Let F be a pseudorandom function and G be a pseudorandom generator with expansion factor p(n)...
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
Let F be a pseudorandom function and G be a pseudorandom generator with expansion factor p(n) = n +1. Suppose the shared key is a uniform k = {0,1}¹. (a) Consider an encryption scheme as follows. To encrypt m = {0,1}2n, parse m as m₁||m2 with |m₁| = |m₂|, then choose uniform r = {0,1}", and send Enck (m) (r,m₁ Fk (r), m2 Fk (r + 1)). Is this scheme CPA-secure? = (b) Consider an encryption scheme as follows. Given as inputs a message m = {0,1}¹/2² and a key k = {0,1}", algorithm Enc chooses a random string r of length n/2, i.e., r t [0,1]¹/2 and computes c := Fk (r||m). Show how to decrypt. Is this scheme CPA-secure? Is this scheme CCA-secure? Explain your answer. (c) Suppose a message (m₁, m2,..., .,m) is encrypted to give a ciphertext (co, C₁, C2, ...,c₁), in the CBC (Ci- pher Block Chaining) and CTR (Counter) modes of operation of a block cipher. Suppose that in transmis- sion a single block of ciphertext c; is dropped for some i € {0, 1,...,1l} (for e.g., the transmitted ciphertext (co, C₁, C₂, ..., c₁) is received as (co, c2, ..., c₁)). Describe the effect of this error in both the CBC and CTR modes of operation. In particular, specify which message blocks are affected, and which are unchanged when a receiver decrypts the modified ciphertext. Let F be a pseudorandom function and G be a pseudorandom generator with expansion factor p(n) = n +1. Suppose the shared key is a uniform k = {0,1}¹. (a) Consider an encryption scheme as follows. To encrypt m = {0,1}2n, parse m as m₁||m2 with |m₁| = |m₂|, then choose uniform r = {0,1}", and send Enck (m) (r,m₁ Fk (r), m2 Fk (r + 1)). Is this scheme CPA-secure? = (b) Consider an encryption scheme as follows. Given as inputs a message m = {0,1}¹/2² and a key k = {0,1}", algorithm Enc chooses a random string r of length n/2, i.e., r t [0,1]¹/2 and computes c := Fk (r||m). Show how to decrypt. Is this scheme CPA-secure? Is this scheme CCA-secure? Explain your answer. (c) Suppose a message (m₁, m2,..., .,m) is encrypted to give a ciphertext (co, C₁, C2, ...,c₁), in the CBC (Ci- pher Block Chaining) and CTR (Counter) modes of operation of a block cipher. Suppose that in transmis- sion a single block of ciphertext c; is dropped for some i € {0, 1,...,1l} (for e.g., the transmitted ciphertext (co, C₁, C₂, ..., c₁) is received as (co, c2, ..., c₁)). Describe the effect of this error in both the CBC and CTR modes of operation. In particular, specify which message blocks are affected, and which are unchanged when a receiver decrypts the modified ciphertext.
Expert Answer:
Answer rating: 100% (QA)
a The given encryption scheme is not CPAsecure An adversary can distinguish between two encryptions ... View the full answer
Related Book For
Algebra Graduate Texts In Mathematics 73
ISBN: 9780387905181
8th Edition
Authors: Thomas W. Hungerford
Posted Date:
Students also viewed these programming questions
-
Write a C++ program that calculates GPA of n students, n and students grades are entered by the user: Ask the user to enter the number of students (n), do not accept negative values. For each...
-
6. Kindly describe the accounting framework. What are the elements and how do they effect the financial statements? 7. What does the accounting model specify? What are the elements involved?
-
Write each decimal as a percent. 1. 0.71 2. 0.65 3. 6 4. 9
-
The cable AB is subjected to a triangular loading. If the angles with the tangents at points A and B are 45 and 80, respectively, determine the deflection curve of the cable and the maximum tension...
-
Use the relationship between force and impulse to explain how padded boxing gloves protect a boxer's hands.
-
Consider the facts presented in E22-14. Tremonts operating expenses include the following: Rent, $2,000 a month Salary, $3,000 a month Commissions, 3% of sales Depreciation, $1,000 a month...
-
6. 7. 8. The reaction of sulphur in alkaline medium is given below Sais) +aOH bs2 (aq) (aq) + CS0 (aq) + H2O (1) . (Integer answer) The values of 'a' is 4.5g of compound A (MW = 90) was used to make...
-
Garden Glory Project Questions Assume that Garden Glory designs a database with the following tables: OWNER (OwnerID, OwnerName, OwnerEmail, OwnerType) OWNED_PROPERTY (PropertyID, PropertyName,...
-
Differentiate between constructor and Destructor?. Explain with a program. b) What is function template? Write a program to overload Function template.
-
Find the all eigen-values and associated eigen-vectors of the following matrices where: A = [ 21] 1 Hint: Find the eigenvalues and eigenvectors of A, then use the result for question 2 to find the...
-
At January 1, 2024, Caf Med leased restaurant equipment from Crescent Corporation under a nine-year lease agreement. The lease agreement specifies annual payments of $31,000 beginning January 1,...
-
What key issues and their implications are highlighted in this case (both financial and non-financial)? 2. What are the characteristics of the historical sales data? 3. What options/strategies are...
-
What should be done now for Janet and her parents, and on what grounds? 2. What values underlie the statute making a pregnant womans healthcare treatment declarations of no effect while pregnant? 3....
-
You have been working as the controller of Fixzit Corporation for the past six years. Last week you had appointed a bright young student, Daye Bitt, from Konkord University as a work study intern for...
-
Python3 GymBattle.py Objects Class #In Pokemon Go, a Pokemon is defined by several different #parameters. For simplicity in this problem, we'll say that #every Pokemon is defined by two parameters:...
-
A regular deposit of $100 is made at the beginning of each year for 20 years. Simple interest is calculated at i% per year for the 20 years. At the end of the 20-year period, the total interest in...
-
S n is solvable for n 4, but S 3 and S 4 are not nilpotent.
-
Proof that If char K = p 0 and u K but a K p , then x -pn - a K[x] is irreducible for every n > 1.
-
(a) If F is a field and : F Fa (ring) homomorphism, then = 0 or is a monomorphism. If 0, then (1 F ) = 1 F , (b) The set Aut F of all field automorphisms F F forms a group under the operation...
-
Explain from a technical viewpoint why it is important to distinguish a method, research, approach, and design. Next, briefly discuss how understanding each term individually in addition to how these...
-
Discuss the importance of validity and research design. Next, choose one type of validity (internal, external, construct, or statistical conclusion) and discuss its relevance to experimental, quasi...
-
Define a sampling strategy.
Study smarter with the SolutionInn App