{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Algorithms_Part3 - S Dasgupta C.H Papadimitriou and U.V...

Info icon This preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
S. Dasgupta, C.H. Papadimitriou, and U.V. Vazirani 41 An application of number theory? The renowned mathematician G. H. Hardy once declared of his work: “I have never done anything useful.” Hardy was an expert in the theory of numbers, which has long been re- garded as one of the purest areas of mathematics, untarnished by material motivation and consequence. Yet the work of thousands of number theorists over the centuries, Hardy’s in- cluded, is now crucial to the operation of Web browsers and cell phones and to the security of financial transactions worldwide. 1.4.1 Private-key schemes: one-time pad and AES If Alice wants to transmit an important private message to Bob, it would be wise of her to scramble it with an encryption function, e : h messages i → h encoded messages i . Of course, this function must be invertible—for decoding to be possible—and is therefore a bijection. Its inverse is the decryption function d ( · ) . In the one-time pad , Alice and Bob meet beforehand and secretly choose a binary string r of the same length—say, n bits—as the important message x that Alice will later send. Alice’s encryption function is then a bitwise exclusive-or , e r ( x ) = x r : each position in the encoded message is the exclusive-or of the corresponding positions in x and r . For instance, if r = 01110010 , then the message 11110000 is scrambled thus: e r (11110000) = 11110000 01110010 = 10000010 . This function e r is a bijection from n -bit strings to n -bit strings, as evidenced by the fact that it is its own inverse! e r ( e r ( x )) = ( x r ) r = x ( r r ) = x 0 = x, where 0 is the string of all zeros. Thus Bob can decode Alice’s transmission by applying the same encryption function a second time: d r ( y ) = y r . How should Alice and Bob choose r for this scheme to be secure? Simple: they should pick r at random , flipping a coin for each bit, so that the resulting string is equally likely to be any element of { 0 , 1 } n . This will ensure that if Eve intercepts the encoded message y = e r ( x ) , she gets no information about x . Suppose, for example, that Eve finds out y = 10 ; what can she deduce? She doesn’t know r , and the possible values it can take all correspond to different original messages x : 00 01 10 11 x 10 e 11 e 01 e 00 y e 10
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
42 Algorithms So given what Eve knows, all possibilities for x are equally likely! The downside of the one-time pad is that it has to be discarded after use, hence the name. A second message encoded with the same pad would not be secure, because if Eve knew x r and z r for two messages x and z , then she could take the exclusive-or to get x z , which might be important information—for example, (1) it reveals whether the two messages begin or end the same, and (2) if one message contains a long sequence of zeros (as could easily be the case if the message is an image), then the corresponding part of the other message will be exposed. Therefore the random string that Alice and Bob share has to be the combined length of all the messages they will need to exchange.
Image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern