Professional Documents
Culture Documents
Reading assignment:
Chapter 1 of Katz & Lindell
1
Cryptography
APPLICATIONS
Pseudorandom Zero-Knowledge
Generators Proof Systems
And Functions
3
Basic objectives of cryptography
Protecting data privacy
Data integrity (message authentication): allowing the recipient to
check if a received message has been modified.
Authentication:
Data origin authentication: allowing the recipient to verify the
origin of a received message.
Entity authentication: allowing the entities of a (connection-
oriented) communication to authenticate each other.
Non-repudiation: to prevent the sender from later denying that
he sent the message.
4
Main Characters
Alice
Bob
Peggy (prover)
Vic (verifier)
Eve or Oscar (eavesdropper, opponent)
5
Eve
Bob Alice
6
Encryption and secrecy
Bob Alice
key key’
m E c D m
7
Encryption and secrecy
Encryption key: k
equal or not equal
Decryption key: k
8
Symmetric-key encryption
9
Example: Caesar’s shift cipher
Plaintexts m
English characters
Represented as integers 0-25
Key k: an integer in 1..25
Ek(m) = (m + k) mod 26
Dk(c) = (c − k) mod 26
E3: ohio → rklr D3: rklr → ohio
10
Public-key encryption
11
Public-key Encryption
Bob Alice
public key secret key
m E c D m
12
Example: RSA
Public key: ( n, e)
Secret key: d
Encryption: E (m) m mod n
e
13
Message authentication codes
15
Pseudorandom generators (1)
17
Cryptographic primitives
A cryptographic protocol:
Involves two or more parties
Often combines different primitives
Accomplishes a more sophisticated task,
e.g., electronic election
19
Example cryptographic protocol
23
“Candidate” one-way functions
Integer multiplication:
f ( x, y ) x y where x y
Discrete exponentiation:
f ( x) b x mod n x : integers, 1 x n
Modular powers:
f ( x) x mod n x : integers, 1 x n
b
24
Cryptanalysis
25
Attacks on encryption schemes
26
Different types of attacks
27
Ciphertext-only attacks
Given: a ciphertext c
Q: what is its plaintext m?
An encryption scheme is completely
insecure if it cannot resist ciphertext-only
attacks.
28
Known-plaintext attacks
29
Chosen-plaintext attacks
32
Unconditional security