Re: 1^k as input for the adversary - why?
- From: Kristian Gjøsteen <kristiag+news@xxxxxxxxxxxx>
- Date: Fri, 27 Apr 2007 18:34:14 +0000 (UTC)
<Theodor32@xxxxxxxx> wrote:
I just recognized that in many definitions (e.g. for one way-
functions) the adversary gets as input 1^k where k is the key length.
I wonder why this is the case.
This is an artefact of using complexity theory. I find that key generation
algorithms are more illustrative of the problem. First, we require that
a key generation algorithm is a polynomial-time algorithm, that is,
polynomial-time in the length of its input. Second, we want to give it
our security parameter as input. If we just pass it k, the key generation
algorithm must be polynomial-time in log k, and cannot even output k bits
of key material. To work around this, we encode the security parameter
as 1^k instead.
If you think this is silly, that is because it is silly. Like I said,
an artefact of using complexity theory. Anyone who gives up this fixation
on complexity theory can simply input the security parameter to the key
generation algorithm.
--
Kristian Gjøsteen
.
- References:
- 1^k as input for the adversary - why?
- From: Theodor32
- 1^k as input for the adversary - why?
- Prev by Date: Re: interesting article on quantum cryptography
- Next by Date: Re: aes decrypt encrypt
- Previous by thread: 1^k as input for the adversary - why?
- Index(es):
