Hashing, One-Time Signatures, and MACs
c Eli Biham - August 18, 2010
157
Hashing, One-Time Signatures, and MACs (6)
Digital Signatures
A signature ( ) is
Writing the name of a person, in his own hands, as a conrmation. Commitment. Distinguish between Ide
Appendix - The Dierence Distribution Tables
c Eli Biham - August 18, 2010
687
Appendix - The Dierence Distribution Tables (23)
The Dierence Distribution Table of S1
Input XOR 0x 1x 2x 3x 4x 5x 6x 7x 8x 9x Ax Bx Cx Dx Ex Fx 10x 11x 12x 13x 14x 15x 16x 17x
Side-Channel Attacks
See: D. Boneh, R.A. Demillo, and R.J. Lipton, On the Importance of Checking Cryptographic Computations for Errors, EUROCRYPT97. P. Kocher, Timing Attacks on Implementations of Die-Hellman, RSA, DSS, and Other Systems, CRYPTO96.
c Eli
Proposal for Translating Cryptology Terms to Hebrew
Yossi Markovitz initiated this list. Ron Irmai, Shraga Irmai, Adi Shamir, Moti Yung, Orr Dunkelman and Roni Roth contributed various terms and had various suggestions that improved this list. Some transl
Cryptology (236506) Prof. Eli Biham
Computer Science Department Technion, Haifa 32000, Israel August 18, 2010 c Eli Biham
Use and distribution (without modication) of this material are allowed as long as the copyright notices and this permission are main
Shannons Theory of Secrecy Systems
See: C. E. Shannon, Communication Theory of Secrecy Systems, Bell Systems Technical Journal, Vol. 28, pp. 656715, 1948.
c Eli Biham - August 18, 2010 53 Shannons Theory of Secrecy Systems (2)
Notation
Given a cryptosyste
Classic Cryptography Tutorial
c Eli Biham - August 18, 2010
67
Classic Cryptography Tutorial (3)
Ciphertext-Only Attack on Substitution Cipher
Monoalphabetic substitution ciphers cannot protect against known plaintext and chosen plaintext attacks. Therefo
Block Ciphers
c Eli Biham - August 18, 2010
82
Block Ciphers (4)
Block Ciphers and Stream Ciphers
In practical ciphers the plaintext M is divided into xed-length blocks M = M1M2 . . . MN . Then, each block Mi is encrypted to the ciphertext block Ci = EK (
Block Ciphers Tutorial
c Eli Biham - August 18, 2010
145
Block Ciphers Tutorial (5)
A Known Plaintext Attack on 1-Round DES
After removing the permutations IP and FP we get:
32 L 32 R 48 32 K=?
F
L 32
R 32
c Eli Biham - August 18, 2010
146
Block Ciphers T
TYPES OF MARKET
MARKET DEFINITION:
A market is a group consumers that
exhibit a unique set of needs and
expectations.
There are two main markets that will be
discussed
CONSUMER MARKET
Can be further broken down into the following
A. Fast moving consumer
Tutorial on Dierential Cryptanalysis
c Eli Biham - August 18, 2010
670
Tutorial on Dierential Cryptanalysis (22)
An Example of a 0R-Attack on 5-Round DES
We use a 5-round characteristic with probability p =
P = 40 5C 00 00 04 00 00 00x
1 : 10485.76
A = 40
Dierential Cryptanalysis
See: Biham and Shamir, Dierential Cryptanalysis of the Data Encryption Standard, Springer Verlag, 1993.
c Eli Biham - August 18, 2010 607 Dierential Cryptanalysis (21)
Dierential Cryptanalysis
The rst method which reduced the comp
Public Key Cryptography
c Eli Biham - August 18, 2010
199
Public Key Cryptography (7)
Key Exchange
All the ciphers mentioned previously require keys known a-priori to all the users, before they can encrypt and decrypt. To communicate securely, they need t
Merkles Puzzles
See: Merkle, Secrecy, Authentication, and Public Key Systems, UMI Research press, 1982 Merkle, Secure Communications Over Insecure Channels, CACM, Vol. 21, No. 4, pp. 294-299, April 1978
c Eli Biham - August 18, 2010 206 Merkles Puzzles (8
Public Key Cryptography 1
See: Die and Hellman, New Directions in Cryptography, IEEE Transactions on Information Theory, Vol. IT-22, No. 6, Nov. 1976.
c Eli Biham - August 18, 2010 220 Public Key Cryptography 1 (9)
Trapdoor Problems
Basing the solution on
Introduction to Number Theory 1
c Eli Biham - August 18, 2010
238
Introduction to Number Theory 1 (10)
Division
Denition: Let a and b be integers. We say that a divides b, or a|b if d s.t. b = ad. If b = 0 then |a| |b|. Division Theorem: For any integer a
Public Key Cryptography 2
c Eli Biham - August 18, 2010
292
Public Key Cryptography 2 (11)
Public Key Cryptography
c Eli Biham - August 18, 2010
293
Public Key Cryptography 2 (11)
RSA
Reference: Rivest, Shamir, Adleman, A Method for Obtaining Digital Sign
Introduction to Number Theory 2
c Eli Biham - August 18, 2010
346
Introduction to Number Theory 2 (12)
Quadratic Residues
Denition: The numbers 02, 12, 22, . . . , (n 1)2 mod n, are called quadratic residues modulo n. Numbers which are not quadratic resid
Public Key Cryptography in Practice
c Eli Biham - August 18, 2010
370
Public Key Cryptography in Practice (13)
How Cryptography is Used in Applications
The main drawback of public key cryptography is the inherent slow speed of the public key schemes. Ther
Tutorial on Public Key Cryptography RSA
c Eli Biham - August 18, 2010
384
Tutorial on Public Key Cryptography RSA (14)
RSA the Key Generation Example
1. Randomly choose two prime numbers p and q . We choose p = 11 and q = 13. 2. Compute n = pq . We comput
Mutual Commitments
c Eli Biham - August 18, 2010
440
Mutual Commitments (16)
Example - Coin Toss
Coin Toss: Alice and Bob want to toss a coin. Easy to do when they are in the same room. How can they toss a coin over the phone? Solution: Alice tosses a coi
Contract Signing
c Eli Biham - August 18, 2010
471
Contract Signing (17)
Contract Signing
Contract signing protocols enable two parties, Alice and Bob, to sign a binding contract. It is required that after the execution of the protocol: Alice will be able
Zero Knowledge Protocols
c Eli Biham - December 27, 2010
529
Zero Knowledge Protocols (19)
A Mathematical Proof
When referring to a proof in logic we usually mean: 1. A sequence of statements. 2. Based on axioms. 3. Each statement is derived via the deriv
Secret Sharing
See: Shamir, How to Share a Secret, CACM, Vol. 22, No. 11, November 1979, pp. 612613
c Eli Biham - August 18, 2010 584 Secret Sharing (20)
How to Keep a Secret Key Securely
Information can be secured by encryption under a secret key. The ci
BASICS OF ROUTE
DISTRIBUTION
For TIPQC LM 003 Students
Route Distribution
If you are assigned to
distribute your companies
products in a new territory,
what are the steps you will
take to do it?
Success in Distribution rests upon the
organization of 2 ess