You have a software for a deterministic message authentication code MAC = (K, T) that is...
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
You have a software for a deterministic message authentication code MAC = (K, T) that is known to be UF-CMA secure under some reasonable assumptions. However, the message space for this MAC is only the set of messages up to 1MB long. At some point, you needed to authenticate messages of length more than 1MB but less than 2MB. So you decide to use the existing software from now on in the following way: The new key generation algorithm K' runs K twice and outputs the concatenated outputs of the latter. To MAC a message M, break it into equal parts M, M (for simplicity, let's assume that all messages have even length), take the key K || K and let the tag be TK (M) TK (M) Let's call the modified scheme MAC' = (K', T'). (a) Prove that MAC' is not UF-CMA secure. (b) Give a one or two line justification of why MAC' is not a PRF. You have a software for a deterministic message authentication code MAC = (K, T) that is known to be UF-CMA secure under some reasonable assumptions. However, the message space for this MAC is only the set of messages up to 1MB long. At some point, you needed to authenticate messages of length more than 1MB but less than 2MB. So you decide to use the existing software from now on in the following way: The new key generation algorithm K' runs K twice and outputs the concatenated outputs of the latter. To MAC a message M, break it into equal parts M, M (for simplicity, let's assume that all messages have even length), take the key K || K and let the tag be TK (M) TK (M) Let's call the modified scheme MAC' = (K', T'). (a) Prove that MAC' is not UF-CMA secure. (b) Give a one or two line justification of why MAC' is not a PRF.
Expert Answer:
Answer rating: 100% (QA)
Answer Consider an adversary who wants to forge a valid tag for a message M by exploiting the fact t... View the full answer
Related Book For
Principles Of Information Security
ISBN: 9780357506431
7th Edition
Authors: Michael E. Whitman, Herbert J. Mattord
Posted Date:
Students also viewed these programming questions
-
On January 1, 2024, the Mason Manufacturing Company began construction of a building to be used as Its office headquarters. The building was completed on September 30, 2025. Expenditures on the...
-
Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...
-
Managing Scope Changes Case Study Scope changes on a project can occur regardless of how well the project is planned or executed. Scope changes can be the result of something that was omitted during...
-
SQL database the yellow box is the Order data mentioned in the Q CoursHeroTranscribedText Orders (cust, date, proc, memory, hd, od, quant, price) Exercise 7.4: In Exercise 6.1 we spoke of PC-order...
-
Use a double linear interpolation to find the pressure for superheated R-134a at 13C with v = 0.3 m3/kg.
-
Compute the failure to pay and failure to file penalties for John, who filed his 2012 income tax return on December 20, 2013, paying the $10,000 amount due at that time. On April 1, 2013, John...
-
Which of the following is an azeotrope refrigerant? (a) R-11 (b) R-40 (c) R-114 (d) R-502
-
Eskimo Joes, designer of the worlds second best-selling T-shirt (just behind Hard Rock Cafe), borrows $21 million cash on November 1, 2015. Eskimo Joes signs a six-month, 7% promissory note to...
-
The Refining Department of SweetBeet, Inc. had 72,000 tons of sugar to account for in July. Of the 72,000 tons, 40,000 tons were completed and transferred to the Boiling Department, and the remaining...
-
On January 1, 2022, Mobile Technology, Incorporated issued $850,000 of $1,000 par value, 6%, 6-year bonds. Interest is payable semiannually each January 1 and July 1 with the first interest payment...
-
As BC government announces holiday on September 19 th as a mark of respect to Queen Elizabeth's death, Explain 'Hard News' article informing the public about the same? Please remember to follow the...
-
How was the Apple stock price impacted by the news or event? Be sure to connect your conclusion to this week's concept of profitability.
-
Assume that the City of Coyote has produced its financial statements for December 31, 2024, and the year then ended. The city's general fund was only used to monitor education and parks. Its capital...
-
How is the Texas Bill of Rights typical of other states' bills of rights?
-
To calculate a per-mile cost for street maintenance are there any expenditures in the list of "Operating Expenditures" that you would want to exclude from this unit cost calculation because they...
-
Primary Source Document with Questions (DBQs) on EXCERPTS FROM THE TREATY OF NANJING, AUGUST 1842 agreeable to the Tariff, to be hereafter fixed, such Merchandise may be conveyed by Chinese...
-
It was found that 60% of American victims of health carefraud are senior citizens. If 10 victims are randomlyselected, find the probability that exactly 3 are seniorcitizens.
-
The National Collegiate Athletic Association (NCAA) and the National Federation of State High School Associations (NFHS) set a new standard for non-wood baseball bats. Their goal was to ensure that...
-
True or False: The Domain Name System (DNS) is a function of the World Wide Web that converts a URL (Uniform Resource Locator) such as www.course.com into the IP address of the Web server host.
-
Define what an incident response is and how it is similar or different to an adverse event. Express concern that incident responses depend on the quick, efficient, and timely containment of an issue...
-
I. Explain how in transport mode, the data within an IP packet is encrypted, but the header information is not. II. Emphasize that this allows the user to establish a secure link directly with the...
-
With reference to Exercise 11.6, find (a) a \(90\%\) confidence interval for the average number of classes attended each day by a student present for 15 days; (b) \(90 \%\) limits of prediction for...
-
Explain briefly the auditor's duty when (s)he has unresolved doubts about the ability of the auditee to continue as a going concern.
-
With reference to the preceding exercise, test the null hypothesis \(\beta=0.75\) against the alternative hypothesis \(\beta <0.75\) at the 0.10 level of significance.
Study smarter with the SolutionInn App