Security Encyclopedia

Ciphertext Indistinguishability

Ciphertext indistinguishability is a property of an encryption system that, if secure in this regard, means it generates ciphertexts that cannot be distinguished from one another regardless of the plaintext on which the ciphertext is generated.

The soundness of a cryptosystem with regards to ciphertext indistinguishability directly affects its security. This basic requirement means an adversary has no better chance of guessing that one out of a set of ciphertext messages is based on its plaintext message.

If the cryptosystem in use is secure, according to this concept, if an adversary can learn nothing by examining an intercepted message. If an adversary holds two or more encrypted messages, their ability to distinguish from between or among them successfully should be equal to or poorer than random guessing from a probability standpoint. If they hold two such messages, their ability to guess from between them should be ½ even upon close examination.

Example:

“Ciphertext Indistinguishability gives malicious hackers no advantage whatsoever. If they intercept more than one message, this quality denies them clues that could potentially aid their cryptanalysis.”