Editing Semantic security (section)

{{Short description|Cryptography method}}
In [[cryptography]], a '''semantically secure''' [[cryptosystem]] is one where only negligible information about the [[plaintext]] can be feasibly extracted from the [[ciphertext]]. Specifically, any [[PP (complexity)|probabilistic, polynomial-time algorithm]] (PPTA) that is given the ciphertext of a certain message <math>m</math> (taken from any distribution of messages), and the message's length, cannot determine any partial information on the message with probability non-negligibly higher than all other PPTA's that only have access to the message length (and not the ciphertext).<ref name="goldwasser-micali 1982">[[Shafi Goldwasser|S. Goldwasser]] and [[Silvio Micali|S. Micali]], [http://portal.acm.org/citation.cfm?id=802212 Probabilistic encryption & how to play mental poker keeping secret all partial information], Annual ACM Symposium on Theory of Computing, 1982.</ref> This concept is the computational complexity analogue to [[Claude Shannon|Shannon's]] concept of [[perfect secrecy]]. Perfect secrecy means that the ciphertext reveals no information at all about the plaintext, whereas semantic security implies that any information revealed cannot be feasibly extracted.<ref name="shannon">{{cite journal| last=Shannon| first=Claude| title=Communication Theory of Secrecy Systems| journal=Bell System Technical Journal| volume=28| issue=4| pages=656–715| year=1949| doi=10.1002/j.1538-7305.1949.tb00928.x| hdl=10338.dmlcz/119717| hdl-access=free}}</ref><ref name=Goldreich>[[Oded Goldreich|Goldreich, Oded.]] Foundations of Cryptography: Volume 2, Basic Applications. Vol. 2. Cambridge university press, 2004.</ref>{{rp|378–381}}