Pseudorandomness & Proof by Reduction
Goals
 Learn how to capture security notions via “games”
 Master the definition of PRF security
 Begin to master proofs of security by reduction
Secrecy and Definitions
 Can we use pseudorandom functions/permutations to bypass the “bad news” theorem?

How do we bypass the “bad news” theorem in practice?
 What is an indistinguishability game?
 How is PRF security defined?
 How can we sanity check the definition?
 How does the PRP security definition differ from that of PRF security?
Proofs
 What constitutes a valid proof?
 What is the structure of a typical proof by contradiction?
Security Proofs
 How do we prove that a crypto construction is secure?
 How does reduction play a role?