# hw3-12 - CMPT 404 — Cryptography and Protocols Exercises...

This preview shows pages 1–2. Sign up to view the full content.

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: CMPT 404 — Cryptography and Protocols Exercises on Message Authentication Schemes, CCA Security and Number Theory. Due: Thursday, March 15th (at the beginning of the class) 1. Given f : { , 1 } n → { , 1 } n , define f : { , 1 } 2 n → { , 1 } 2 n as follows: for x,r ∈ { , 1 } n define f ( x ◦ r ) = f ( x ) ◦ r . (Where ◦ denotes concatenation.) Prove that if f ( · ) is a one-way permutation then so is f ( · ). 2. Consider the following variant of CMA-security for MACs: instead of giving the adversary black boxes for both the signing and verification algorithms, give it only a black box for the signing algorithm. Let’s call this definition CMA’-security. That is, A pair of algorithms ( Sign , Ver ) (with Sign : { , 1 } n × { , 1 } m → { , 1 } t , Ver : { , 1 } n ×{ , 1 } m ×{ , 1 } t → { , 1 } ) is a ( T,ε )-CMA’-secure MAC if for every x,k , Ver k ( x, Sign k ( x )) = 1 and for every T-time Adv , if we run the following experiment: • Choose k ←- { , 1 } n • Give adversary access to black box for Sign k ( · ) • Adversary wins if it comes up with a pair h x ,s i such that (a) x is not one of the messages that the adversary gave to the black box Sign k ( · ) and (b) Ver k ( x ,s ) = 1. Then the probability Adv wins is at most ε ....
View Full Document

## This note was uploaded on 03/05/2012 for the course CMPT 404 taught by Professor Andreia.bulatov during the Spring '12 term at Simon Fraser.

### Page1 / 2

hw3-12 - CMPT 404 — Cryptography and Protocols Exercises...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document
Ask a homework question - tutors are online