Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Consider the following modification of the distinguishing game in the definition of the perfect secrecy of a cipher (E, D): as before, the adversary chooses
Consider the following modification of the distinguishing game in the definition of the perfect secrecy of a cipher (E, D): as before, the adversary chooses two messages mo and m and gives them to Alice who encrypts one of them at random. But now she generously gives back not one ciphertext c, but several c1 ... Ct, which are all encryptions of the same message my using different randomly chosen keys. a. Suppose that (E, D) has perfect secrecy in the usual definition (that is, when the adversary gets back one ciphertext) and (KI=MI. Can the adversary guess the message better after receiving several ciphertexts? Justify your answer. b. Suppose that the number of keys is 1/2 of the number of messages (that is, |M| = 2|K|). Give an algorithm for the adversary (not necessarily efficient) that would allow that adversary to guess the message with probability > 1 1/2+1. Prove that your algorithm achieves this goal. c. Now, generalizing: suppose that |M| = 24|K| for some d. Derive a formula for the number of ciphertexts needed to guess the message with probability at least p. Show your calculations and reasoning. Consider the following modification of the distinguishing game in the definition of the perfect secrecy of a cipher (E, D): as before, the adversary chooses two messages mo and m and gives them to Alice who encrypts one of them at random. But now she generously gives back not one ciphertext c, but several c1 ... Ct, which are all encryptions of the same message my using different randomly chosen keys. a. Suppose that (E, D) has perfect secrecy in the usual definition (that is, when the adversary gets back one ciphertext) and (KI=MI. Can the adversary guess the message better after receiving several ciphertexts? Justify your answer. b. Suppose that the number of keys is 1/2 of the number of messages (that is, |M| = 2|K|). Give an algorithm for the adversary (not necessarily efficient) that would allow that adversary to guess the message with probability > 1 1/2+1. Prove that your algorithm achieves this goal. c. Now, generalizing: suppose that |M| = 24|K| for some d. Derive a formula for the number of ciphertexts needed to guess the message with probability at least p. Show your calculations and reasoning
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started