• Table of Contents
Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company
Publisher: Prentice Hall PTR Pub Date: July 25, 2003
ISBN: 0-13-066943-1 Pages: 648
Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing
cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography.
For a given problem, a Turing machine can be fully specified by a function of its finite-state control unit. Such a function can be given in the form of a table which lists the machine's next- step move for each state. We shall provide a problem example and a specification of a Turing machine in a moment (see Example 4.1 below).
Upon termination, the number of moves that a Turing machine M has taken to recognize an input is said to be the running time or the time complexity of M and is denoted by TM. Clearly, TM can
be expressed as a function TM(n) : where n is the length or size of the input instance,
i.e., the number of symbols that consists of the input string when M is in the initial state. Obviously, T M(n) n. In addition to the time requirement, M has also a space requirement SM
which is the number of tape cells that the tapeheads of M have visited in writing access. The quantity SM can also be expressed as a function SM(n) : and is said to be the space
complexity of M.
• Table of Contents
Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company
Publisher: Prentice Hall PTR Pub Date: July 25, 2003
ISBN: 0-13-066943-1 Pages: 648
Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing
cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography.
4.3 Deterministic Polynomial Time
We begin with considering the class of languages that are recognizable by deterministic Turing machines in polynomial time. A function p(n) is a polynomial in n over the integers if it is of the form
Equation 4.3.1
where k and ci (i = 0, 1, 2, …, k) are constant integers with ck 0. When k > 0, the former is
called the degree, denoted by deg(p(n)), and the latter, the coefficients, of the polynomial p(n).
Definition 4.1: Class W e write to denote the class of languages with the following characteristics. A language L is in if there exists a Turing machine M and a polynomial p(n) such that M recognizes any instance I L in time T M(n) with T M(n) p(n) for all non-negative
integers n, where n is an integer parameter representing the size of the instance I. We say that L is recognizable in polynomial time.
Roughly speaking, languages which are recognizable in polynomial time are considered as always "easy." In other words, polynomial-time Turing machines are considered as always "efficient" (we will define the notion of "easy" or "efficient" in §4.4.6). Here let us explain the meaning for always. Turing machines which recognize languages in are all deterministic. A deterministic Turing machine outputs an effect which is entirely determined by the input to, and the initial state of, the machine. In other words, running a deterministic Turing machine twice with the same input and the same initial state, the two output effects will be identical.
We should notice that in Definition 4.1, the universal-style restrictions "any instance I L" and "for all non-negative integers n" are very important. In the study of computational complexity, a problem is considered solved only if any instance of the problem can be solved by the same Turing machine (i.e., the same method). Only so, the method is sufficiently general and thereby can indeed be considered as a method. Let us look at the following example for an illustration.