a high level overview of cryptography
play

A High-Level Overview of Cryptography Daniel Bosk School of - PowerPoint PPT Presentation

May 03, 2023 •131 likes •1.58k views

Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References A High-Level Overview of Cryptography Daniel Bosk School of Computer Science and Communication, KTH Royal Institute of Technology,

  1. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Ciphers Idea Alice and Bob share a (small) common secret. Alice takes a message, combines it with the secret, sends it to Bob. If Eve captures the whatever Alice sent, she shouldn’t learn anything about the message. Bob combines what he received with the secret and gets the message. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 9

  2. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Ciphers Idea Alice and Bob share a (small) common secret. Alice takes a message, combines it with the secret, sends it to Bob. If Eve captures the whatever Alice sent, she shouldn’t learn anything about the message. Bob combines what he received with the secret and gets the message. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 9

  3. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Ciphers Block-cipher encryption Input A fixed-sized key k , a fixed-sized block of plaintext p . Output A fixed-sized block of ciphertext c . Notation Enc k ( p ) = c Block-cipher decryption Input A fixed-sized key k , a fixed-sized block of ciphertext c . Output A fixed-sized block of plaintext p . Notation Dec k ( c ) = p Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 10

  4. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Ciphers Block-cipher encryption Input A fixed-sized key k , a fixed-sized block of plaintext p . Output A fixed-sized block of ciphertext c . Notation Enc k ( p ) = c Block-cipher decryption Input A fixed-sized key k , a fixed-sized block of ciphertext c . Output A fixed-sized block of plaintext p . Notation Dec k ( c ) = p Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 10

  5. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Ciphers Definition (Crypto system 5 ) A crypto system is a tuple ( M , C , K , E , D ) , where: M is a finite set of plaintexts or messages, C is a finite set of ciphertexts , K is the keyspace , a finite set of keys. E and D are the sets of encryption and decryption rules, respectively. For every k ∈ K there is a Enc k ∈ E and Dec k ∈ D such that Enc k : M → C and Dec k : C → M are functions and Dec k ( Enc k ( m )) = m for all plaintexts m ∈ M . 5 Douglas R. Stinson. Cryptography: Theory and Practice . 3rd ed. Boca Raton: Chapman & Hall/CRC, 2006. ISBN: 1-58488-508-4 (Hardcover). Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 11

  6. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Ciphers Definition (Crypto system 5 ) A crypto system is a tuple ( M , C , K , E , D ) , where: M is a finite set of plaintexts or messages, C is a finite set of ciphertexts , K is the keyspace , a finite set of keys. E and D are the sets of encryption and decryption rules, respectively. For every k ∈ K there is a Enc k ∈ E and Dec k ∈ D such that Enc k : M → C and Dec k : C → M are functions and Dec k ( Enc k ( m )) = m for all plaintexts m ∈ M . 5 Douglas R. Stinson. Cryptography: Theory and Practice . 3rd ed. Boca Raton: Chapman & Hall/CRC, 2006. ISBN: 1-58488-508-4 (Hardcover). Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 11

  7. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Ciphers Definition (Shift Cipher) Let M = C = K = Z 29 For each k ∈ K we define Enc k ( m ) = ( m + k ) mod 29 , m ∈ M , och Dec k ( c ) = ( c − k ) mod 29 , c ∈ C . Example Enc 3 ( 7 ) = 7 + 3 mod 29 = 10 h → J Enc 3 ( 4 ) = 4 + 3 mod 29 = 7 e → G Enc 3 ( 9 ) = 9 + 3 mod 29 = 12 j → L Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 12

  8. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Ciphers Definition (Shift Cipher) Let M = C = K = Z 29 For each k ∈ K we define Enc k ( m ) = ( m + k ) mod 29 , m ∈ M , och Dec k ( c ) = ( c − k ) mod 29 , c ∈ C . Example Enc 3 ( 7 ) = 7 + 3 mod 29 = 10 h → J Enc 3 ( 4 ) = 4 + 3 mod 29 = 7 e → G Enc 3 ( 9 ) = 9 + 3 mod 29 = 12 j → L Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 12

