lec12-4 - Modern Cryptography Lecture 12 Yongdae Kim 2...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Modern Cryptography Lecture 12 Yongdae Kim 2 Admin Stuff E-mail Subject should have [5471] in front, e.g. [5471] Project proposal CC TA and PostDoc: hkang@cs.umn.edu, aaram@cs.umn.edu Office hours Me: T 1:00 ~ 2:00 , Th 10:00 ~ 11:00 (and by appointment) TA: M 1:15 PM ~ 2:15 PM Work on projects Final Report due: May 6 (Firm Deadline: NO EXTENSION ) 6th assignment is due: 4/20 9:00 AM. Study Guide Come and talk to me and TA as much as possible. (Google chat is good!) Check Calendar 3 Recap Math Proof techniques Direct/Indirect proof, Proof by contradiction, Proof by cases, Existential/Universal Proof, Forward/backward reasoning Divisibility: a divides b (a|b) if c such that b = ac GCD, LCM, relatively prime, existence of GCD Eucledean Algorithm d = gcd (a, b) x, y such that d = a x + b y. gcd(a, b) = gcd(a, b + ka) Modular Arithmetic a b (mod m ) iff m | a-b iff a = b + mk for some k a b (mod m ), c d (mod m ) a+c ( b+d ) (mod m ), ac bd (mod m ) gcd(a, n) =1 a has an arithmetic inverse modulo n. Counting, probability, cardinality, Security Symmetric Key vs. Public Key, Hash function, MAC, Digital signature, Key management through SKE and PKE, certificate 4 Recap (cnt) Block Cipher Modes of operation and their properties: ECB, OFB, CFB, CBC, CTR Meet-in-the-middle attack and the Double (triple) DES Feistal Cipher and DES Hash function and MAC Probability and Birthday paradox Merkle-Damgard Construction, MD4: design and break MAC Advanced number theory CRT Euler theorem: If a Z n * , then a (n) =1 (mod n) Cor: if r s mod (n) and (a, n)=1, then a r a s (mod n) 5 Recap (cnt) Generator If ord n (a) = (n) then a is a generator of Z n *. a is a generator iff a (n)/p 1 mod n for all p | (n). Let a Z m * and ord(a) = h. Then ord(a k ) = h/gcd(h, k). RSA Encryption n = pq , ( n ) = ( p-1)( q-1), gcd( ( n ), e ) = 1, ed 1 mod ( n ) As public key is (n, e ); As private key is d Encryption: compute c = m e mod n Decryption: m = c d mod n Group Theory (G, ) is a group if it satisfies closedness, associativity, and has identity and every element has an inverse. (G, ) is cyclic if group generator. DLP: Given p , a generator g of Z p * , and an element y Z p * , find the integer x such that g x = y mod p . 6 Recap (cnt) Diffie-Hellman: Z p * = {1, 2, , p 1}, g generator A B : N A = g n1 mod p, B A : N B = g n2 mod p A : N B n1 = g n1n2 mod p, B : N A n2 = g n1n2 mod p Efficient and Secure Construction Z p * = {1, 2, , p 1}, g generator p = k q + 1 (|p|= 1024, |q|= 160), g = g k , ord p (g) = q G = <g> With Pollards rho: O(sqrt(q)) With Index calculus: Lp[1/3, c] ElGamal: prime...
View Full Document

Page1 / 9

lec12-4 - Modern Cryptography Lecture 12 Yongdae Kim 2...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online