{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Homework 4-sp10 - CSE 794 Homework 4 Due Wednesday May 5 by...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
CSE 794 Homework 4 Due: Wednesday, May 5 by class time Midterm exam: Monday, May 10, open book, covering up to hash and MAC. {0,1} 1. Let :{0,1} {0,1} be a family of -bit pseudorandom functions. Construct a MAC scheme for messages of length 2 as follows. The shared key is a random {0,1} . To authentica n n n k k n f n n k 1 2 1 2 1 2 te a message with | | | | , let the tag be ( ), ( ) . Is this scheme secure against chosen-message attacks? Justify your answer. 2. Show that the following variant of CBC- k k k m m m m n f m f f m 1 2 MAC (using only one key) is insecure. (For simplicity, you may assume no padding.) Divi de the input message into blocks: , where . Apply s i m m m m m m n 0 1 the block cipher to in CBC mode using key : IV (typically 0 ) for 1 to do ( ) Let (the last cipher block) be the tag. n i k i i s E m k c i s c E c m c (Three more questions on the other side.)
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
1 2 0 1 3. Consider the CBC-MAC with two keys: a fixed IV (say, 0 ); for 1 to do ( ); tag : ( ) Now suppose we use a
Background image of page 2
This is the end of the preview. Sign up to access the rest of the document.
  • Spring '10
  • TenH.Lai
  • Cryptographic hash function, Block cipher, Block cipher modes of operation, collision-resistant hash functions, Arun Chockalingam

{[ snackBarMessage ]}