  9. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Ciphers Note The shift cipher is a classical cipher — also know as the Caesar Cipher. It’s easily broken by hand ! It’s used here for illustrative purposes. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 13

  10. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Ciphers Exercise What do we have to do to set this up between two parties, say Alice and Bob? What problems do we have to solve? Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 14

  11. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Security Definition (Perfect secrecy 6 ) Cryptosystem ( M , C , K , E , D ) . Stochastic variables M , C . Perfect secrecy if and only if Pr( M = m | C = c ) = Pr( M = m ) for all m ∈ M and c ∈ C . Note Equivalent to H ( M | C ) = H ( M ) , i.e. ciphertext does not reveal anything about plaintext. 6 Claude E Shannon. ‘Communication theory of secrecy systems’. In: Bell system technical journal 28.4 (1949), pp. 656–715. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 15

  12. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Security Definition (Perfect secrecy 6 ) Cryptosystem ( M , C , K , E , D ) . Stochastic variables M , C . Perfect secrecy if and only if Pr( M = m | C = c ) = Pr( M = m ) for all m ∈ M and c ∈ C . Note Equivalent to H ( M | C ) = H ( M ) , i.e. ciphertext does not reveal anything about plaintext. 6 Claude E Shannon. ‘Communication theory of secrecy systems’. In: Bell system technical journal 28.4 (1949), pp. 656–715. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 15

  13. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Security Theorem (Shannon’s theorem) Assume cryptosystem ( M , C , K , E , D ) such that | K | = | C | = | M | . This provides perfect secrecy if and only if 1 every key k ∈ K is used with equal probability 1 / | K | , 2 for every plaintext m ∈ M and c ∈ C there is a unique key such that Enc k ( m ) = c . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 16

  14. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Security Theorem (Shannon’s theorem) Assume cryptosystem ( M , C , K , E , D ) such that | K | = | C | = | M | . This provides perfect secrecy if and only if 1 every key k ∈ K is used with equal probability 1 / | K | , 2 for every plaintext m ∈ M and c ∈ C there is a unique key such that Enc k ( m ) = c . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 16

  15. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Security Example (One-time Pad) Let n be a positive integer. Let M = C = K = ( Z 2 ) n . For each key k = ( k 1 , . . . , k n ) ∈ K , plaintexts m = ( m 1 , . . . , m n ) ∈ M and ciphertexts c = ( c 1 , . . . , c n ) ∈ C we define Enc k ( m ) = ( m 1 + k 1 , . . . , m n + k n ) We also define Dec = Enc. k ∈ K must be chosen uniformly randomly for each encryption. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 17

  16. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Security Example (One-time Pad) Let n be a positive integer. Let M = C = K = ( Z 2 ) n . For each key k = ( k 1 , . . . , k n ) ∈ K , plaintexts m = ( m 1 , . . . , m n ) ∈ M and ciphertexts c = ( c 1 , . . . , c n ) ∈ C we define Enc k ( m ) = ( m 1 + k 1 , . . . , m n + k n ) We also define Dec = Enc. k ∈ K must be chosen uniformly randomly for each encryption. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 17

  17. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Security Example (One-time Pad) Let n be a positive integer. Let M = C = K = ( Z 2 ) n . For each key k = ( k 1 , . . . , k n ) ∈ K , plaintexts m = ( m 1 , . . . , m n ) ∈ M and ciphertexts c = ( c 1 , . . . , c n ) ∈ C we define Enc k ( m ) = ( m 1 + k 1 , . . . , m n + k n ) We also define Dec = Enc. k ∈ K must be chosen uniformly randomly for each encryption. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 17

  18. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Security Example (One-time Pad) Let n be a positive integer. Let M = C = K = ( Z 2 ) n . For each key k = ( k 1 , . . . , k n ) ∈ K , plaintexts m = ( m 1 , . . . , m n ) ∈ M and ciphertexts c = ( c 1 , . . . , c n ) ∈ C we define Enc k ( m ) = ( m 1 + k 1 , . . . , m n + k n ) We also define Dec = Enc. k ∈ K must be chosen uniformly randomly for each encryption. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 17

