{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Homework 4-sp10

# Homework 4-sp10 - CSE 794 Homework 4 Due Wednesday May 5 by...

This preview shows pages 1–2. Sign up to view the full content.

CSE 794 Homework 4 Due: Wednesday, May 5 by class time Midterm exam: Monday, May 10, open book, covering up to hash and MAC. {0,1} 1. Let :{0,1} {0,1} be a family of -bit pseudorandom functions. Construct a MAC scheme for messages of length 2 as follows. The shared key is a random {0,1} . To authentica n n n k k n f n n k 1 2 1 2 1 2 te a message with | | | | , let the tag be ( ), ( ) . Is this scheme secure against chosen-message attacks? Justify your answer. 2. Show that the following variant of CBC- k k k m m m m n f m f f m 1 2 MAC (using only one key) is insecure. (For simplicity, you may assume no padding.) Divi de the input message into blocks: , where . Apply s i m m m m m m n 0 1 the block cipher to in CBC mode using key : IV (typically 0 ) for 1 to do ( ) Let (the last cipher block) be the tag. n i k i i s E m k c i s c E c m c (Three more questions on the other side.)

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
1 2 0 1 3. Consider the CBC-MAC with two keys: a fixed IV (say, 0 ); for 1 to do ( ); tag : ( ) Now suppose we use a
This is the end of the preview. Sign up to access the rest of the document.
• Spring '10
• TenH.Lai
• Cryptographic hash function, Block cipher, Block cipher modes of operation, collision-resistant hash functions, Arun Chockalingam

{[ snackBarMessage ]}