> 00:42:37,630
and what we have said is that if you assume
that the size of k and the size of c are same
429
00:42:37,630 --> 00:42:42,190
then essentially there is no two keys which
are distinct which will take them to the same
430
00:42:42,190 --> 00:42:49,190
plain text thus there is exactly one key which
defines the mapping from x and y so therefore,
431
00:42:54,190 --> 00:42:59,619
I mean this is the basic definition so we
see certain definitions property of the idea
432
00:42:59,619 --> 00:43:01,309
of a perfect secure cipher.
433
00:43:01,309 --> 00:43:07,289
So, what are the those definitions one important
point was that you're a posteriori probability
434
00:43:07,289 --> 00:43:13,809
of your plain text matches with the a priori
probability the second definition was that
435
00:43:13,809 --> 00:43:19,220
equivalent definition was that p c y given
x was equal to p c y so that is also same
436
00:43:19,220 --> 00:43:23,039
thing that the a priori probability of your
cipher text is the same as the a posteriori
437
00:43:23,039 --> 00:43:28,479
probability of your cipher text and the third
important thing which we see is that if your
438
00:43:28,479 --> 00:43:34,499
size of plain text key and cipher text are
the same then essentially for every plain
439
00:43:34,499 --> 00:43:39,349
text x and for every cipher text y for any
ordered pair like this that is the unique
440
00:43:39,349 --> 00:43:45,930
key will defines this mapping so there are
no two such keys like k 1 and k 2 which will
441
00:43:45,930 --> 00:43:51,869
take x for example, as a plain text and we
will map it to the same cipher text e k 1
442
00:43:51,869 --> 00:43:58,869
where k 1 is not equal to k 2 we cannot have
the scenario where e k 1 x is equal to e k
443
00:43:59,089 --> 00:44:03,430
2 x because if that be the case then your
size of cipher text would have been lesser
444
00:44:03,430 --> 00:44:09,729
than that of the size of the key but, what
we have said is the size of the cipher text
445
00:44:09,729 --> 00:44:16,729
is equal to the size of that is this part
clear so we will stop at this point and essentially
446
00:44:20,950 --> 00:44:25,779
break for a few minutes and come back with
the definition of something which we called
447
00:44:25,779 --> 00:44:32,779
as the one time pads.