# lec3-4 - Admin Stuff E-mail Modern Cryptography Lecture 3...

This preview shows pages 1–3. Sign up to view the full content.

Modern Cryptography Lecture 3 Yongdae Kim 2 Admin Stuff E-mail Subject should have [5471] in front, e.g. “[5471] Project proposal” CC TA and PostDoc: [email protected], [email protected] Office hours Me: T 1:30 ~ 2:30, Th 10:00 ~ 11:00 (and by appointment) TA: M 1:15 PM ~ 2:15 PM Work on projects Pre-proposal due: Feb 9 2nd assignment will be on-line tonight (due: 2/16 9:00 AM) Study Guide: Quiz this Thursday Repeat whatever you have learned, try it by yourself. Go back to look at discrete math books. Come and talk to me and TA as much as possible. (Google chat is good!) Check Calendar 3 Recap Math… Proof techniques Direct/Indirect proof, Proof by contradiction, Proof by cases, Existential/Universal Proof, Forward/backward reasoning Divisibility: a divides b (a|b) if c such that b = ac GCD, LCM, relatively prime, existence of GCD Eucledean Algorithm d = gcd (a, b) x, y such that d = a x + b y. gcd(a, b) = gcd(a, b + ka) Modular Arithmetic a b (mod m ) iff | a-b iff a = b + mk for some k (mod ), c d (mod ) a+c ( b+d ) (mod ), ac bd (mod ) gcd(a, n) =1 a has an arithmetic inverse modulo n. Counting, probability, cardinality, … Security Symmetric Key vs. Public Key 4 SKE with Secure Channel Plaintext source Encryption E e (m) = c destination Decryption D d (c) = m c Insecure channel Alice Bob Adversary Key source e m m e Secure channel

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
5 PKE with Insecure Channel Plaintext source Encryption E e (m) = c destination Decryption D d (c) = m c Insecure channel Alice Bob Passive Adversary Key source d m m e Insecure channel 6 Public key should be authentic! Need to authenticate public keys 7 Hash function and MAC A hash function is a function h compression — h maps an input x of arbitrary finite bitlength, to an output h(x) of fixed bitlength n. ease of computation — h(x) is easy to compute for given x and h Properties one-way: for a given y, find x’ such that h(x’) = y collision resistance: find x and x’ such that h(x) = h(x’) MAC (message authentication codes) both authentication and integrity MAC is a family of functions h k ease of computation (if k is known !!) compression, x is of arbitrary length, h k (x) has fixed length computation resistance: given (x’,h k (x’)) it is infeasible to compute a new pair (x, h k (x)) for any new x x’ 8 Message Authentication Code MAC MAC is a family of functions h k ease of computation (if k is known !!) compression, x is of arbitrary length, h k (x) has fixed length computation resistance: given (x’,h k (x’)) it is infeasible to compute a new pair (x, h k (x)) for any new x x’ Typical use A ! B: (x, H = h k (x)) B: verifies if H = h k (x) Properties Without k, no one can generate valid MAC.
This is the end of the preview. Sign up to access the rest of the document.

## This note was uploaded on 10/21/2011 for the course CSCI 5471 taught by Professor Staff during the Spring '08 term at Minnesota.

### Page1 / 13

lec3-4 - Admin Stuff E-mail Modern Cryptography Lecture 3...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document
Ask a homework question - tutors are online