Brassard, Gilles Relativized cryptography. (English) Zbl 0571.94011 IEEE Trans. Inf. Theory 29, 877-894 (1983). It appears to be very difficult to give a formal definition of computational security for public-key cryptography. A slightly different notion, called transient-key cryptography, is defined for which a natural definition of security against chosen-plaintext attacks is given. The main result presented here is the existence of a relativized model of computation under which there does exist a secure transient-key cryptosystem. Indeed, there exists a computable oracle that can be used by cryptographers to efficiently encipher and decipher messages, yet it is of no help to the cryptanalyst trying to decode messages not intended for him. As a corollary, there also exists a length-preserving permutation, the inverse of which is hard to compute on most elements of its domain, even if arbitrary evaluations of the function itself are allowed for free. Cited in 13 Documents MSC: 94A60 Cryptography 68P25 Data encryption (aspects in computer science) Keywords:computational security; transient-key cryptography; security against chosen-plaintext attacks; relativized model of computation; computable oracle; length-preserving permutation PDFBibTeX XMLCite \textit{G. Brassard}, IEEE Trans. Inf. Theory 29, 877--894 (1983; Zbl 0571.94011) Full Text: DOI