Question: Let F:K x {0,1} {0,1} be a pseudo-random function. Show that the following con- structions Macl and Mac2 are insecure as message authentication codes on
Let F:K x {0,1}" {0,1}" be a pseudo-random function. Show that the following con- structions Macl and Mac2 are insecure as message authentication codes on a message space M = Uisism{0,1}in, where m is an arbitrary large integer. In each case you need to design an efficient adversary with a high forgery advantage: Macl(KM) M||M2||...MC+M; 200"; for it 1 tol, ZFk(Z-1 M); end for return Ze; Mac2(KM) M||M2||... Me+M; zo{0,1}"; for it 1 tol, Z; + Fr(2-1 M); end for return (Z0, Z_); Let F:K x {0,1}" {0,1}" be a pseudo-random function. Show that the following con- structions Macl and Mac2 are insecure as message authentication codes on a message space M = Uisism{0,1}in, where m is an arbitrary large integer. In each case you need to design an efficient adversary with a high forgery advantage: Macl(KM) M||M2||...MC+M; 200"; for it 1 tol, ZFk(Z-1 M); end for return Ze; Mac2(KM) M||M2||... Me+M; zo{0,1}"; for it 1 tol, Z; + Fr(2-1 M); end for return (Z0, Z_)
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help