This preview shows pages 1–4. Sign up to view the full content.
Modern
Cryptography
Lecture 4
Yongdae Kim
2
Admin Stuff
Email
Subject should have [5471] in front, e.g. “[5471] Project proposal”
CC TA and PostDoc: [email protected], [email protected]
Office hours
Me: T 1:30 ~ 2:30, Th 10:00 ~ 11:00 (and by appointment)
TA: M 1:15 PM ~ 2:15 PM
Work on projects
Preproposal due: Feb 9 (Passed Deadline)
Meeting with groups: This week and next week
2nd assignment is due: 2/16 9:00 AM.
Third assignment will be posted early. (Programming)
Study Guide
“I hear, and I forget.
I see, and I remember.
I do, and I understand.”
Chinese Proverb
Come and talk to me and TA as much as possible. (Google chat is good!)
Check Calendar
3
Recap
Math…
Proof techniques
Direct/Indirect proof, Proof by contradiction, Proof by cases, Existential/Universal
Proof, Forward/backward reasoning
Divisibility: a
divides
b (ab) if
∃
c such that b = ac
GCD, LCM, relatively prime, existence of GCD
Eucledean Algorithm
d = gcd (a, b)
⇒
∃
x, y such that d = a x + b y.
gcd(a, b) = gcd(a, b + ka)
Modular Arithmetic
a
㲇
b
(mod
m
) iff

ab
iff
a = b + mk
for some k
㲇
(mod
),
c
㲇
d
(mod
)
a+c
㲇
(
b+d
) (mod
),
ac
bd
(mod
)
gcd(a, n) =1
a has an arithmetic inverse modulo n.
Counting, probability, cardinality, …
Security
Symmetric Key vs. Public Key, Hash function, MAC, Digital signature, Key
management through SKE and PKE, certificate
4
Some History: Caesar Cipher
I
LOVE
YOU
K
NQXG
AQW
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document 5
Historical (Primitive) Ciphers
Shift (e.g., Caesar):
Enc
k
(x) = x+k mod 26
Affine:
Enc
k1,k2
(x) = k1 *x + k2 mod 26
Substitution:
Enc
perm
(x) = perm(x)
Vernam: onetime pad (OTP)
6
Analysis
Kerckhoff’s Principle
Shift cipher
Average number of trials = 26/2 = 13 :)
Substitution cipher
7
Vernam Onetime pad
C = P
⊕
K
Vernam offers perfect informationtheoretic
security,
but:
How long does the OTP keystream needs to be?
Key length = Plaintext length = Ciphertext length
How do Alice and Bob exchange the keystream?
8
Average time for exhaustive key search
Key Size (bits)
Number of
Alternative Keys
Time required at 10
6
Decr/
µ
s
32
2
32
= 4.3 x 10
9
2.15 milliseconds
56
2
56
= 7.2 x 10
16
10 hours
128
2
128
= 3.4 x 10
38
5.4 x 10
18
years
168
2
168
= 3.7 x 10
50
5.9 x 10
30
years
9
Block Cipher
Definition
Modes of operation
Strengthening Block Cipher
Product/Feistel Cipher
DES
10
Block Cipher
E: V
n
×
K
→
V
n
V
n
= {0,1}
n
, K
=
{0, 1}
k
, n is called block length, k is called key size
E(P, K) = C for K
∈
K and P, C
∈
V
n
E(P, K) = E
K
(P) is invertible mapping from V
n
to V
n
E
K
: encryption function
D(C, K) = D
K
(C) is the inverse of E
K
D
k
: decryption function
P (plaintext)
E
C (ciphertext)
K
Key
P (plaintext)
E
K
C (ciphertext)
11
Evaluation of Block Cipher
Estimated security level: sufficient scrutiny by expert
cryptanalysis
Key size
Throughput
Block size
Block size impacts both security (larger is desirable) and complexity
(larger is more costly to implement).
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
This is the end of the preview. Sign up
to
access the rest of the document.
This note was uploaded on 10/21/2011 for the course CSCI 5471 taught by Professor Staff during the Spring '08 term at Minnesota.
 Spring '08
 Staff

Click to edit the document details