12h - 21/02/2012 Cryptography and Protocols CCA-Security...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
21/02/2012 1 Introduction CCA-Security Cryptography and Protocols Andrei Bulatov Cryptography and Protocols – CCA-Security 12-2 CCA Security (take 1) Let (K,E,D) be a symmetric encryption scheme and (T, ε ) a superpolynomial pair. Consider the following game: (1) Alice and Bob choose a shared k at random from (2) Eve gets access to black boxes and (3) Eve chooses and (4) Alice chooses i {1,2} at random and gives Eve (5) Eve gets more access to black boxes and (6) Eve outputs j {1,2} Eve wins if j = i. Scheme (K,E,D) is (T, ε )-CCA-secure if for any if of time complexity at most T Pr[Eve wins] < 1/2 + ε n } 1 , 0 { ) ( k E ) ( k D 1 P 2 P ) ( i k P E C = ) ( k E ) ( k D Cryptography and Protocols – CCA-Security 12-3 CCA Security (fix) Change (5) to: (5’) Eve gets access to black boxes and , where ) ( k E ) ( ' k D = = C C C C C D C D k k ' , ' ), ' ( ) ' ( ' if if Cryptography and Protocols – CCA-Security 12-4 Construction of a CCA-Secure Scheme Let (Sign, Ver) be a CMA-secure MAC and (K’,E’,D’) a CPA-secure scheme. Define (K,E,D) as follows K: keys k, k’ selected uniformly at random from E: compute , , and send (C,t) D: Upon receiving (C,t), first verify that if not, abort (output ). If check passes compute n } 1 , 0 { ) ( ' P E C k = ) ( ' C t k Sign = 1 ) , ( ' = t C k Ver ) ( ' C D k Cryptography and Protocols – CCA-Security 12-5 Security A MAC (Sign, Ver) satisfies the unique signatures property if for
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/05/2012 for the course CMPT 404 taught by Professor Andreia.bulatov during the Spring '12 term at Simon Fraser.

Page1 / 3

12h - 21/02/2012 Cryptography and Protocols CCA-Security...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online