Post date: Nov 23, 2020 9:18:25 AM
Dear all,
Regarding the in-class question today, remember that when we proved that we can obtain CCA secure encryption using CPA secure encryption together with a secure MAC scheme, essentially we had two different challengers:Â
1) a CPA secure encryption challenger
2) a secure (strongly unforgeable under adaptive chosen message attacks) MAC scheme challenger
In your book, Theorem 4.19 (page 136 of edition 2) or Theorem 4.20 (page 145 of edition 1) discusses this proof. It essentially constructs two different adversaries (one breaking MAC and one breaking CPA). You can also combine both adversaries into a single one with two simultaneous challengers if you want.
Please take a detailed look at those proofs. Also take a look at the full hybrid argument proof (Theorem 7.20 on page 259 of edition 2 and Theorem 6.23 on page 215 of edition 1). These are very important proofs. Feel free to ask your questions if you do not understand these proofs.
Best.