When the ciphertext provides no information about the plaintext without the key,
and an attacker cannot learn the plain text
regardless of how many time or effort it puts in,
then the cryptosystem is set to achieve
perfect secrecy and is cryptanalytically unbreakable.
In the 1940s, Claude Shannon, who, by the way,
also introduced information entropy,
showed that perfect secrecy can be
achievable by using a key that is as long as the message.
In other words, the key entropy is as great as the message entropy.
In addition, to achieve perfect secrecy,
the key should never be reused in the encryption,
meaning that there is no dependency or relationship across the parts of the key.
Such key is called a one-time pad due to
the key being fresh and random every time it is used for encryption.
Perfect secrecy is derived from
information theory and it's the strongest notion for encryption.
It holds even against the computationally unbounded attacker.
With less than perfect secrecy with bounded entropy for the key,
an attacker will eventually break the cipher and learn the plaintext and the key,
as the message length and the ciphertext length increase.
However, with perfect secrecy,
the encryption remains secure even when the message length grows infinitely.
You may wonder how the brute-force search fits into
the information theoretical notion of perfect secrecy.
Let's set aside the discussion of how difficult the brute-force search would be
for the attacker and practice and assume that it is possible.
We'll revisit one-time pad after studying some encryption algorithms.
Even against the brute-force attacker,
who exhaust the keyspace and finds all possible plaintext,
there are many plaintexts that makes sense.
And, the attacker cannot distinguish between the correct and the incorrect plaintext,
which was a requirement for a successful brute-force attack.
While one-time pad is proven to achieve perfect secrecy,
the strongest security notion for encryption,
it has limited practical use because the key is too long and grows as the message grows.
This provides challenges in key and randomness generation as
well as in key distribution and agreement between the sender and the destination.
And these overheads become too much in practical security context.
However, in addition to being used for
low bandwidth applications where the messages are short,
perfect secrecy does provide
a useful guidance and a reference when designing the cryptosystem,
such as deciding on the key refresh rate,
especially for protecting a high risk data against the powerful adversary,
such as a nation state and the crowd.
And, an example for crowd can be when a standardized crypto design,
such as those by the United States' NIST,
National Institute of Standards and Technology,
is under the watchful eyes of the public.