The definition given for a valid private-key encryption scheme specifies what functions can be used for encryption and decryption, but says nothing about how secure those functions should be. For example, the trivial encryption function
Defining what makes a private-key encryption scheme secure is a bit tricky.
When defining security, we need to know what we are defining it against. Mainly this boils down to the information available to an adversary and there are four major attack scenarios:
If a cipher is secure against *one* of these threat models, this does *not* mean that it is secure against *all* of them.