lec4-4 - Admin Stuff E-mail Modern Cryptography Lecture 4...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
Modern Cryptography Lecture 4 Yongdae Kim 2 Admin Stuff E-mail Subject should have [5471] in front, e.g. “[5471] Project proposal” CC TA and PostDoc: [email protected], [email protected] Office hours Me: T 1:30 ~ 2:30, Th 10:00 ~ 11:00 (and by appointment) TA: M 1:15 PM ~ 2:15 PM Work on projects Pre-proposal due: Feb 9 (Passed Deadline) Meeting with groups: This week and next week 2nd assignment is due: 2/16 9:00 AM. Third assignment will be posted early. (Programming) Study Guide “I hear, and I forget. I see, and I remember. I do, and I understand.” Chinese Proverb Come and talk to me and TA as much as possible. (Google chat is good!) Check Calendar 3 Recap Math… Proof techniques Direct/Indirect proof, Proof by contradiction, Proof by cases, Existential/Universal Proof, Forward/backward reasoning Divisibility: a divides b (a|b) if c such that b = ac GCD, LCM, relatively prime, existence of GCD Eucledean Algorithm d = gcd (a, b) x, y such that d = a x + b y. gcd(a, b) = gcd(a, b + ka) Modular Arithmetic a b (mod m ) iff | a-b iff a = b + mk for some k (mod ), c d (mod ) a+c ( b+d ) (mod ), ac bd (mod ) gcd(a, n) =1 a has an arithmetic inverse modulo n. Counting, probability, cardinality, … Security Symmetric Key vs. Public Key, Hash function, MAC, Digital signature, Key management through SKE and PKE, certificate 4 Some History: Caesar Cipher I LOVE YOU K NQXG AQW
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
5 Historical (Primitive) Ciphers Shift (e.g., Caesar): Enc k (x) = x+k mod 26 Affine: Enc k1,k2 (x) = k1 *x + k2 mod 26 Substitution: Enc perm (x) = perm(x) Vernam: one-time pad (OTP) 6 Analysis Kerckhoff’s Principle Shift cipher Average number of trials = 26/2 = 13 :-) Substitution cipher 7 Vernam One-time pad C = P K Vernam offers perfect information-theoretic security, but: How long does the OTP keystream needs to be? Key length = Plaintext length = Ciphertext length How do Alice and Bob exchange the keystream? 8 Average time for exhaustive key search Key Size (bits) Number of Alternative Keys Time required at 10 6 Decr/ µ s 32 2 32 = 4.3 x 10 9 2.15 milliseconds 56 2 56 = 7.2 x 10 16 10 hours 128 2 128 = 3.4 x 10 38 5.4 x 10 18 years 168 2 168 = 3.7 x 10 50 5.9 x 10 30 years
Background image of page 2
9 Block Cipher Definition Modes of operation Strengthening Block Cipher Product/Feistel Cipher DES 10 Block Cipher E: V n × K V n V n = {0,1} n , K = {0, 1} k , n is called block length, k is called key size E(P, K) = C for K K and P, C V n E(P, K) = E K (P) is invertible mapping from V n to V n E K : encryption function D(C, K) = D K (C) is the inverse of E K D k : decryption function P (plaintext) E C (ciphertext) K Key P (plaintext) E K C (ciphertext) 11 Evaluation of Block Cipher Estimated security level: sufficient scrutiny by expert cryptanalysis Key size Throughput Block size Block size impacts both security (larger is desirable) and complexity (larger is more costly to implement).
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 10/21/2011 for the course CSCI 5471 taught by Professor Staff during the Spring '08 term at Minnesota.

Page1 / 15

lec4-4 - Admin Stuff E-mail Modern Cryptography Lecture 4...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online