Accountability of Security Parameter!

Security parameter does have an influence on the security of any cryptographic system. Typically, it is a variable that measures the input size of the computational problem. Both the resource requirements of the cryptographic algorithm (or protocol) as well as the adversary’s probability of breaking security are expressed in terms of the security parameter.

RSA (an asymmetric cipher) https://en.wikipedia.org/wiki/RSA_(cryptosystem) does have the “security parameter”; its the modulus size. When RSA key-pair is generated, user generally chooses the size of the modulus, that’s the “security parameter”.

As for AES (a symmetric cipher) https://en.wikipedia.org/wiki/Advanced_Encryption_Standard ↝ NO. It doesn’t have. Classical symmetric ciphers usually don’t have the security parameters 🤔 ⇨ The reason is, because they are not usually based on pre-existing “Mathematical Hard Problems” (and so don’t need to choose the size of hard problem to rely on).

Security parameter gives an idea of how much amount of time, an attacker needs, to break the scheme i.e. any algorithmic proc(), that breaks the scheme, has amortized complexity ≥ O(2^λ).

In, https://link.springer.com/chapter/10.1007/978-3-642-13190-5_2 → at the end of section 5.2, authors (M van Dijk et al.) conclude that successful attacks would take time 2^{γ/η²}. That’s why in section 3, authors chosen η = λ² and γ = λ⁵, that means,

The attack complexity is ⇢ 2^{γ/η²} = 2^{λ⁵/(λ²)²} = O(2^λ)

Therefore, on increasing λ, scheme becomes more computationally secure. But, of course, it has some impact on the scheme 😯 (otherwise, one would have just chosen λ as large as desired and one would have an unbreakable cryptosystem).

In the perspective of this, if I throw some light on Homomorphic Encryption scenarios (partially/ somewhat/ fully), 🔑

◕ Here the computationally empirical problem is, when one chooses bigger values (integer/ real) of λ power, the corresponding encryption time will drastically increase, that will resultantly make the homomorphic encryption scheme impractical. Designer need to choose the empirically minimal value of this hyperparameter such that scheme functions in more practical manner.

◕ In homomorphic cryptosystem, this value (hyperparameter of security parameter) can be defined for both symmetric as well for asymmetric scenarios. You bet ! 😉

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store