[Boneh-crypto-course] Botched problem set #4.

Jim Blandy jimb at red-bean.com
Tue Apr 17 11:15:26 CDT 2012

This week, I'm gonna do a lot better. Pace myself, take good notes, and so on.

One of the problems with my little Haskell notes is that any
CPA-secure cipher has to be randomized (lest the adversary queries
(m0, m0), and then (m0, m1), and gets the same ciphertext for m0 every
time, and can thus tell which experiment he's in). That means I need
to be threading some state through the cipher, which I don't
currently. Perhaps time to learn about I/O and monads!

More information about the Boneh-crypto-course mailing list