calofmijuck/blog
1
0
Fork 0
mirror of https://github.com/calofmijuck/blog.git synced 2025-12-06 14:53:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

[PUBLISHER] upload files #164

Browse Source 
* PUSH NOTE : 1. OTP, Stream Ciphers and PRGs.md

* DELETE FILE : _posts/lecture-notes/modern-cryptography/2023-09-07-otp-stream-cipher-prgs/2023-09-07-otp-stream-cipher-prgs.md
This commit is contained in:
Sungchan Yi
2024-11-12 22:01:19 +09:00
committed by GitHub
parent f394e395b0
commit 0d6dc88470
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
_posts/lecture-notes/modern-cryptography/2023-09-07-otp-stream-cipher-prgs/2023-09-07-otp-stream-cipher-prgs.md → _posts/lecture-notes/modern-cryptography/2023-09-07-otp-stream-cipher-prgs.md
View File

@@ -5,6 +5,7 @@ math: true
categories: categories:
- Lecture Notes - Lecture Notes
- Modern Cryptography - Modern Cryptography
path: _posts/lecture-notes/modern-cryptography
tags: tags:
- lecture-note - lecture-note
- cryptography - cryptography
@@ -12,7 +13,6 @@ tags:
title: 1. One-Time Pad, Stream Ciphers and PRGs title: 1. One-Time Pad, Stream Ciphers and PRGs
date: 2023-09-07 date: 2023-09-07
github_title: 2023-09-07-otp-stream-cipher-prgs github_title: 2023-09-07-otp-stream-cipher-prgs
path: _posts/lecture-notes/modern-cryptography/2023-09-07-otp-stream-cipher-prgs
image: image:
path: assets/img/posts/lecture-notes/modern-cryptography/mc-01-ss.png path: assets/img/posts/lecture-notes/modern-cryptography/mc-01-ss.png
attachment: attachment:
@@ -293,7 +293,7 @@ We can deduce that if a PRG is predictable, then it is insecure.
*Proof*. Let $\mathcal{A}$ be an efficient adversary (next bit predictor) that predicts $G$. Suppose that $i$ is the index chosen by $\mathcal{A}$. With $\mathcal{A}$, we construct a statistical test $\mathcal{B}$ such that $\mathrm{Adv}_\mathrm{PRG}[\mathcal{B}, G]$ is non-negligible. *Proof*. Let $\mathcal{A}$ be an efficient adversary (next bit predictor) that predicts $G$. Suppose that $i$ is the index chosen by $\mathcal{A}$. With $\mathcal{A}$, we construct a statistical test $\mathcal{B}$ such that $\mathrm{Adv}_\mathrm{PRG}[\mathcal{B}, G]$ is non-negligible.
![mc-01-prg-game.png](../../../../assets/img/posts/lecture-notes/modern-cryptography/mc-01-prg-game.png) ![mc-01-prg-game.png](../../../assets/img/posts/lecture-notes/modern-cryptography/mc-01-prg-game.png)
1. The challenger PRG will send a bit string $x$ to $\mathcal{B}$. 1. The challenger PRG will send a bit string $x$ to $\mathcal{B}$.
- In experiment $0$, PRG gives pseudorandom string $G(k)$. - In experiment $0$, PRG gives pseudorandom string $G(k)$.
@@ -319,7 +319,7 @@ The theorem implies that if next bit predictors cannot distinguish $G$ from true
To motivate the definition of semantic security, we consider a **security game framework** (attack game) between a **challenger** (ex. the creator of some cryptographic scheme) and an **adversary** $\mathcal{A}$ (ex. attacker of the scheme). To motivate the definition of semantic security, we consider a **security game framework** (attack game) between a **challenger** (ex. the creator of some cryptographic scheme) and an **adversary** $\mathcal{A}$ (ex. attacker of the scheme).
![mc-01-ss.png](../../../../assets/img/posts/lecture-notes/modern-cryptography/mc-01-ss.png) ![mc-01-ss.png](../../../assets/img/posts/lecture-notes/modern-cryptography/mc-01-ss.png)
> **Definition.** Let $\mathcal{E} = (G, E, D)$ be a cipher defined over $(\mathcal{K}, \mathcal{M}, \mathcal{C})$. For a given adversary $\mathcal{A}$, we define two experiments $0$ and $1$. For $b \in \lbrace 0, 1 \rbrace$, define experiment $b$ as follows: > **Definition.** Let $\mathcal{E} = (G, E, D)$ be a cipher defined over $(\mathcal{K}, \mathcal{M}, \mathcal{C})$. For a given adversary $\mathcal{A}$, we define two experiments $0$ and $1$. For $b \in \lbrace 0, 1 \rbrace$, define experiment $b$ as follows:
> >