  19. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Security Definition (Pseudo-random permutation, PRP 7 ) Let F : { 0 , 1 } s × { 0 , 1 } n → { 0 , 1 } n . F is a PRP if 1 for any k ∈ { 0 , 1 } s , F is a bijection; 2 for any k ∈ { 0 , 1 } s , we can ‘efficiently’ evaluate F k ( x ) ; 3 for all ‘efficient’ distinguishers D , � < ǫ ( s ) � � Pr[ D F k ( 1 n ) = 1 ] − Pr[ D f n ( 1 n ) = 1 ] � if we choose k ∈ { 0 , 1 } s and the random permutation f n uniformly at random. 7 Jonathan Katz and Yehuda Lindell. Introduction to modern cryptography . 1st ed. Boca Raton: Chapman & Hall/CRC, 2008. ISBN: 9781584885511. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 18

  20. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Security Definition (Pseudo-random permutation, PRP 7 ) Let F : { 0 , 1 } s × { 0 , 1 } n → { 0 , 1 } n . F is a PRP if 1 for any k ∈ { 0 , 1 } s , F is a bijection; 2 for any k ∈ { 0 , 1 } s , we can ‘efficiently’ evaluate F k ( x ) ; 3 for all ‘efficient’ distinguishers D , � < ǫ ( s ) � � Pr[ D F k ( 1 n ) = 1 ] − Pr[ D f n ( 1 n ) = 1 ] � if we choose k ∈ { 0 , 1 } s and the random permutation f n uniformly at random. 7 Jonathan Katz and Yehuda Lindell. Introduction to modern cryptography . 1st ed. Boca Raton: Chapman & Hall/CRC, 2008. ISBN: 9781584885511. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 18

  21. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Security Definition (Pseudo-random permutation, PRP 7 ) Let F : { 0 , 1 } s × { 0 , 1 } n → { 0 , 1 } n . F is a PRP if 1 for any k ∈ { 0 , 1 } s , F is a bijection; 2 for any k ∈ { 0 , 1 } s , we can ‘efficiently’ evaluate F k ( x ) ; 3 for all ‘efficient’ distinguishers D , � < ǫ ( s ) � � Pr[ D F k ( 1 n ) = 1 ] − Pr[ D f n ( 1 n ) = 1 ] � if we choose k ∈ { 0 , 1 } s and the random permutation f n uniformly at random. 7 Jonathan Katz and Yehuda Lindell. Introduction to modern cryptography . 1st ed. Boca Raton: Chapman & Hall/CRC, 2008. ISBN: 9781584885511. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 18

  22. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Security Definition (Pseudo-random permutation, PRP 7 ) Let F : { 0 , 1 } s × { 0 , 1 } n → { 0 , 1 } n . F is a PRP if 1 for any k ∈ { 0 , 1 } s , F is a bijection; 2 for any k ∈ { 0 , 1 } s , we can ‘efficiently’ evaluate F k ( x ) ; 3 for all ‘efficient’ distinguishers D , � < ǫ ( s ) � � Pr[ D F k ( 1 n ) = 1 ] − Pr[ D f n ( 1 n ) = 1 ] � if we choose k ∈ { 0 , 1 } s and the random permutation f n uniformly at random. 7 Jonathan Katz and Yehuda Lindell. Introduction to modern cryptography . 1st ed. Boca Raton: Chapman & Hall/CRC, 2008. ISBN: 9781584885511. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 18

  23. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Hash functions Idea We want a function which we can efficiently compute. However, it shouldn’t be possible to find its inverse. Example Easy f ( x ) = y Hard f − 1 ( y ) = x Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 19

  24. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Hash functions Idea We want a function which we can efficiently compute. However, it shouldn’t be possible to find its inverse. Example Easy f ( x ) = y Hard f − 1 ( y ) = x Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 19

  25. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Hash functions Idea We want a function which we can efficiently compute. However, it shouldn’t be possible to find its inverse. Example Easy f ( x ) = y Hard f − 1 ( y ) = x Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 19

