A Concrete Introduction to Higher Algebra, 2nd Edition

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
file:///C|/Documents%20and%20Settings/Linda%20Grauer/My%20Documents/Dolores/Berkeley-H2/CS276/midterm-clarification.html I have a clarification that may help with Question 6 on the midterm. As someone else pointed out to me yesterday, E' is not in general decryptable, because the decryptor may not know the random coins used by E_pk (remember that in general E_pk might be a randomized algorithm). To repair this, you can pick one of the following interpretations: Ignore the fact that the scheme on the exam isn't decryptable, and answer the question anyway. (The definitions of security all still make sense, I believe.) Modify the scheme so that the random coins used in computing E_{pk}(r) are also transmitted: i.
Background image of page 1
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: e., the ciphertext will now be (r, r', E_{pk}(r) xor m), where r' are the coins used by E in this encryption. Under the philosophy that if I write an ambiguous question, you ought to get the benefit of the doubt in interpreting it in a reasonable way, you can feel free to choose either one of those two options and answer the question with that modification. If you have any further questions, please don't hesitate to ask us. file:///C|/Documents%20and%20Settings/Linda%20Grauer/My%2. ..ents/Dolores/Berkeley-H2/CS276/midterm-clarification.html [2/4/2008 11:50:17 AM]...
View Full Document

This note was uploaded on 02/04/2008 for the course CS 276 taught by Professor Trevisan during the Spring '02 term at Berkeley.

Ask a homework question - tutors are online