What schemas are possible for the following encryption algorithms?

Marian Valentin

12/6/23, 4:17 AM

I'm trying to practice and to understand possible scenarios and the basics of symmetric encryption schemes. For the scenarios I listed below, I am not 100% sure of scenarios 1 and 3.

1. A symmetric encryption algorithm using non-random/predictable IV that is CPA secure. I do not think this scheme is possible. For example, there is the BEAST attack for the TLS 1.0 scheme on AESCBC encryption schemes. Random IVs are probably needed to make them CPA-secure.
1. A symmetric encryption algorithm with equal constant size key, message, and ciphertext space that is semantically secure. It is possible because of OTP One Time Pad, isn't it?
1. A symmetric encryption algorithm with equal constant size key and message space of magnitude X, with cipher text space of 2^X that is CPA-secure. I think this is possible as the AES-CBC encryption scheme follows these requirements.

I will be thankful for clarification and help with these scenarios.

1 + 2

symmetric

chosen-plaintext-attack

semantic-security

Marc Ilunga

12/6/23, 8:59 AM

1) It is possible, see the [counter mode](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Counter_(CTR)). 2) What do you mean by constant size? the key message and ciphertext have the same length? 3) Does magnitude mean cardinality?

Score:1

Crypto

DannyNiu

12/6/23, 5:42 AM

Counter-example: counter mode. (Pun intended in an afterthought). Most of the attacks like BEAST can be deterred by using "authenticated" encryption.
I suppose yes? I don't fully get your thinking about this part.
True. Almost all modern ciphers are capable of encrypting data that's orders of magnitude big. (e.g. various mode of operations of blockciphers intended for guaranteeing confidentiality, special designs such as Salsa20/ChaCha20, etc.)

+ 5

Marc Ilunga

12/6/23, 12:33 PM

2. is about semantic security so, I am not sure bitfliping attacks are appropriate or relevant for the question.

DannyNiu

12/6/23, 12:53 PM

@MarcIlunga I'm weak on crypto maths, but I think there are different types (e.g. KMA, CPA, CCA) of adversaries against which semantic security should be achieved.

Marc Ilunga

12/6/23, 1:25 PM

Semantic security has a precise definition outlining the capabilities and restrictions on the adversary (so we can't necessarily apply a CCA attack to a scheme that we only expected to have CPA or semantic security).

Marc Ilunga

12/6/23, 1:26 PM

In fact the OTP can be shown to be semantically secure: see https://www.cs.princeton.edu/~mzhandry/courses/2018-Spring-COS433/LN/LN3.pdf or https://crypto.stanford.edu/~dabo/courses/OnlineCrypto/slides/02-stream-v2-annotated.pdf

DannyNiu

12/7/23, 12:45 AM

@MarcIlunga I rolled back my answer.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: What schemas are possible for the following encryption algorithms?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.