[Boneh-crypto-course] Are we keeping up?
jason.orendorff at gmail.com
Wed Apr 11 10:26:20 CDT 2012
On Wed, Apr 11, 2012 at 1:17 AM, Jim Blandy <jimb at red-bean.com> wrote:
> For example, in the "make these functions collide" one, I couldn't possibly
> explain how I solved it. I just stared at it, and then tried some stuff,
> then thought "hey, this should do it." My first attempt was just to try to
> write down equations and then solve them, but that got nowhere. The blind
> leap was the only way.
Maybe that is because the problem is underspecified? The problem is:
AES(y1,x1) XOR y1 = AES(y2,x2) XOR y2
so, one equation with four unknowns. To find a *particular* solution
algebraically you would have to add arbitrary constraints of your own.
I think I ended up adding these:
AES(y1,x1) XOR y1 = 0
y1 = 0
y2 = 1
which gives 4 equations and 4 unknowns and solves quite nicely. But my
point is, it seems like there is necessarily a "try some stuff" step,
it's not just you. :)
More information about the Boneh-crypto-course