Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Recall the EUF - CMA game we used in the definition of security for MACs. EUF - CMA ( ) : Challenger generates key klarrKeyGen

Recall the EUF-CMA game we used in the definition of security for MACs.
EUF-CMA() :
Challenger generates key klarrKeyGen(1).
For iin[l] :
Adversary sends message mi,
Challenger responds with tilarrMAC(1,k,mi).
Adversary outputs (m,t).
Adversary wins if Verify (1,j,m,t) accepts and for all iin[l]:(m,t)(mi,ti).
The MAC scheme (KeyGen, MAC, Verify) is secure if every PPT has only negligible advantage in
winning the above game. We say a MAC scheme is weakly secure if the same holds with the following
modified definition of the winning condition:
Adversary wins if Verify(1,j,m,t) accepts and for all iin[l]:mmi.
Consider the following MAC scheme constructed using a PRF (Gen, Eval). For security parameter ,
the keys of this PRF are -bit strings, and the output space of its functions is {0,1}. It is very similar
to the construction we saw in class, but has a few additions.
KeyGen (1) :
Output key klarrGen(1).
MAC(1,k,m):??
Output (Eval {:(1,k,m),0).
Verify (1,k,m,(t,j)) :
Accept iff:
t=Eval(1,k,m), and,
j=0 or and the jth bit of k is 0
image text in transcribed

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Database Concepts

Authors: David Kroenke, David Auer, Scott Vandenberg, Robert Yoder

8th Edition

013460153X, 978-0134601533

More Books

Students also viewed these Databases questions