lec3-4 - Admin Stuff E-mail Modern Cryptography Lecture 3...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Modern Cryptography Lecture 3 Yongdae Kim 2 Admin Stuff E-mail Subject should have [5471] in front, e.g. “[5471] Project proposal” CC TA and PostDoc: hkang@cs.umn.edu, aaram@cs.umn.edu Office hours Me: T 1:30 ~ 2:30, Th 10:00 ~ 11:00 (and by appointment) TA: M 1:15 PM ~ 2:15 PM Work on projects Pre-proposal due: Feb 9 2nd assignment will be on-line tonight (due: 2/16 9:00 AM) Study Guide: Quiz this Thursday Repeat whatever you have learned, try it by yourself. Go back to look at discrete math books. Come and talk to me and TA as much as possible. (Google chat is good!) Check Calendar 3 Recap Math… Proof techniques Direct/Indirect proof, Proof by contradiction, Proof by cases, Existential/Universal Proof, Forward/backward reasoning Divisibility: a divides b (a|b) if c such that b = ac GCD, LCM, relatively prime, existence of GCD Eucledean Algorithm d = gcd (a, b) x, y such that d = a x + b y. gcd(a, b) = gcd(a, b + ka) Modular Arithmetic a b (mod m ) iff | a-b iff a = b + mk for some k (mod ), c d (mod ) a+c ( b+d ) (mod ), ac bd (mod ) gcd(a, n) =1 a has an arithmetic inverse modulo n. Counting, probability, cardinality, … Security Symmetric Key vs. Public Key 4 SKE with Secure Channel Plaintext source Encryption E e (m) = c destination Decryption D d (c) = m c Insecure channel Alice Bob Adversary Key source e m m e Secure channel
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
5 PKE with Insecure Channel Plaintext source Encryption E e (m) = c destination Decryption D d (c) = m c Insecure channel Alice Bob Passive Adversary Key source d m m e Insecure channel 6 Public key should be authentic! Need to authenticate public keys 7 Hash function and MAC A hash function is a function h compression — h maps an input x of arbitrary finite bitlength, to an output h(x) of fixed bitlength n. ease of computation — h(x) is easy to compute for given x and h Properties one-way: for a given y, find x’ such that h(x’) = y collision resistance: find x and x’ such that h(x) = h(x’) MAC (message authentication codes) both authentication and integrity MAC is a family of functions h k ease of computation (if k is known !!) compression, x is of arbitrary length, h k (x) has fixed length computation resistance: given (x’,h k (x’)) it is infeasible to compute a new pair (x, h k (x)) for any new x x’ 8 Message Authentication Code MAC MAC is a family of functions h k ease of computation (if k is known !!) compression, x is of arbitrary length, h k (x) has fixed length computation resistance: given (x’,h k (x’)) it is infeasible to compute a new pair (x, h k (x)) for any new x x’ Typical use A ! B: (x, H = h k (x)) B: verifies if H = h k (x) Properties Without k, no one can generate valid MAC.
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 13

lec3-4 - Admin Stuff E-mail Modern Cryptography Lecture 3...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online