Any kind of the information about the underlying message, encrypted in a ciphertext, can be viewed as computing some function of that message. For ex, if one is interested to learn the LSB of the message, then that is a function. If one wants to find the range of the message, then that is another function, etc
In KPA and CPA, even if the attacker has pairs of (m, c), there are very less no. of chance that they will match the fresh message encrypted by the sender (because of randomized algorithm). so how they are considered as an attack since there is very much less probability of adversary having the same pair. BTW LECTURES ARE SO INTERESTING AND HELPFUL
m can match, m is not randomized. You might be sending same message again, so that will be directly found in database, m is unencrypted. The corresponding c, for second time sending might be different, but m can have multiple entries resent in database Edit: m cannot be known, because if that is known, there is no privacy then
U r right, even if m is there in database, we should be searching database with ciphers read over channel (if we are able to read new message m, there is no cryptography). Then due to randomization, the chance of c matching with database is less
Really good lecture! Thanks Professor!
Very Good Lecture... Thank you Sir..
what do you mean by 'compute some function of the underlying plaintext'?
Any kind of the information about the underlying message, encrypted in a ciphertext, can be viewed as computing some function of that message. For ex, if one is interested to learn the LSB of the message, then that is a function. If one wants to find the range of the message, then that is another function, etc
Such a nice lecture. Thanks Sir.
In KPA and CPA, even if the attacker has pairs of (m, c), there are very less no. of chance that they will match the fresh message encrypted by the sender (because of randomized algorithm).
so how they are considered as an attack since there is very much less probability of adversary having the same pair.
BTW LECTURES ARE SO INTERESTING AND HELPFUL
m can match, m is not randomized. You might be sending same message again, so that will be directly found in database, m is unencrypted. The corresponding c, for second time sending might be different, but m can have multiple entries resent in database
Edit: m cannot be known, because if that is known, there is no privacy then
U r right, even if m is there in database, we should be searching database with ciphers read over channel (if we are able to read new message m, there is no cryptography). Then due to randomization, the chance of c matching with database is less
Thank you sir 🔥
Please explain from basis!!!
this intro theme is from mathologer
3). 33:55 4). 38:12
Instead of using ppts.... Plz use white/blackboard
Hey can you help me in getting this course weekly assessment answer it will mean a lot
Now some BJP minister will say that Ram was talking to Sita by mobile....!!!!