If I want to prove that an encryption algorithm is CPA secure (or that it isn't), then how much am I allowed to assume the attacker to know about the internal workings of the algorithm? Do I need to assume that the encryption algorithm is just a "black box" from the point of view of the attacker i.e. they can only query it for encryptions of different plaintexts but don't know anything about how it works? Or do I need to assume that the attacker knows everything about the internal workings except for possible secret values like keys?
Asked
Active
Viewed 39 times
0
-
1Welcome to [cryptography.se] Do you know the Kerckhoffs's principle? Did you read the basics of the Ind-CPA game? Attacker knows everything except the key.. – kelalaka Apr 02 '22 at 20:47
1 Answers
2
Or do I need to assume that the attacker knows everything about the internal workings except for possible secret values like keys?
This one - that they have detailed knowledge of the algorithm (and the implementation if we are considering side channel attacks).
Assuming that they don't is known as "Security Through Obscurity"; that isn't greatly thought of...
poncho
- 147,019
- 11
- 229
- 360