  26. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Hash functions X Y X Y A 1 D 1 B 2 B C AB 2 AC 3 C BC 3 4 ABC (a) (b) h ′ : X → Y h : X → Y Figure: Two non-injective, surjective functions h and h ′ . Exercise Could either of these two functions be one-way functions? Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 20

  27. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Hash functions Definition (One-way function 8 ) Let h : { 0 , 1 } ∗ → { 0 , 1 } ∗ . h is one-way if 1 there exists an efficient algorithm A such that A ( x ) = h ( x ) ; 2 for every efficient algorithm A ′ , every positive polynomial p ( · ) and all sufficiently large n ’s 1 A ′ ( h ( x ) , 1 n ) ∈ h − 1 ( h ( x )) � � Pr < p ( n ) 8 Oded Goldreich. Foundations of cryptography, Vol. 1: Basic tools . Cambridge: Cambridge Univ. Press, 2001. ISBN: 0-521-79172-3. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 21

  28. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Hash functions Example (Implementations you might’ve heard of) MD5 SHA1 SHA256 (SHA-2) SHA-3 Example (Applications) Verifying file content integrity Digital signatures Protect passwords Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 22

  29. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Hash functions Note One-wayness returns as a useful property in many situations. Encryption also has the one-wayness property: Easy Given k , m , compute c ← Enc k ( m ) . Hard Given c , compute either of k , m . However, encryption is bijective, hash functions are generally not. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 23

  30. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Example Let Enc k ( · ) = Dec k ( · ) = · ⊕ k mod 2. Alice and Bob share k . Alice sends Enc k ( m ) = c to Bob. Eve intercepts c , she cannot get to m . Eve computes c ′ = c ⊕ m E and passes c ′ to Bob. Bob computes Dec k ( c ′ ) = Dec k ( c ⊕ m E ) = m ⊕ k ⊕ m E ⊕ k = m ⊕ m E . Exercise How can we solve this? Bob needs to know that Eve modified the message! Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 24

  31. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Example Let Enc k ( · ) = Dec k ( · ) = · ⊕ k mod 2. Alice and Bob share k . Alice sends Enc k ( m ) = c to Bob. Eve intercepts c , she cannot get to m . Eve computes c ′ = c ⊕ m E and passes c ′ to Bob. Bob computes Dec k ( c ′ ) = Dec k ( c ⊕ m E ) = m ⊕ k ⊕ m E ⊕ k = m ⊕ m E . Exercise How can we solve this? Bob needs to know that Eve modified the message! Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 24

  32. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Example Let Enc k ( · ) = Dec k ( · ) = · ⊕ k mod 2. Alice and Bob share k . Alice sends Enc k ( m ) = c to Bob. Eve intercepts c , she cannot get to m . Eve computes c ′ = c ⊕ m E and passes c ′ to Bob. Bob computes Dec k ( c ′ ) = Dec k ( c ⊕ m E ) = m ⊕ k ⊕ m E ⊕ k = m ⊕ m E . Exercise How can we solve this? Bob needs to know that Eve modified the message! Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 24

  33. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Example Let Enc k ( · ) = Dec k ( · ) = · ⊕ k mod 2. Alice and Bob share k . Alice sends Enc k ( m ) = c to Bob. Eve intercepts c , she cannot get to m . Eve computes c ′ = c ⊕ m E and passes c ′ to Bob. Bob computes Dec k ( c ′ ) = Dec k ( c ⊕ m E ) = m ⊕ k ⊕ m E ⊕ k = m ⊕ m E . Exercise How can we solve this? Bob needs to know that Eve modified the message! Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 24

  34. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Example Let Enc k ( · ) = Dec k ( · ) = · ⊕ k mod 2. Alice and Bob share k . Alice sends Enc k ( m ) = c to Bob. Eve intercepts c , she cannot get to m . Eve computes c ′ = c ⊕ m E and passes c ′ to Bob. Bob computes Dec k ( c ′ ) = Dec k ( c ⊕ m E ) = m ⊕ k ⊕ m E ⊕ k = m ⊕ m E . Exercise How can we solve this? Bob needs to know that Eve modified the message! Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 24

