This preview shows pages 1–2. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
Unformatted text preview: ICS 180: Introduction to Cryptography 6/03/2004 Homework 6 Due Thursday , 6/10/2004 1 Symmetric encryptions from a PRP Let P : { , 1 } { , 1 } m { , 1 } m be a PRP. Assume that m is polynomial in . Assume that every PPT adversary running in time t has at most advantage in distinguishing P from a random permutation, i.e. that for all PPTs A s.t. Time A t ,  Prob [ A P s (1 ) = 1] s { , 1 } Prob [ A R (1 ) = 1] R RNDPRM ( ,m )  Consider the following symmetric encryption scheme: The secret key is s { , 1 } . To encrypt a message M { , 1 } m , the sender picks r { , 1 } m/ 2 , concatenates r and M , and computes the ciphertext as c = P s ([ r  M ]). 1.1 Show how to decrypt. 1.2 Consider the security of this scheme in the sense of indistinguishability. Bound the advan tage that an adversary A running in time t has in distinguishing random ciphertexts of any two messages M ,M 1 { , 1 } m ....
View
Full
Document
This homework help was uploaded on 01/30/2008 for the course ICS 180 taught by Professor Jarecki during the Spring '04 term at UC Irvine.
 Spring '04
 Jarecki

Click to edit the document details