Feb 26 problem set 2

A Concrete Introduction to Higher Algebra, 2nd Edition

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
University of California — Berkeley Handout PS2 CS276: Cryptography February 26, 2002 Professors Luca Trevisan and David Wagner Problem Set 2 This problem set is due in class on Thursday, March 7th. Problem 1. [Access control] You have founded a hot new startup that is building a trendy new high-tech padlock. Your padlock comes with a factory-set combination, and a serial number printed on the back. However, one potential problem is that some customers will forget their combination, and when they call you up and give their serial number, you need to be able to tell them their combination. Moreover, you need to make sure that only the factory can do this: thieves should not be able to deduce the combination by looking at the serial number. (a) You’re going to sell a lot of locks. Describe a solution that does not require much storage at the factory: say, sub-linear in the number of locks sold. (The lower the storage needed, the better.) (You may make reasonable computational assumptions, such as that there exist secure one-way functions.) (b) You tried the above, but were forced to disclose in your business plan the risk that, if some researcher ±nds a constructive proof that P = NP , then your padlocks may become insecure. This got too many confused looks from the venture capitalists, so now the goal is to try to avoid this. Describe a solution that is unconditionally secure. (You may not make any unproven computational assumptions.) Problem 2. [Computational indistinguishability] We de±ne a distance measure on probability distributions as follows: d R ( D, D 0 ) = max A | Pr x D [ A ( x ) = 1] - Pr x 0 D 0 [ A ( x 0 ) = 1] | where the maximum is taken over all algorithms running with resources R . Here R denotes a set of resources, which is used to restrict the adversary. For instance, R might list a bound on number of steps of computation, on queries to the oracle, on the amount of memory used, or something else. If algorithm A runs with resources R and A 0 with R 0 , then let R + R 0 denote the resources used by running ±rst A then A 0 . Note that
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/04/2008 for the course CS 276 taught by Professor Trevisan during the Spring '02 term at Berkeley.

Page1 / 4

Feb 26 problem set 2 - University of California - Berkeley...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online