# Lec2 - Wrestling between Safeguard and Attack An example...

This preview shows pages 1–10. Sign up to view the full content.

1 Wrestling between Safeguard and Attack --- An example for security flaws

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
2 It is so easy to be flawed in cryptography! Cryptographic algorithms, protocols, and Systems usually contain security flaws. How can we deal with flaws? Fix them. But the fixed versions may again contain flaws. In this lecture, we show an example of attack- fix-attack-fix-…
3 Preliminaries: Starting from Encryption Encryption Decryption “ Hello, how are you?” 00111010001001 11110100001010 ( Cleartext ) ( Ciphertext ) Encryption key Decryption key

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
4 Private Key versus Public Key Private (Symmetric) Key Cryptosystem : Encryption key = Decryption Key Public (Asymmetric) Key Cryptosystem : Encryption Key ≠ Decryption Key Encryption key often called public key ; Decryption key often called private key . Note the difference between private key cryptosystem and private key .
5 Typical Use of Public Key Cryptosystem Each party has a pair of private/public key. Public key is well-known. Others use this key to encrypt message sent to this party. Private key is only known by this party. This party uses it to decrypt the received messages. All other parties do not know this private key, and thus can’t decrypt this party’s received messages.

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
6 Notations for Encryption/Decryption We use A(x) to denote the application of algorithm A to input x. Thus E(k,m) denotes encrypting cleartext m with encryption algorithm E and encryption key k. Similarly, D(k,C) denotes decrypting ciphertext C with decryption algorithm D and encryption key k.
7 More Notations and Assumptions For simplicity, we often write {m} k in stead of E(k,m). We assume: Without knowing decryption key , one cannot learn anything about m from {m} k . One cannot learn anything about the decryption key from {m} k (and from k in a public key cryptosystem). Recall the decryption key is k in a private key cryptosystem; and it is the corresponding private key in a public key cryptosystem.

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
8 Security Model: Dolev-Yao Besides the preliminary knowledge, we need to know the security model before talking about the example. We use the well-known Dolev-Yao model.
9 Dolev-Yao Model (1) The adversary can do the following things: Obtain any message passing through the network.

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

### What students are saying

• As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

Kiran Temple University Fox School of Business ‘17, Course Hero Intern

• I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

Dana University of Pennsylvania ‘17, Course Hero Intern

• The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

Jill Tulane University ‘16, Course Hero Intern