[Boneh-crypto-course] Botched problem set #4.
jimb at red-bean.com
Tue Apr 17 11:15:26 CDT 2012
This week, I'm gonna do a lot better. Pace myself, take good notes, and so on.
One of the problems with my little Haskell notes is that any
CPA-secure cipher has to be randomized (lest the adversary queries
(m0, m0), and then (m0, m1), and gets the same ciphertext for m0 every
time, and can thus tell which experiment he's in). That means I need
to be threading some state through the cipher, which I don't
currently. Perhaps time to learn about I/O and monads!
More information about the Boneh-crypto-course