  35. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Example Let Enc k ( · ) = Dec k ( · ) = · ⊕ k mod 2. Alice and Bob share k . Alice sends Enc k ( m ) = c to Bob. Eve intercepts c , she cannot get to m . Eve computes c ′ = c ⊕ m E and passes c ′ to Bob. Bob computes Dec k ( c ′ ) = Dec k ( c ⊕ m E ) = m ⊕ k ⊕ m E ⊕ k = m ⊕ m E . Exercise How can we solve this? Bob needs to know that Eve modified the message! Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 24

  36. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Idea: MACs Alice and Bob need something that Eve doesn’t know how to modify. If that something is tied to the message, then a modified message would be detectable. Exercise Any ideas on how we can construct such a thing? Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 25

  37. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Idea: MACs Alice and Bob need something that Eve doesn’t know how to modify. If that something is tied to the message, then a modified message would be detectable. Exercise Any ideas on how we can construct such a thing? Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 25

  38. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Idea: MACs Alice and Bob need something that Eve doesn’t know how to modify. If that something is tied to the message, then a modified message would be detectable. Exercise Any ideas on how we can construct such a thing? Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 25

  39. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Example Let h be a one-way function. If we use h ( c ) = t , then Eve can also compute the hash function: h ( c ′ ) = t ′ . A secret hash function would violate Kerckhoff’s principle, so that’s not an option. If we instead use the message, rather than the ciphertext. Then h ( m ) = t and Dec k ( c ′ ) = m ′ = m ⊕ m E , h ( m ′ ) � = t . Dec k ( c ) = m , h ( m ) = t . Eve cannot compute the hash function, she doesn’t have m ! Bob: But neither do I! Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 26

  40. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Example Let h be a one-way function. If we use h ( c ) = t , then Eve can also compute the hash function: h ( c ′ ) = t ′ . A secret hash function would violate Kerckhoff’s principle, so that’s not an option. If we instead use the message, rather than the ciphertext. Then h ( m ) = t and Dec k ( c ′ ) = m ′ = m ⊕ m E , h ( m ′ ) � = t . Dec k ( c ) = m , h ( m ) = t . Eve cannot compute the hash function, she doesn’t have m ! Bob: But neither do I! Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 26

  41. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Example Let h be a one-way function. If we use h ( c ) = t , then Eve can also compute the hash function: h ( c ′ ) = t ′ . A secret hash function would violate Kerckhoff’s principle, so that’s not an option. If we instead use the message, rather than the ciphertext. Then h ( m ) = t and Dec k ( c ′ ) = m ′ = m ⊕ m E , h ( m ′ ) � = t . Dec k ( c ) = m , h ( m ) = t . Eve cannot compute the hash function, she doesn’t have m ! Bob: But neither do I! Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 26

  42. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Example Let h be a one-way function. If we use h ( c ) = t , then Eve can also compute the hash function: h ( c ′ ) = t ′ . A secret hash function would violate Kerckhoff’s principle, so that’s not an option. If we instead use the message, rather than the ciphertext. Then h ( m ) = t and Dec k ( c ′ ) = m ′ = m ⊕ m E , h ( m ′ ) � = t . Dec k ( c ) = m , h ( m ) = t . Eve cannot compute the hash function, she doesn’t have m ! Bob: But neither do I! Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 26

  43. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Example Let h be a one-way function. If we use h ( c ) = t , then Eve can also compute the hash function: h ( c ′ ) = t ′ . A secret hash function would violate Kerckhoff’s principle, so that’s not an option. If we instead use the message, rather than the ciphertext. Then h ( m ) = t and Dec k ( c ′ ) = m ′ = m ⊕ m E , h ( m ′ ) � = t . Dec k ( c ) = m , h ( m ) = t . Eve cannot compute the hash function, she doesn’t have m ! Bob: But neither do I! Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 26

