Abstract
In theoretical cryptography, one formalizes the notion of an adversary's success probability being "too small to matter" by asking that it be a negligible function of the security parameter. We argue that the issue that really arises is what it might mean for a collection of functions to be "negligible." We consider (and define) two such notions, and prove them equivalent. Roughly, this enables us to say that any cryptographic primitive has a specific associated "security level." In particular We say this for any one-way function. We also reconcile different definitions of negligible error arguments and computational proofs of knowledge that have appeared in the literature. Although the motivation is cryptographic, the main result is purely about negligible functions. © 2002 International Association for Cryptologic Research.
Author supplied keywords
Cite
CITATION STYLE
Bellare, M. (2002). A note on negligible functions. Journal of Cryptology, 15(4), 271–284. https://doi.org/10.1007/s00145-002-0116-x
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
