Modern
Cryptography
Lecture 7
Yongdae Kim
2
Admin Stuff
Email
Subject should have [5471] in front, e.g. “[5471] Project proposal”
CC TA and PostDoc: [email protected], [email protected]
Office hours
Me: T 1:30 ~ 2:30, Th 10:00 ~ 11:00 (and by appointment)
TA: M 1:15 PM ~ 2:15 PM
Work on projects
Interim Report due: Mar 30 (Firm Deadline: Read instruction)
4th assignment is due: 3/23 9:00 AM.
Study Guide
Come and talk to me and TA as much as possible. (Google chat is
good!)
Check Calendar
3
Recap
Math…
Proof techniques
Direct/Indirect proof, Proof by contradiction, Proof by cases, Existential/Universal
Proof, Forward/backward reasoning
Divisibility: a
divides
b (ab) if
∃
c such that b = ac
GCD, LCM, relatively prime, existence of GCD
Eucledean Algorithm
d = gcd (a, b)
⇒
∃
x, y such that d = a x + b y.
gcd(a, b) = gcd(a, b + ka)
Modular Arithmetic
a
㲇
b
(mod
m
) iff
m

ab
iff
a = b + mk
for some k
a
㲇
b
(mod
m
),
c
㲇
d
(mod
m
)
a+c
㲇
(
b+d
) (mod
m
),
ac
㲇
bd
(mod
m
)
gcd(a, n) =1
a has an arithmetic inverse modulo n.
Counting, probability, cardinality, …
4
Recap (cnt)
Security
Symmetric Key vs. Public Key, Hash function, MAC, Digital signature,
Key management through SKE and PKE, certificate
Block Cipher
Modes of operation and their properties: ECB, OFB, CFB, CBC, CTR
Meetinthemiddle attack and the Double (triple) DES
Feistal Cipher and DES
Hash function and MAC
Probability and Birthday paradox
MerkleDamgard Construction
MD4: design and break
MAC
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
5
Z
n,
Z
n
*
The integers modulo n denoted by
Z
n
is the set of
integers 0,1,2...n1.
Z
12
={0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11}
a
≡
b (mod n) if n  a  b
Let a
∈
Z
n
, the
multiplicative inverse
of a is an
integer x
∈
Z
n
, s.t. ax
≡
1 (mod n)
5 x
´
1 (mod 12)
x
´
5 (mod 12)
5 x
´
1 (mod 14)
x
´
11 (mod 14)
a is invertible iff gcd(a,n) = 1
Z
n
*
={ a
∈
Z
n
 gcd(a,n)=1}
Z
12
*
={1, 5, 7, 11}, Z
14
*
={1, 3, 5, 9, 11, 13}
If n is a prime then Z
n
*
={ a
∈
Z
n
 1
≤
a
≤
n1}
6
CRT
Given r integers which are
pairwise relatively prime
,
m
1
, m
2
,…, m
r
, then
x
≡
b
1
(mod m
1
)
x
≡
b
2
(mod m
2
)
x
≡
b
3
(mod m
3
)
….
x
≡
b
r
(mod m
r
)
has the unique solution :
x = y
1
b
1
M
1
+ … + y
r
b
r
M
r
mod M
where M =
Π
m
i
, M
i
= M/m
i
, y
i
M
i
≡
1 (mod m
i
).
This is the end of the preview.
Sign up
to
access the rest of the document.
 Spring '08
 Staff
 Cryptography, Prime number

Click to edit the document details