Talk:Probabilistic encryption
Would it not use a pseudo-random generator? -- KayEss 07:53, 9 Oct 2004 (UTC)
- Not sure what the question is. If you mean "does a probabilistic encryption algorithm necessarily have to use a pseudorandom number generator", the answer is: most of the time, yes, unless you somehow get lots of random bits for free. Arvindn 08:09, 9 Oct 2004 (UTC)
- It's probably me not understanding how the encryption works. If you randomly encode the message how can it ever be decrypted? KayEss 08:14, 9 Oct 2004 (UTC)
- The decryption algorithm maps many different ciphertexts to the same plaintext. Think of probabilistic encryption as padding the plaintext with a random string and then deterministically encrypting it. On decryption you just ignore the junk at the end. That's not a
provablysecure system, but its easy to understand. Arvindn 08:28, 9 Oct 2004 (UTC)
- The decryption algorithm maps many different ciphertexts to the same plaintext. Think of probabilistic encryption as padding the plaintext with a random string and then deterministically encrypting it. On decryption you just ignore the junk at the end. That's not a
- I see now. Could you put an explanation along those lines into the article? --KayEss 11:51, 9 Oct 2004 (UTC)
- Even I had the same doubt. Arvindn, can you add this explanation to the article? -- Sundar 05:24, Oct 28, 2004 (UTC)
- Well, the example in the explanation is wrong - its not secure. Random padding of plaintext does not achieve semantic security. While comprehensibility is an important goal, I feel correctness is an overriding criterion. I doubt if there's any probabilistic encryption scheme that's both secure and easy to understand - the one at the end of the article is about the simplest. If there's a way to make the article clearer without using the flawed example, feel free to do so. Arvindn 21:10, 28 Oct 2004 (UTC)