šŸŒ¤

Introduction to Cryptography: A Beginnerā€™s Guide to Computational Security

Ā 

3

Ā 

Published on

July 15, 2025

šŸ’” TL;DR

Most people think encryption = absolute safety. But in the real world, we aim for something more practical: encryption that's good enough to outlast any possible attack. Thatā€™s called computational security, and itā€™s what keeps your bank data, private messages, and passwords safe today.

šŸ§  Imagine This:

You're sending out employee bonuses. Everything goes through an encrypted systemā€”locked down, secure, airtight... right?

Now imagine this:

One encrypted message says: "Approve bonus for Smith today."

Another says: "Approve bonus for Jones today."

To you, theyā€™re just two encrypted blobs. But to a clever attacker watching the traffic, patterns can emergeā€”lengths, timings, even content structure.

If your encryption scheme isnā€™t semantically secure, that attacker might not need to break the encryption at all. They can still figure out whoā€™s getting the bonus.

Thatā€™s why we care about semantic security: it ensures that even if an attacker knows the options, they still canā€™t tell which one you pickedā€”at least, not with more than a meaningless advantage.

šŸ” Perfect Security vs. Real-World Security

In theory, thereā€™s something called perfect secrecyā€”a level of encryption where even the best possible attacker canā€™t learn anything from the ciphertext. The one-time pad does this... but it requires a random key as long as the message and used only once. Thatā€™s not practical.

So we aim for something better suited to reality:

Computational security means encryption that no attacker can breakā€”unless they have infinite time, money, and power.

Itā€™s not perfect, but itā€™s practically unbeatable.

šŸ§© What Is Semantic Security?

Letā€™s say an attacker sees an encrypted message. Can they figure out what it says?

If your cipher has semantic security, the answer is: nope.

More specifically:

  • The attacker shouldnā€™t be able to learn anything meaningful about the message.
  • Even if they know two possible messages and see the ciphertext of one, they shouldnā€™t be able to guess which one you sent.

Itā€™s like flipping a coin. If the attacker canā€™t guess which message was encrypted with more than a barely better chance than 50/50ā€”specifically, only by a negligible amountā€”then your cipher is semantically secure.

A negligible advantage means the difference from random guessing is so tiny that, even with the most powerful computers, itā€™s effectively useless. Formally, it means that as the key size increases, the attackerā€™s advantage shrinks faster than the inverse of any polynomial. Itā€™s not just smallā€”itā€™s vanishingly small.

āš ļø Gotcha: Message Length Leaks!

If the messages have different lengths, the attacker might still guess just by looking at ciphertext size.

So in practice, we use padding to make all messages the same length.

šŸŽ® The Attack Game (a Mental Model)

Hereā€™s how cryptographers test a cipher, using whatā€™s called the Indistinguishability under Chosen-Plaintext Attack Game (IND-CPA):

  1. The attacker picks two messages of the same length.
  2. The system encrypts one of themā€”randomly.
  3. The attacker sees the ciphertext.
  4. Can they tell which message it was?

If they canā€™t win better than 50/50, the encryption passes the test.

This is the most common baseline. But itā€™s not the only one. Here are some other attack games used to define and test encryption security:

If they canā€™t win better than 50/50, the encryption passes the test.

This is the most common baseline. But itā€™s not the only one. Here are some other attack games used to define and test encryption security:

  • Chosen-Ciphertext Attack (CCA): The attacker can ask the system to decrypt any ciphertext they wantā€”except the challenge ciphertext. This simulates cases where attackers try to exploit APIs or services to decrypt manipulated data and gain insight into the encryption scheme.

  • Adaptive Chosen-Ciphertext Attack (CCA2): An advanced version of CCA. The attacker is allowed to request decryptions both before and after receiving the challenge ciphertextā€”just not of the challenge itself. This mimics scenarios where the system remains active and responsive even after sensitive data is processed.

  • Known-plaintext Attack (KPA): The attacker has access to some plaintext-ciphertext pairs and tries to use that to break future messages.

Each of these defines a different level of strength. IND-CPA is often enough for encryption, but protocols dealing with user input or network exposure usually aim for IND-CCA2 security.

This simple game hides a deep idea: real-world security isnā€™t about being unbreakableā€”itā€™s about being unguessable, with only a negligible advantage. In practice, this means that even if the attacker does slightly better than 50/50, their advantage must be so small that it's essentially meaninglessā€”a concept we call negligible advantage.

šŸ§® So... What Does "Computational" Really Mean?

To understand computational security, we need to unpack the word "computational."

A computation is just a series of well-defined steps that a computer (or person, in theory) can follow to solve a problem.

A problem is considered computationally easy if it can be solved in a reasonable amount of time. In cryptography, that usually means:

  • The number of steps to break the cipher grows polynomially with the size of the key.
  • For example, if the key is 128 bits long, an efficient algorithm might need 128Ā³ or 128āµ steps.

But some problems are computationally hard:

  • The number of steps grows exponentially with the size of the key.
  • Example: 2Ā¹Ā²āø steps = more steps than there are atoms in the universe.

So when we say a cipher is computationally secure, we mean: no algorithm exists that can break it efficiently (i.e., in polynomial time).

And thatā€™s the trick. As long as the best known attacks require exponential time, we consider the cipher safeā€”for now.

If breaking your encryption would require a billion years on every computer on Earth, youā€™re good.

Thatā€™s the beauty of computational security: we build systems where doing the right thing is fast (encrypt/decrypt), and doing the wrong thing is ridiculously slow (breaking it).

šŸš€ Why Does This Matter for You?

If you're:

  • Building authentication systems,
  • Storing user data,
  • Creating secure messaging tools,

...then understanding semantic security isnā€™t optional. Itā€™s what separates "encrypted" from "actually safe."

For example:

  • Encrypting messages without padding? Youā€™re leaking metadata.
  • Using outdated ciphers? Attackers might win the game.
  • Skipping formal analysis? You might think your encryption is secure, but without proving it against real attack models, it's just a guess.

šŸ“˜ Want to Go Deeper?

If youā€™re curious to learn more:

  • A Graduate Course in Applied Cryptography ā€“ Boneh & Shoup (free and deep)
  • Introduction to Modern Cryptography ā€“ Katz & Lindell (modern, rigorous, readable)

Also, I cover other basic topics in previous posts:

  1. Introduction to Cryptography: Basic Blocks
  2. Introduction to Cryptography: Perfect secrecy

šŸ§  Final Thought

Perfect security is a fantasy.

Computational security is what keeps the internet running.

When we say a system is secure, we donā€™t mean itā€™s impossible to break. We mean that breaking it would take more time than the attackerā€”or the universeā€”has.

Thatā€™s not perfect.

Itā€™s better.

React, comment and follow on