  44. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Example Let h be a one-way function. If we use h ( c ) = t , then Eve can also compute the hash function: h ( c ′ ) = t ′ . A secret hash function would violate Kerckhoff’s principle, so that’s not an option. If we instead use the message, rather than the ciphertext. Then h ( m ) = t and Dec k ( c ′ ) = m ′ = m ⊕ m E , h ( m ′ ) � = t . Dec k ( c ) = m , h ( m ) = t . Eve cannot compute the hash function, she doesn’t have m ! Bob: But neither do I! Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 26

  45. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Solution Let s be a secret shared between Alice and Bob. h ( c � s ) = t , Eve doesn’t know s . Bob can immediately check h ( c ′ � s ) � = t . Note It requires even a bit more than this! But the idea is correct. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 27

  46. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Solution Let s be a secret shared between Alice and Bob. h ( c � s ) = t , Eve doesn’t know s . Bob can immediately check h ( c ′ � s ) � = t . Note It requires even a bit more than this! But the idea is correct. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 27

  47. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Solution Let s be a secret shared between Alice and Bob. h ( c � s ) = t , Eve doesn’t know s . Bob can immediately check h ( c ′ � s ) � = t . Note It requires even a bit more than this! But the idea is correct. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 27

  48. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Solution (Hash-based message-authentication code, HMAC 9 ) Let h be a one-way function. Let c be the ciphertext, s our MA secret. Then tag t = HMAC s ( c ) , where HMAC s ( c ) = h [( s ⊕ p o ) � h [( s ⊕ p i ) � c ]] , and p i , p o are inner and outer pads, respectively. Note This is proven secure in by Bellare, Canetti and Krawczyk [9]! 9 Mihir Bellare, Ran Canetti and Hugo Krawczyk. ‘Keying Hash Functions for Message Authentication’. In: Advances in Cryptology — CRYPTO ’96: Prooceedings of the 16th Annual International Cryptology Conference . Ed. by Daniel Bosk Neal Koblitz. Berlin, Heidelberg: Springer Berlin Heidelberg, 1996, pp. 1–15. KTH/MIUN A High-Level Overview of Cryptography 28 ISBN: 978-3-540-68697-2. DOI: 10.1007/3-540-68697-5_1 . URL:

  49. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Solution (Hash-based message-authentication code, HMAC 9 ) Let h be a one-way function. Let c be the ciphertext, s our MA secret. Then tag t = HMAC s ( c ) , where HMAC s ( c ) = h [( s ⊕ p o ) � h [( s ⊕ p i ) � c ]] , and p i , p o are inner and outer pads, respectively. Note This is proven secure in by Bellare, Canetti and Krawczyk [9]! 9 Mihir Bellare, Ran Canetti and Hugo Krawczyk. ‘Keying Hash Functions for Message Authentication’. In: Advances in Cryptology — CRYPTO ’96: Prooceedings of the 16th Annual International Cryptology Conference . Ed. by Daniel Bosk Neal Koblitz. Berlin, Heidelberg: Springer Berlin Heidelberg, 1996, pp. 1–15. KTH/MIUN A High-Level Overview of Cryptography 28 ISBN: 978-3-540-68697-2. DOI: 10.1007/3-540-68697-5_1 . URL:

  50. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Message-authentication codes Solution (Hash-based message-authentication code, HMAC 9 ) Let h be a one-way function. Let c be the ciphertext, s our MA secret. Then tag t = HMAC s ( c ) , where HMAC s ( c ) = h [( s ⊕ p o ) � h [( s ⊕ p i ) � c ]] , and p i , p o are inner and outer pads, respectively. Note This is proven secure in by Bellare, Canetti and Krawczyk [9]! 9 Mihir Bellare, Ran Canetti and Hugo Krawczyk. ‘Keying Hash Functions for Message Authentication’. In: Advances in Cryptology — CRYPTO ’96: Prooceedings of the 16th Annual International Cryptology Conference . Ed. by Daniel Bosk Neal Koblitz. Berlin, Heidelberg: Springer Berlin Heidelberg, 1996, pp. 1–15. KTH/MIUN A High-Level Overview of Cryptography 28 ISBN: 978-3-540-68697-2. DOI: 10.1007/3-540-68697-5_1 . URL:

