lec4 - Modern Cryptography Lecture 4 Yongdae Kim Admin...

Info iconThis preview shows pages 1–12. Sign up to view the full content.

View Full Document Right Arrow Icon
Modern Cryptography Lecture 4 Yongdae Kim
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Admin Stuff E-mail Subject should have [5471] in front, e.g. “[5471] Project proposal” CC TA and PostDoc: [email protected], [email protected] Office hours Me: T 1:30 ~ 2:30, Th 10:00 ~ 11:00 (and by appointment) TA: M 1:15 PM ~ 2:15 PM Work on projects Pre-proposal due: Feb 9 (Passed Deadline) Meeting with groups: This week and next week 2nd assignment is due: 2/16 9:00 AM. Third assignment will be posted early. (Programming) Study Guide “I hear, and I forget. I see, and I remember. I do, and I understand.” Chinese Proverb Come and talk to me and TA as much as possible. (Google chat is good!) Check Calendar
Background image of page 2
3 Recap Math… Proof techniques Direct/Indirect proof, Proof by contradiction, Proof by cases, Existential/Universal Proof, Forward/backward reasoning Divisibility: a divides b (a|b) if c such that b = ac GCD, LCM, relatively prime, existence of GCD Eucledean Algorithm d = gcd (a, b) x, y such that d = a x + b y. gcd(a, b) = gcd(a, b + ka) Modular Arithmetic a b (mod m ) iff | a-b iff a = b + mk for some k (mod ), c d (mod ) a+c ( b+d ) (mod ), ac bd (mod ) gcd(a, n) =1 a has an arithmetic inverse modulo n. Counting, probability, cardinality, … Security Symmetric Key vs. Public Key, Hash function, MAC, Digital signature, Key management through SKE and PKE, certificate
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Some History: Caesar Cipher I LOVE YOU K NQXG AQW
Background image of page 4
5 Historical (Primitive) Ciphers Shift (e.g., Caesar): Enc k (x) = x+k mod 26 Affine: Enc k1,k2 (x) = k1 *x + k2 mod 26 Substitution: Enc perm (x) = perm(x) Vernam: one-time pad (OTP)
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Analysis Kerckhoff’s Principle Shift cipher Average number of trials = 26/2 = 13 :-) Substitution cipher
Background image of page 6
7 Vernam One-time pad C = P K Vernam offers perfect information-theoretic security, but: How long does the OTP keystream needs to be? Key length = Plaintext length = Ciphertext length How do Alice and Bob exchange the keystream?
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 Average time for exhaustive key search Key Size (bits) Number of Alternative Keys Time required at 10 6 Decr/ µ s 32 2 32 = 4.3 x 10 9 2.15 milliseconds 56 2 56 = 7.2 x 10 16 10 hours 128 2 128 = 3.4 x 10 38 5.4 x 10 18 years 168 2 168 = 3.7 x 10 50 5.9 x 10 30 years
Background image of page 8
9 Block Cipher Definition Modes of operation Strengthening Block Cipher Product/Feistel Cipher DES
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
10 Block Cipher E: V n × K V n V n = {0,1} n , K = {0, 1} k , n is called block length, k is called key size E(P, K) = C for K K and P, C V n E(P, K) = E K (P) is invertible mapping from V n to V n E K : encryption function D(C, K) = D K (C) is the inverse of E K D k : decryption function P (plaintext) E C (ciphertext) K Key P (plaintext) E K C (ciphertext)
Background image of page 10
11 Evaluation of Block Cipher Estimated security level: sufficient scrutiny by expert cryptanalysis Key size Throughput Block size Block size impacts both security (larger is desirable) and complexity (larger is more costly to implement).
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 12
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 59

lec4 - Modern Cryptography Lecture 4 Yongdae Kim Admin...

This preview shows document pages 1 - 12. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online