{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

# ps2 - Computer Science and Engineering UCSD CSE 207 Modern...

This preview shows pages 1–2. Sign up to view the full content.

Computer Science and Engineering, UCSD Spring 11 CSE 207: Modern Cryptography Instructor: Mihir Bellare Problem Set 2 April 6, 2010 Problem Set 2 Due: Wednesday April 13, 2010, in class. Problem 1. [20 points] Define the family of functions F : { 0 , 1 } 128 ×{ 0 , 1 } 128 →{ 0 , 1 } 128 by F ( K,M ) = AES ( M,K ). Assuming AES is a secure PRF, is F a secure PRF? If so, explain why. If not, present the best attack (with analysis) that you can. Problem 2. [60 points] Let F : { 0 , 1 } k ×{ 0 , 1 } l →{ 0 , 1 } L be a family of functions where l,L 128. Consider the game G of Fig. 1. We define Adv lr F ( B ) = 2 · Pr bracketleftBig G B true bracketrightBig - 1 . Let ( x 1 0 ,x 1 1 ) ,..., ( x q 0 ,x q 1 ) be the queries that B makes to its oracle. (Each query is a pair of l -bit strings, and there are q queries in all.) We say that B is legitimate if x 1 0 ,...,x q 0 are all distinct, and also x 1 1 ,...,x q 1 are all distinct. We say that F is LR-secure if Adv lr F ( B ) is “small” for every legitimate B of “practical” resources.

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}