|
In cryptography, the term pseudorandom permutation, abbreviated PRP, refers to a function that cannot be distinguished from a random permutation (that is, a permutation selected at random with uniform probability, from the family of all permutations on the function's domain) with practical effort. ==Definition== Let ''F'' be a mapping n × s →n. ''F'' is a PRP if * For any K∈s, ''F'' is a bijection from n to n. * For any K∈s, there is an "efficient" algorithm to evaluate ''F''K(x). * For all probabilistic polynomial-time distinguishers D: ∣Pr(D''F''K(1n) = 1) - Pr(D''f''n(1n) = 1)∣<ε(s), where K←n is chosen uniformly at random and ''fn'' is chosen uniformly at random from the set of permutations on n-bit strings. A pseudorandom permutation family is a collection of pseudorandom permutations, where a specific permutation may be chosen using a key. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「pseudorandom permutation」の詳細全文を読む スポンサード リンク
|