I read about Niederreiter Cryptosystem. I understood the Key Generator, encryption and decryption of the cryptosystem, but if I want to prove that is a correct cryptosystem, what should I do?
Asked
Active
Viewed 175 times
1 Answers
1
To prove the correctness of an encryption scheme (not necessarily Niederreiter), you have to prove that for a honestly generated key pair, any honestly generated ciphertext decrypts correctly.
Formally, let $(pk, sk) \leftarrow KeyGen(1^\lambda)$ be the public and private key pair, and let $m$ be uniformally random in the (finite) plaintext space, and denote by $c \leftarrow Encrypt(pk, m)$ an encryption of message $m$ (pseudo-random in the ciphertext space) under the public key $pk$. Then you have to show that $Decrypt(sk, c) == m$ with overwhelming probability, meaning that either the decryption always succeeds if all steps were executed honestly, or it fails with probability negligible in the security parameter $\lambda$.
For instance, you prove the correctness of textbook RSA by showing that $(m^e)^d == m \bmod n$ for honestly generated $n=pq$, $\varphi(n)=(p-1)(q-1)$, $e$ coprime with $\varphi(n)$ and $d = e^{-1} \bmod \varphi(n)$.
AleksanderCH
- 6,511
- 10
- 31
- 64
jchd
- 111
- 2