Consider an encryption scheme $(K,E,D),$ with $E$:$\{0,1{\}}^n\{0,1{\}}^{**}\{0,1{\}}^{**},$ which is CCA$-$secure$.$

Now, let the new cipher $(E^{\text{'}},D^{\text{'}})$ be defined as follows: $E_{(k_1,k_2)}^{\text{'}}(P)=E_{k_2}(E_{k_1}(P)),$

$D_{(k_1,k_2)}^{\text{'}}(C)=D_{k_1}(D_{k_2}(C))$ if $D_{k_2}(C),$ and ${?}_{|}{?}_{?}$ otherwise.

a$.$ Show that $(E^{\text{'}},D^{\text{'}})$ provides CCA$-$security even if the adversary finds out $k_1,$ as long as he does not know

$k_2.$

b$.$ Show that, on the other hand, if the adversary learns $k_2$ then $(E^{\text{'}},D^{\text{'}})$ is not CCA$-$secure even if the

adversary does not know $k_1.$

c$.$ Show how to make a new cipher out of $(E,D)$ with the key $(k_1,k_2)$ which would be CCA$-$secure even

when the adversary knows one of the two keys, as long as the other key stays secret.