Talk:Semantic security

From Wikipedia, the free encyclopedia

In the chosen plaintext attack paragraph, shouldn't the game be Game theory ? Gene.arboit 02:01, 10 August 2005 (UTC)

I don't think so. Game theory does not help to understand or analyze the games used to define security notions. 24.228.93.22 15:06, 7 September 2005 (UTC)

[edit] Is semantic security really the widely accepted definition for PKC?

I think the widely accepted definition of a secure public key cryptosystem is IND-CCA2 (that is security against adaptive chosen ciphertext attacks) mentioned later in this article. Also I find the following comment misleading: Semantically secure encryption algorithms include Goldwasser-Micali, ElGamal and Paillier. These schemes are considered provably secure... Yes, these schemes have been shown to be semantically secure under some assumptions, but before using each of these schemes in practice one should add a padding scheme, so that they are IND-CCA2 secure and not just semantically secure. It's just my opinon of course. What do others think? 24.228.93.22 15:06, 7 September 2005 (UTC)

    • Ok, fair enough. Perhaps we should weaken that statement, and say that "semantic security is a definition" (but there are stronger ones, such as IND-CCA2).
    • Re: Elgamal/Paillier/G-M, those schemes are semantically secure, so there's nothing wrong with saying that, as long as we're clear that they're not IND-CCA2 secure.
    • It's probably not a good idea to say something like "add a padding scheme before using them", because in truth it might be better to use a variant like Cramer-Shoup or one of the more complex hybrid encryption systems-- both of which would be encryption schemes on their own. And some padding schemes are only secure when used with certain encryption functions, etc.Dachshund 03:54, 12 September 2005 (UTC)

We need to present an actual definition of Semantic Security here. Right now we have a definition of indistinguishability (IND-CPA), which is equivalent, but we should present the original, messy definition as well.Dachshund 03:54, 12 September 2005 (UTC)

Retrieved from "http://en.wikipedia.org../../../s/e/m/Talk%7ESemantic_security_aec8.html"