COS 433: Cryptography

1
COS 433 Cryptography
Lecture 1-7 Short Recap

• Princeton University Fall 2005
• Boaz Barak

2
Semantically Secure Encryption
I dont know anything about x I couldnt guess
before!
E
y
x
Equivalent notion Indistinguishability
I cant guess if it was x1 or x2 with prob better
than half
E
y
Both satisfied with one-time pad if we allow
key message
3
Pseudorandom Generators
I cant tell if Im seeing G(s) or just lots of
random coins!
G
y
s

We conjecture that they exist. (Axiom 1)
If were right, can get encryption with key lt
message length
4
CPA Secure Encryption
E
E
y
x
They gave me encryption box to play with and I
still dont know anything about x I couldnt
guess before!
Indistinguishability is still equivalent
E
E
y
5
Pseudorandom Functions (PRF)
fs
I dont know whats inside this box!
y
x
Axiom 1 (9 PRG) ) 9 PRF ) 9 CPA-secure encryption
6
Security of PRF-based Constructions
Ideal scheme using random function
Encryption scheme using PRF.
E
E
fs
Can adversary succeed?
1) Prove that ideal scheme is secure.
2) Show this implies security for real scheme
Otherwise all system is one big adversary for the
PRF.