04 4 using block annotated tủ tài liệu bách khoa

Online Cryptography Course Dan Boneh Using block ciphers Modes of opera6on: many 6me key (CBC) Example applica6ons: File systems: Same AES key used to encrypt many ﬁles IPsec: Same AES key used to encrypt many packets Dan Boneh Construc6on 1: CBC with random IV Let (E,D) be a PRP ECBC(k,m): choose random IV∈X and do: IV IV m[0] m[1] m[2] m[3] ⊕ ⊕ ⊕ ⊕ E(k,⋅) E(k,⋅) E(k,⋅) E(k,⋅) c[1] c[2] c[3] c[0] ciphertext Dan Boneh Decryp6on circuit In symbols: c[0] = E(k, IV⨁m[0] ) ⇒ m[0] = D(k, c[0]) ⨁ IV ⊕ m[0] D(k,⋅) c[2] D(k,⋅) c[3] D(k,⋅) ⊕ D(k,⋅) c[1] ⊕ c[0] ⊕ IV m[1] m[2] m[3] Dan Boneh CBC: CPA Analysis CBC Theorem: For any L>0, If E is a secure PRP over (K,X) then ECBC is a sem sec under CPA over (K, XL, XL+1) In par6cular, for a q-‐query adversary A a]acking ECBC there exists a PRP adversary B s.t.: AdvCPA [A, ECBC] ≤ 2⋅AdvPRP[B, E] + 2 q2 L2 / |X| Note: CBC is only secure as long as q2L2 0, n byte pad is n n n ⋯ n if no pad needed, add a dummy block removed during decryp6on Dan Boneh End of Segment Dan Boneh

Định dạng
Số trang	10
Dung lượng	263,42 KB