{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

homework 6 - ICS 180 Introduction to Cryptography Homework...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
ICS 180: Introduction to Cryptography 6/03/2004 Homework 6 Due Thursday , 6/10/2004 1 Symmetric encryptions from a PRP Let P : { 0 , 1 } τ ×{ 0 , 1 } m →{ 0 , 1 } m be a PRP. Assume that m is polynomial in τ . Assume that every PPT adversary running in time t has at most advantage ǫ in distinguishing P from a random permutation, i.e. that for all PPT’s A s.t. Time A t , | Prob [ A P s (1 τ ) = 1] s ←{ 0 , 1 } τ Prob [ A R (1 τ ) = 1] R RNDPRM ( τ,m ) | ≤ ǫ Consider the following symmetric encryption scheme: The secret key is s ←{ 0 , 1 } τ . To encrypt a message M ∈{ 0 , 1 } m , the sender picks r ←{ 0 , 1 } m/ 2 , concatenates r and M , and computes the ciphertext as c = P s ([ r | M ]). 1.1 Show how to decrypt. 1.2 Consider the security of this scheme in the sense of indistinguishability. Bound the advan- tage ǫ that an adversary A running in time t has in distinguishing random ciphertexts of any two messages M 0 , M 1 ∈{ 0 , 1 } m . 1.3 Consider the security of this scheme against a chosen-message attack . In other words, consider an adversary A
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}