Classical cryptosystems
Rohit Chadha
Chadha
Cryptography
Condentiality
Two parties, Alice and Bob, wish to send secret messages to
each other
Chadha
Cryptography
Condentiality
Two parties, Alice and Bob, wish to send secret messages to
each other
Alice an
Some Number Theory
Rohit Chadha
Chadha
Cryptography
Modulus
For every integer a and a positive integer N , there exist unique
numbers q and r s.t.
a = qN + r
0r <N
We write r = a mod N
1
100 mod 6 =
2
18 mod 6 =
3
3 mod 6 =
Chadha
Cryptography
Modulus
For
Analysis of cryptographic protocols
R. Chadha
Chadha
Cryptographic protocols
Cryptographic Protocol
A cryptographic protocol is a distributed program which allows two
or more participants communicating over a network to achieve a
security goal and which u
RSA
Rohit Chadha
Chadha
Cryptography
Textbook RSA
GEN: Find two random n-digit primes number p , q and let
N = pq . Find random numbers e , d Z (N ) s.t e .d = 1
mod (N ). The public key is (N , e ) and secret key is (N , d ).
enc: The encryption of x Z i
Some Number Theory
Rohit Chadha
Chadha
Cryptography
1 / 10
Modulus
For every integer a and a positive integer N, there exist unique numbers q
and r s.t.
a = qN + r
0r <N
We write r = a mod N
1
100 mod 6 =
2
18 mod 6 =
3
3 mod 6 =
Chadha
Cryptography
2 / 1
Block Ciphers
Rohit Chadha
Chadha
Cryptography
1 / 34
Recap: stream ciphers
Advantages
Stream ciphers provide protection against COA attacks
Efficient in practice
Disadvantages
Keys cannot be re-used
I
I
Synchronized mode can be used to encrypt multiple t
Stream Ciphers
Rohit Chadha
Chadha
Cryptography
Recap
One-time pad is perfectly secure
Not practical since the key-length has to be as large as the
plaintext
Practical versions of one-time pad are called stream ciphers
which we study next
From now on, our
Chapter 1
Introduction to Probability
1.4
Set Theory
Solutions to Exercises
6. (a) Blue card numbered 2 or 4.
(b) Blue card numbered 5, 6, 7, 8, 9, or 10.
(c) Any blue card or a red card numbered 1, 2, 3, 4, 6, 8, or 10.
(d) Blue card numbered 2, 4, 6, 8,
Homework 3
1. Suppose that (G, enc, dec) is a public-key encryption scheme such that
enc is a deterministic, i.e, non-probabilistic, algorithm. Suppose that this
scheme is used to encrypt a message m that is known to lie in a given
small set of L possible
Homework 2
1. Write a program that given an English text and a Vign`re key (m, t)
e
computes the corresponding ciphertext.
2. Give and implement an algorithm that decrypts a ciphertext encrypted
with a Vign`re key, given the second component t of Vign`re
Stream Ciphers
Rohit Chadha
Chadha
Cryptography
Recap
One-time pad is perfectly secure
Not practical since the key-length has to be as large as the
plaintext
Practical versions of one-time pad are called stream ciphers
which we study next
From now on, our
Block Ciphers
Rohit Chadha
Chadha
Cryptography
Recap: stream ciphers
Advantages
Stream ciphers provide protection against COA attacks
Ecient in practice
Disadvantages
Keys cannot be re-used
Synchronized mode can be used to encrypt multiple times.
Then one
Integrity: Message authentication codes (MACs)
Rohit Chadha
Chadha
Cryptography
What is Integrity?
Integrity
No authorized party can alter the data
So far, we have only considered condentiality
Integrity is independent of condentiality
For now, we will no
Authenticated encryption
Rohit Chadha
Chadha
Cryptography
Recap
Condentiality
Only authorized party can access the data
Block ciphers achieve CPA security in CTR mode, CBC mode
Integrity
No authorized party can alter the data
CBC-MAC, HMAC
Chadha
Cryptogr
Key Exchange
Rohit Chadha
Chadha
Cryptography
How do Alice and Bob share secret keys
Block ciphers, Macs, authenticated encryption all need Alice
and Bob to share secrets
Chadha
Cryptography
How do Alice and Bob share secret keys
Block ciphers, Macs, auth
Digital signatures
Rohit Chadha
Chadha
Cryptography
Digital signatures
A public key digital signature scheme consists of three algorithms:
GEN: A probabilistic algorithm that outputs two keys pk , sk .
sig:
Takes as inputs m and a secret key sk .
Outputs
Dierential Privacy
Cynthia Dwork
Microsoft Research dwork@microsoft.com
Abstract. In 1977 Dalenius articulated a desideratum for statistical databases: nothing about an individual should be learnable from the database that cannot be learned without access
Homework 1
1. (Stinson Exercise 1.5) The probabilities (or frequencies) of the 26 letters
of the English alphabet in English text RE as follows.
Letter
Prob.
Letter
Prob.
Letter
Prob.
A
.082
J
.002
S
.063
B
.015
K
.008
T
.091
C
.028
L
.040
U
.028
D
.043
M
Elementary probability theory
Rohit Chadha
Chadha
Cryptography
1/7
Random variable
A discrete random variable X consists of
A finite set X , and
A function PrX that maps each element x of X to a real number such
that
1
2
0
P PrX (x) 1 and
xX PrX (x) = 1.