# Shannon's Perfect and Imperfect Secrecy Theorems

Let \(X,Y,Z\) be the plaintext, ciphertext and symmetric key respectively. For a symmetric encryption scheme we would want the following

- Perfect secrecy: \(I(X;Y)=0\)
- Dechiperability: \(H(X|Y,Z)=0\)

The **perfect secrecy theorem** states that for the conditions above to hold, we need \(H(Z)\geq H(X)\) i.e. the length of the key is at least the same as the length of the plaintext.

The **imperfect secrecy theorem** states that the decipherability constraint \(H(X|Y,Z)=0\) implies \(I(X;Y)\geq H(X)-H(Z)\). Here, \(I(X;Y)\) can be viewed as a quantification of information leakage, and if it is 0, it reduces to the perfect secrecy theorem.