Scribd Logo
Upload

Welcome to Scribd!

  • FOC Lecture 8 9

    Uploaded by

    lokesh chikkula
    10 views16 pages
    1. The document discusses different modes of operation for block ciphers and their security properties. 2. It states that CTR mode is CPA secure if the underlying function F is a PRF. It also notes that decryption in CTR mode does not require the decryption function. 3. The document notes that if F is a PRF, then CTR mode is CPA secure, while CBC mode is only CPA secure if F is also a PRF. It also discusses the security of other modes like CFB.

    Original Description:

    Foundations of cryptography

    Original Title

    FOC_Lecture_8_9

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    1. The document discusses different modes of operation for block ciphers and their security properties. 2. It states that CTR mode is CPA secure if the underlying function F is a PRF. It also notes that decryption in CTR mode does not require the decryption function. 3. The document notes that if F is a PRF, then CTR mode is CPA secure, while CBC mode is only CPA secure if F is also a PRF. It also discusses the security of other modes like CFB.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views16 pages

    FOC Lecture 8 9

    Uploaded by

    lokesh chikkula
    1. The document discusses different modes of operation for block ciphers and their security properties. 2. It states that CTR mode is CPA secure if the underlying function F is a PRF. It also notes that decryption in CTR mode does not require the decryption function. 3. The document notes that if F is a PRF, then CTR mode is CPA secure, while CBC mode is only CPA secure if F is also a PRF. It also discusses the security of other modes like CFB.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 16

    31 01 8022

    lectured
    IND CPA Enc PRF
    2 M1
    119
    C S r Fk er to
    my
    It on

    Modeofoperations
    Stream cipher
    Block cipher
    t

    Uzsynchronizednode IIF.at

    a
    TI
    p
    t
    c I V2 do
    q nrmodesofoferatin
    Ee.peprP
    FYI É
    mi mi
    EPI

    Ci Fis CED
    Mi FI Ci
    Is it CPA secure
    secure
    Is it INDIA

    If

    m m
    mi mim
    I II
    CPSC Mode M mi ma ma

    77111 ME maims

    Cz

    IV 0,13
    CT Ci G G
    SII

    Fk Ci a Ci i
    Mi s

    F PRP
    PRF then CBC
    If F is a

    Mode CPA Secure

    Sequential
    M I Me ma ma ma Ms

    statefuvariantotdfygm.mg
    Chad CBC iidy
    911 91111 j

    two
    É
    m II I
    say AMYL
    BGTIME IV
    net

    D C Om Cz
    Ey FK CIV

    Not secure
    3.0 Tq
    OFI
    Iv O B

    III
    I I
    It

    tea
    a tea
    II
    Preprocess
    equivalent
    Fie IV Stream cipher
    sync
    CPA secure
    assuming FI
    I a
    IRF
    We don't need Fi to

    decrypt
    F É
    IFL
    I I
    my w a

    mi a Fk Ctr ti
    Ci
    Mi GQ Fie Corti
    Don't need Fit for
    Ctr on
    decryption

    Parallel
    is CPA seane
    CTR Mode
    PRF
    Assn's F
    is a

    is CPA
    F is a PRF CTR mode
    17 If Secure
    0,13

    DfFI
    me
    Mi MI
    Lectured

    IF F is PRE etr mode is ÉÉs


    Fios
    I
    fgcctri ctrimiq.ae
    the
    1
    etviiw.gg A
    is
    at
    No of Queries I 912

    Imit earns
    If D is interacting with fog
    y
    Pr Dating BI Prinkey Ca I

    D is interacting with Fec

    Pr DIKE in P Pair RIPEast


    I Pr DF in i PRIDE am a Eneglen

    Pr I Park an P Private enate

    It
    Pr Poirk Casal
    s z t 2Iftneglin
    to in
    Giri 1
    41
    I Mika's
    Dtr
    MII IMb 90

    Lg
    egg
    Ctr trite
    trite
    t
    fact 1 M fectrit end

    fix Ctr me
    Ctr I Ctr i ctr e
    quit I ga
    29cm I Ctzi
    Pr Overlap
    291g 22912
    Pr overlap 2241
    2900.1
    CPA
    Pr Priv k 4
    A I

    Pr PrivkyAyla I overtly t

    Pr overlap
    2
    1

    Founter
    miscaseareif
    F is a PRF
    IT Gen Enc Dec

    R e Gen in

    ÉÉ

    m
    be o i

    Enck Mb It is not allowed


    1 to am
    Deeney
    on

    pl
    If b b A wins Priv k 14 n 1

    CCA
    Pr Priv k A it
    n I f t t negeen

    H PPT A
    I
    Ch 11 Geng k 0,13
    K
    E
    I Ey C
    ME
    Gloom
    0,1
    een

    Ii e mama

    Cca secure
    Not even CPA secure

    CPA secure
    Gns K ai

    Enamel
    Access to Deck C J y EYED
    Decicco
    M Face Cz

    4 EMEI i
    bit of
    Cb flip first Cy
    G is malleable A can generate
    valid related ciphertext from the
    Challenge ciphertext
    NOTLASECURE
    OF B center mode

    Its
    IIIII

    Not CCASecy

    É É Is it
    cafe

    I HIDE Mz Mill PAI


    C IV er
    no
    Oy
    Cz Fk Miaa
    Padding grade Attack
    Lied
    IF SAME IT WILL
    be FLIP

    C Gv Ca Ca flipped
    in
    MI
    car set lDe
    c E
    Mi in All bits of my will be same

    as me except the flints


    Confidentiality SRE

    It II
    Alice
    Authentic
    whether the msg is
    whether from Alice

    C G CK Me

    Message Authentication Code MAC

    Times
    Gen in outfits k with 114 n

    m
    Mae K me on t MACE

    Vrfy k mit be Urfy Cm tik


    b I then Valid
    If
    t
    K f me 0,13
    Correctness f n
    Searity
    Mac fo
    sef.it

    aTIII

    cnn.IT
    It wins if vrfyp.cm t

    m Q
    G Set of MACKE
    queries
    T Gen MAC Not is existentially
    Unforgeable under chosen message attack if

    F PPT A Inegeen 7
    enegeons
    a
    c
    forgea.me
    É FI
    Cm t 7 24 Q
    M
    MI ma Maen
    ti tu o n
    tain
    Mi tt 2 Vote Mi tt 1

    mac sforgea.it Strong MAC

    A mins if vofy Mst I

    Cm t Q

    Po MAC sforgea a a Enegeen

    ttppe
    fixedwelegn.tn
    to instantiate
    Mac

    You might also like