Info
Warning
Danger
/ Homework Answers / Accounting / Question Show that CBC encryption

Question

Question

Show that CBC encryption where the IV is random but known in advance is not indistinguishable, under chosen plaintext attack. Directions: assume attacker sees the ciphertext blocks c1 , c2 resulting from CBC encryption of plaintext messages m1, m2. Furthermore, attacker is now given a random value I, to be used in CBC encryption of a message X that the attacker can choose. The attacker is given the result of that encryption; e.g., if X is exactly one block long, then attacker is given the output of E(X LI). Show that this allows attacker to find if m2 is a block of all zeros or block of all 1 bits. Conclude that such CBC encryption is not CPA-IND.

 

Solution
5 (1 Ratings )

Solved
Accounting 1 Week Ago 100 Views
This Question has Been Answered!
Premium Content -