CIS 5371 Cryptography
QUIZ 6 (5 minutes only) –with answers
This quiz concerns semantic security.
1. You have designed hardware decryption device D that (unfortunately) emits a weak
RF signal when decrypting. The client is worried that this signal could be used by a
hacker to analyze the emitted signals, and get some side information.
You claim that the RF signals are random noise and independent of the decryption
process. You would like to prove this using an argument similar to the one we used in
class for semantic security.
That argument involved information about the plaintext m captured by a function f .
The case that no useful information would leak, was supported by stating that:
“For any adversary A and any polynomial-time computable function f such that A can
compute f (m) given the ciphertext c (Pr[A(1n , Enck (m)) = f (m)] = 1), there is an
adversary A0 who is only given the length of the message m (not c) that can compute
f (m) equally well (with negligible difference) (Pr[A(1n ) = f (m)] = 1 − ε)”
Modify this argument so that if addresses the security of your invention D (of course,
this will only address your client’s concern regarding information leakage).
Answer:
Let f (m) be the information that can be derived from the emitted signals of D.
For any hacker A that can guess f (m) given the emmitted RF signals, there is a hacker
A0 that can guess f (m) equally well (with negligible difference), who does not have
access to the RF signals (but only the length of the message).
[It follows that the information f (m) does not depend on the emitted RF signals.]
Mike Burmester