Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

We are implementing searchable encryption techniques proposed by Song et al in J

ID: 648173 • Letter: W

Question

We are implementing searchable encryption techniques proposed by Song et al in Java for a paper[1]. The schemes need a Stream Cipher for achieving search over encrypted data. The stream of random bits should be reproducible later while decryption given the same "Seed".

Now we plan to generate the stream of random bits using AES in CTR mode. What we don't understand is what is considered as "seed". Is "seed" the random 64 bits prefix part of the IV / Nonce ?

What would be the plain text CTR mode while generating random stream ? Can we give some hard coded string as plain text as we don't really care what we are encrypting, all we want is random stream of bits that could be reproduced later

Or what is considered a secure way to generate random stream of bits ?

[1] Song, Dawn Xiaoding, David Wagner, and Adrian Perrig. "Practical techniques for searches on encrypted data." Security and Privacy, 2000. S&P 2000. Proceedings. 2000 IEEE Symposium on. IEEE, 2000.

Explanation / Answer

The seed should be the key and the nonce or IV. Those input parameters determine the value of the key stream. Note that the nonce may be implied if the key is not reused, in that case the key may be the only seed, with the nonce having a static value (you should however make sure that you are not vulnerable to multi-target attacks if you use a static IV, see the comment of CodesInChaos below).

For most stream ciphers - such as CTR mode of encryption - the key stream is used to encrypt the plain text by XOR'ing the plain text with the key stream. Obviously if you are just interested in the key stream of N bits then you can simply encrypt a plain text consisting of N bits set to zero (as zero is the identity element for XOR). Depending on the implementation the underlying key stream may also be available directly

Related Questions

We are given two light bulbs, a 30-watt bulb and a 60-watt bulb. If the some vol
Question #1417026
We are given two numbers: 0.8125 and -3.00 . Exponent1 = 01110 Fraction1 = 10100
Question #3914471
We are given two strings, called the source and the target , which both have the
Question #3569365
We are given whether the question is true or false, but I need to list reasons w
Question #2984016
We are going back to the fall of 1998, back in the midst of the new economy. The
Question #1095242
We are going to calculate some gradients, then use the results to think about fl
Question #118771
We are going to combine structs, strings, and command line arguments to create a
Question #663472
We are going to compare a lineweaver-Burk plot for regular kinetics and competit
Question #482224
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
We are hired to implement an interactive dictionary. Our dictionary takes input
Next
We are in a process of redesigning our product code in such a way so as to suppo

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.