Let (E,D) be an AE-secure cipher (remember that AE authenticated encryption). Show that the following derived cipher is not AE-secure: D(k,c, f D(k,c1) D(k,c2) E1(k,m) (E(k,m), E(k,m))- (c1,C2); D2-(k, (c1,C2))- reject otherwise Hints: Remember that AE-security implies chosen-ciphertext security Also, note that the encryption algorithm "E" is probabilistic, and therefore each computation of "E(k,m" (as in the above scheme) results in a different ciphertext (with overwhelming probability), and therefore we have ci C2 with overwhelming probability. Let (E,D) be an AE-secure cipher (remember that AE authenticated encryption). Show that the following derived cipher is not AE-secure: D(k,c, f D(k,c1) D(k,c2) E1(k,m) (E(k,m), E(k,m))- (c1,C2); D2-(k, (c1,C2))- reject otherwise Hints: Remember that AE-security implies chosen-ciphertext security Also, note that the encryption algorithm "E" is probabilistic, and therefore each computation of "E(k,m" (as in the above scheme) results in a different ciphertext (with overwhelming probability), and therefore we have ci C2 with overwhelming probability