A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf
.
Guesswork and Variation Distance as Measures of Cipher Security
[chapter]
2000
Lecture Notes in Computer Science
Absolute lower limits to the cost of cryptanalytic attacks are quantified, via a theory of guesswork. Conditional guesswork naturally expresses limits to known and chosen plaintext attacks. New inequalities are derived between various forms of guesswork and variation distance. The machinery thus offers a new technique for establishing the security of a cipher: When the work-factor of the optimal known or chosen plaintext attack against a cipher is bounded below by a prohibitively large number,
doi:10.1007/3-540-46513-8_5
fatcat:fdqkfakny5azpkdeyzuwtch4ru