Homework 4-sp10

Homework 4-sp10 - CSE 794 Homework 4 Due: Wednesday, May 5...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
CSE 794 Homework 4 Due: Wednesday, May 5 by class time Midterm exam: Monday, May 10, open book, covering up to hash and MAC.   {0,1} 1. Let :{0,1} {0,1} be a family of -bit pseudorandom functions. Construct a MAC scheme for messages of length 2 as follows. The shared key is a random {0,1} . To authentica n nn k k n fn n k   1 2 1 2 12 te a message with | | | | , let the tag be ( ), ( ) . Is this scheme secure against chosen-message attacks? Justify your answer. 2. Show that the following variant of CBC- k k k m m m m n f m f f m  MAC (using only one key) is insecure. (For simplicity, you may assume no padding.) Divi de the input message into blocks: , where . Apply si m m m m m m n 0 1 the block cipher to in CBC mode using key : IV (typically 0 ) for 1 to do ( ) Let (the last cipher block) be the tag. n i k i i s E m k c i s c E c m c (Three more questions on the other side.)
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
1 2 0 1 3. Consider the CBC-MAC with two keys: a fixed IV (say, 0 ); for 1 to do ( ); tag : ( ) Now suppose we use a
Background image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 01/22/2011 for the course CSE 794 taught by Professor Tenh.lai during the Spring '10 term at Ohio State.

Page1 / 2

Homework 4-sp10 - CSE 794 Homework 4 Due: Wednesday, May 5...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online