hw3-12 - CMPT 404 — Cryptography and Protocols Exercises...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: CMPT 404 — Cryptography and Protocols Exercises on Message Authentication Schemes, CCA Security and Number Theory. Due: Thursday, March 15th (at the beginning of the class) 1. Given f : { , 1 } n → { , 1 } n , define f : { , 1 } 2 n → { , 1 } 2 n as follows: for x,r ∈ { , 1 } n define f ( x ◦ r ) = f ( x ) ◦ r . (Where ◦ denotes concatenation.) Prove that if f ( · ) is a one-way permutation then so is f ( · ). 2. Consider the following variant of CMA-security for MACs: instead of giving the adversary black boxes for both the signing and verification algorithms, give it only a black box for the signing algorithm. Let’s call this definition CMA’-security. That is, A pair of algorithms ( Sign , Ver ) (with Sign : { , 1 } n × { , 1 } m → { , 1 } t , Ver : { , 1 } n ×{ , 1 } m ×{ , 1 } t → { , 1 } ) is a ( T,ε )-CMA’-secure MAC if for every x,k , Ver k ( x, Sign k ( x )) = 1 and for every T-time Adv , if we run the following experiment: • Choose k ←- { , 1 } n • Give adversary access to black box for Sign k ( · ) • Adversary wins if it comes up with a pair h x ,s i such that (a) x is not one of the messages that the adversary gave to the black box Sign k ( · ) and (b) Ver k ( x ,s ) = 1. Then the probability Adv wins is at most ε ....
View Full Document

{[ snackBarMessage ]}

Page1 / 2

hw3-12 - CMPT 404 — Cryptography and Protocols Exercises...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online