# 08 - Pseudorandom Functions and Introduction Chosen...

This preview shows pages 1–7. Sign up to view the full content.

Introduction Pseudorandom Functions and Chosen Plaintext Attacks Cryptography and Protocols Andrei Bulatov

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
Cryptography and Protocols – Pseudorandom Functions 8-2 Two Problems of PRG-Based Encryption Schemes Single key – multiple messages All the theoretically analyzed schemes aim to send only one message, while in practice we need to send multiple messages. Ad hoc practical schemes may be susceptible to collision, reply, and all kind of unknown attacks Chosen plaintext attacks We assumed that Eve cannot choose what plaintext to encrypt. However sometimes it is possible and may lead to consequences. For RC4: Plaintext known part ) ( k g n known
Cryptography and Protocols – Pseudorandom Functions 8-3 Solutions to the Multiple Messages Problem Add a variable part to the key that is safe to send in clear Observe that by doing that we use a function depending on the IV rather than a single random string This is the idea behind pseudorandom functions WEP Key 104 bits = 26 hexadec. + Initialization Vector (IV) 24 bits KSA RC4 seed 2048 bits RC4 Stream Cipher Plaintext Ciphertext + CRC + IV ) ( IV k g

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
Cryptography and Protocols – Pseudorandom Functions 8-4 Random Functions A random function is built as follows: for each of the inputs we choose at random an n-bit string. Thus, is -bit string Let be a collection of functions such that This collection is efficiently computable if the mapping is computable in polynomial time n n n f } 1 , 0 { } 1 , 0 { : n 2 n n 2 n f * } 1 , 0 { } { = s s f F |) (| |) (| } 1 , 0 { } 1 , 0 { : s m s m s f ) ( , x f x s s a
Cryptography and Protocols – Pseudorandom Functions 8-5 Pseudorandom Functions: Games Let be a collection of functions, T a function, Eve an algorithm Game 1 - s is chosen uniformly at random from - Eve gets black-box access to the function for as long as it wants, but no more than T(n) - Eve outputs a bit v Game 2 - a random function is chosen - Eve gets black-box access to the function f for as long as it wants, but no more than T(n) - Eve outputs a bit v * } 1 , 0 { } { = s s f F n } 1 , 0 { n n f } 1 , 0 { } 1 , 0 { : s f

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
Cryptography and Protocols – Pseudorandom Functions 8-6 Pseudorandom Functions: Definition Let be a collection of functions, T, ε a pair of functions F is said to be (T, ε )-pseudorandom if it is efficient and for any
This is the end of the preview. Sign up to access the rest of the document.

## This note was uploaded on 03/05/2012 for the course CMPT 404 taught by Professor Andreia.bulatov during the Spring '12 term at Simon Fraser.

### Page1 / 20

08 - Pseudorandom Functions and Introduction Chosen...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document
Ask a homework question - tutors are online