Applied Cryptography and Computer Security
Instructor: Sheng Zhong
1
What is the purpose of this course?
Our purpose is studying cryptography in a rigorous manner, with emphasis on careful design and analysis of secure systems using existing building blo
Entity Authentication
Sheng Zhong
1
Password Authentication
Oldest(?) way to authenticate an entity. Each user has a password.
Host keeps a list of (user id, password).
When a user needs to login, he sends the host his password.
Host checks password b
Zero-Knowledge Proofs
Sheng Zhong
1
Graph Isomorphism
Suppose G1 and G2 are two graphs known to both you and me. Furthermore, I know they are isomorphic.
But you dont know and cant figure it out.
How can I prove to you that they are isomorphic?
We nee
Cryptographic Protocols
Sheng Zhong
1
Outline
Bit Commitment Secret Sharing Oblivious Transfer Secure Computation
Definitions Completeness Theorems
2
Bit Commitment (1)
Suppose Alice and Bob want to flip a coin to decide something.
However, they are n
Digital Signature
Sheng Zhong
Digital Signature (1)
Public-key-based technique for data integrity. A digital signature scheme is a tuple (PK, SK, M, S, KG, Sign, Verify).
PK: Public key space (the set of all possible keys). SK: Private key space. M: Mes
Applied Cryptography and Computer
Security
CSE 664 Spring 2017
Lecture 5: Symmetric Encryption II
Department of Computer Science and Engineering
University at Buffalo
1
Symmetric
Symmetric Encryption
Encryption
Recall types of attacks against an encrypti
Applied Cryptography and Computer
Security
CSE 664 Spring 2017
Lecture 1: Basic Definitions and Concepts
Department of Computer Science and Engineering
University at Buffalo
1
What
What Background
Background is
is Expected?
Expected?
Mathematical maturit
Applied Cryptography and Computer
Security
CSE 664 Spring 2017
Lecture 4: Symmetric Encryption
Department of Computer Science and Engineering
University at Buffalo
1
High-Level
High-Level View
View
Previously we talked about:
unconstrained adversary
ac
Applied Cryptography and Computer
Security
CSE 664 Spring 2017
Lecture 3: Perfect Secrecy, Entropy
Department of Computer Science and Engineering
University at Buffalo
1
Lecture
Lecture Outline
Outline
Last lecture:
classical ciphers
This lecture:
ele
Message Authentication
Sheng Zhong
Target
When we receive a message, we want to make sure:
It is sent by the supposed sender. Nobody has tampered with it.
This can be done:
Using private key techniques, or Using public key techniques.
2
General Framew
Homework 2
Due in Class on Feb 28
1 Another Property of Eulers Totient Function
Show that, for any n,
d|n (d)
= n.
2 Modular Inverse
Calculate the inverse of 256 with respect to modulus 625.
3 Using RSA as Block Cipher
Recall that the only difference betw
Homework 1
(Due in Class, Feb 14 Thursday) 1. Design a good chaining mode. Describe your encryption and decryption algorithms in detail. 2. Consider CFB mode with n=64 and s=8. If a bit error occurs in the transmission of a ciphertext block, how far does
Homework 3
Due in Class Thursday, March 27
1
Number of Quadratic Residues
Consider N = n=1 pi , where each pi is a prime and for i = j , pi = pj . How i many qudratic residues are there in ZN ? Why?
2
Non-Blum Integer as Modulus
Can we use a modulus that
Applied Cryptography and Computer Security
Instructor: Sheng Zhong
1
What is the purpose of this course?
Our purpose is studying cryptography in a rigorous manner, with emphasis on careful design and analysis of secure systems using existing building blo
Wrestling between Safeguard and Attack
- An example for security flaws
1
It is so easy to be flawed in cryptography!
Cryptographic algorithms, protocols, and Systems usually contain security flaws.
How can we deal with flaws? Fix them. But the fixed ver
Public Key Cryptosystem
Sheng Zhong
1
Recall Definition
A public key cryptosystem is (M, C, K, G, E, D):
M: cleartext message space C: ciphertext space K: key space G: generate encryption/decryption key pair from key length E: encrypt cleartext given en
Probabilistic Encryption
Sheng Zhong
1
Need for Randomness
Recall all the cryptosystems we described are not semantically secure.
Because they are all deterministic. If we want stronger security guarantee, we need to add randomness to cryptosystem. Thus
Applied Cryptography and Data Security
CSE 664 Spring 2017
Lecture 2: Classical Ciphers
Department of Computer Science and Engineering
University at Buffalo
1
Lecture
Lecture Outline
Outline
What did we cover last time?
What is ahead?
Spring 2017
CSE 66