Database System Concepts
7th Edition
ISBN: 9780078022159
Author: Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher: McGraw-Hill Education
expand_more
expand_more
format_list_bulleted
Related questions
Concept explainers
Question
Transcribed Image Text:7.8. Suppose F is a secure PRP with blocklength n + λ. Below is the encryption algorithm for
a scheme that supports plaintext space M = {0, 1}":
Enc(k, m):
r← {0,1}^
return F(k, m||r)
(a) Describe the corresponding decryption algorithm.
(b) Prove that the scheme satisfies CPA$ security.
Expert Solution
This question has been solved!
Explore an expertly crafted, step-by-step solution for a thorough understanding of key concepts.
Step by stepSolved in 3 steps
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Similar questions
- 2. Describe the flaw in this argument: Consider the following attack against one-time pad: upon seeing a ciphertext c, the eavesdropper tries every candidate key k e {0,1}^ until she has found the one that was used, at which point she outputs the plaintext m. This contra- dicts the argument in the book that the eavesdropper can obtain no information about m by seeing the ciphertext.arrow_forwardConsider a very simple symmetric block encryption algorithm in which 32-bits blocks of plaintext are encrypted using a 64-bit key. Encryption is defined as C = (PK₁) K₁ where C = ciphertext, K = secret key, Ko = leftmost 64 bits of K, K₁ = rightmost 64 bits of K,+ = bitwise exclusive OR, and is addition mod 264. a. Show the decryption equation. That is, show the equation for P as a function of C, Ko, and K₁. b. Suppose and adversary has access to two sets of plaintexts and their correspond- ing ciphertexts and wishes to determine K. We have the two equations: C = (PK) K₁; C = (PK) K₁ First, derive an equation in one unknown (e.g., Ko). Is it possible to proceed fur- ther to solve for Ko?arrow_forwardProblem 4. Let H : M → {0,1}" be a collision resistant hash function (CRHF). Show that truncating the output of H even by one bit does not necessarily result in a CRHF. Hint: Use H to construct another CRHF H' : M → {0, 1}", but H"(x) := H'(x)[: –1] (in Python notation) is not a CRHF.arrow_forward
- Strings of undefined length are used as keys to access a hash table. Report the C implementation of a proper hash function. Specify and explain (in plain English) how to select the algorithm and how to avoid overflows during the computation of the hash function. Motivate all choices.arrow_forwardConsider Cuckoo hashing with a hash table H[0... 10] and the two hash functions: h₁(x) = (x +2) mod 11 h₂(x) = (4x + 1) mod 11. (When inserting, try h₁ first.) Consider the following sequence of operations: Insert(11) Insert(13) Insert(33) Which position is 33 placed in? 0 1 2 3 4 5 6 O O ос 7 8 9 10arrow_forwardConsider the encryption function for a symmetric cryptosystem E(k, m) described below, where K = M = {0, 1, 2, 3}, C = {0, 1, 2, 3}: E(k, m) = (2 ∗ k + m) mod 4 (a) Give the corresponding decryption function(b) Is this cryptosystem information-theoretically secure(or perfectly secure)? Why or why not?arrow_forward
- Question 1. Let H: {0,1}* → {0, 1}" be a hash function that achieves the one-way and collision resistance security properties. (b). Show that the new function H' achieves collision resistance. Suppose that we want to use H for the deployment of a password-based user authentication mechanism that is a variant of the standard password hashing mechanism as follows: when loading a new password P selected by the user with ID U, instead of choosing a random salt, the password P is hashed. Then, the n-bit digest H(P) and password P serve as inputs to produce a fixed-length hash code. Namely, the information that is stored in the password file is the triple (U, H(P), H(H(P)||P)). During password verification for user ID U, the system receives a password P* and (i) computes H(P*), (ii) computes H(H(P*)||P*), and (iii) checks if H(H(P*)||P*) matches the value H(H(P)||P) that is stored for U. 1 Does the aforementioned mechanism provide protection against offline dictionary attacks? Justify your…arrow_forwardIf an encryption function er is identical to the decryption function dg, then the key K is said to be an involutory key. (a) Let K = (a, b) be a key in an affine cipher over Z/nZ. Show that K is an involutory key if and only if a- = a (mod n) and b(a+1) = 0 (mod n).arrow_forward2.(a) Consider the use of OTP. Let m be an arbitrary message to be encrypted and c be a given ciphertext in the ciphertext space. How many possible keys with which m can be mapped to c, i.e., f(m,k)=c? None 1 2 The size of the key space Depends on m (b) 3^(-n) is negligible. True or false? (c) n^(-100) is negligible. True or false?arrow_forward
- Question 1. Let H : {0, 1}* →→ {0,1}" be a hash function that achieves the one-way and collision resistance security properties. (a). Let LSB(x) denote the least significant bit of string x and || denote the concatenation of two strings. We define the following function H': {0, 1}* {0,1}+¹ as H'(x) = H (x)||LSB(x). Show that the new function H' achieves collision resistance.arrow_forwardUse a coding matrix A of your choice. Use a graphing utility to find the multiplicative inverse of your coding matrix. Write a cryptogram for each message. C perform all necessary matrix multiplications. DGE OU T AHEAD BR 2 18 4 75 0 15 21 20 0 1 8 5 1 4 .... 1 1 -12 32 -15 Using the coding matrix the coded message is.····☐☐☐☐☐☐☐☐☐☐ 2 2 1 5 4 4 4 7 (Simplify your answers.) 61arrow_forward
arrow_back_ios
arrow_forward_ios
Recommended textbooks for you
- Database System ConceptsComputer ScienceISBN:9780078022159Author:Abraham Silberschatz Professor, Henry F. Korth, S. SudarshanPublisher:McGraw-Hill Education
Starting Out with Python (4th Edition)Computer ScienceISBN:9780134444321Author:Tony GaddisPublisher:PEARSON
Digital Fundamentals (11th Edition)Computer ScienceISBN:9780132737968Author:Thomas L. FloydPublisher:PEARSON 
C How to Program (8th Edition)Computer ScienceISBN:9780133976892Author:Paul J. Deitel, Harvey DeitelPublisher:PEARSON
Database Systems: Design, Implementation, & Manag...Computer ScienceISBN:9781337627900Author:Carlos Coronel, Steven MorrisPublisher:Cengage Learning
Programmable Logic ControllersComputer ScienceISBN:9780073373843Author:Frank D. PetruzellaPublisher:McGraw-Hill Education
Database System Concepts
Computer Science
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:McGraw-Hill Education
Starting Out with Python (4th Edition)
Computer Science
ISBN:9780134444321
Author:Tony Gaddis
Publisher:PEARSON
Digital Fundamentals (11th Edition)
Computer Science
ISBN:9780132737968
Author:Thomas L. Floyd
Publisher:PEARSON
C How to Program (8th Edition)
Computer Science
ISBN:9780133976892
Author:Paul J. Deitel, Harvey Deitel
Publisher:PEARSON
Database Systems: Design, Implementation, & Manag...
Computer Science
ISBN:9781337627900
Author:Carlos Coronel, Steven Morris
Publisher:Cengage Learning
Programmable Logic Controllers
Computer Science
ISBN:9780073373843
Author:Frank D. Petruzella
Publisher:McGraw-Hill Education