  51. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References 1 Introduction History Kerckhoff’s Principle Outline 2 Shared-key cryptography Ciphers Security Hash functions Message-authentication codes 3 Public-key cryptography Key-exchange schemes Encryption and decryption Digital signatures Homomorphic properties 4 More counter-intuitive things Secure multi-party computation Daniel Bosk KTH/MIUN Zero-knowledge proofs of knowledge A High-Level Overview of Cryptography 29

  52. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Idea It’s difficult to have to exchange keys in advance. What if we could securely exchange keys at a distance? If we could do it just before we use them? Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 30

  53. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Idea It’s difficult to have to exchange keys in advance. What if we could securely exchange keys at a distance? If we could do it just before we use them? Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 30

  54. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Solution (Requirements) We need a problem that is easy for Alice and Bob. It should be hard for Eve. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 31

  55. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Definition (Discrete Logarithm Problem, DLP) Let Z ∗ p be the multiplicative group of residues modulo p ∈ N , where p is a prime. Given g , g x ∈ Z ∗ p Find x . I.e. compute log g ∈ Z p ( g x ) . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 32

  56. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Definition (Discrete Logarithm Problem, DLP) Let Z ∗ p be the multiplicative group of residues modulo p ∈ N , where p is a prime. Given g , g x ∈ Z ∗ p Find x . I.e. compute log g ∈ Z p ( g x ) . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 32

  57. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Definition (Diffie-Hellman Problem, DHP 10 ) Given g , g x , g y ∈ Z ∗ p Find g xy Definition (Decisional Diffie-Hellman Problem, DDH) Given g , g x , g y , g z ∈ Z ∗ p Decide z ? = xy 10 Whitfield Diffie and Martin E Hellman. ‘New directions in cryptography’. In: IEEE Transactions on Information Theory 22.6 (1976), pp. 644–654. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 33

  58. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Definition (Diffie-Hellman Problem, DHP 10 ) Given g , g x , g y ∈ Z ∗ p Find g xy Definition (Decisional Diffie-Hellman Problem, DDH) Given g , g x , g y , g z ∈ Z ∗ p Decide z ? = xy 10 Whitfield Diffie and Martin E Hellman. ‘New directions in cryptography’. In: IEEE Transactions on Information Theory 22.6 (1976), pp. 644–654. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 33

  59. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes If we can solve DLP, then we can solve DHP and DDH too. Maybe DHP and DDH can be solved without DLP. We don’t know yet. We usually assume DLP, DHP and DDH are hard. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 34

  60. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes If we can solve DLP, then we can solve DHP and DDH too. Maybe DHP and DDH can be solved without DLP. We don’t know yet. We usually assume DLP, DHP and DDH are hard. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 34

  61. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes If we can solve DLP, then we can solve DHP and DDH too. Maybe DHP and DDH can be solved without DLP. We don’t know yet. We usually assume DLP, DHP and DDH are hard. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 34

  62. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Exercise Diffie and Hellman 11 used DHP to create a key-exchange protocol. Take some time to figure out how we can use these problems to achieve what we want. Reminder Alice and Bob want to exchange a secret key. Then they can use the key to encrypt their communications. 11 Whitfield Diffie and Martin E Hellman. ‘New directions in cryptography’. In: IEEE Transactions on Information Theory 22.6 (1976), pp. 644–654. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 35

  63. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Exercise Diffie and Hellman 11 used DHP to create a key-exchange protocol. Take some time to figure out how we can use these problems to achieve what we want. Reminder Alice and Bob want to exchange a secret key. Then they can use the key to encrypt their communications. 11 Whitfield Diffie and Martin E Hellman. ‘New directions in cryptography’. In: IEEE Transactions on Information Theory 22.6 (1976), pp. 644–654. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 35

  64. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Definition (Diffie-Hellman key-exchange) Let g ∈ Z ∗ p (publicly known, e.g. RFC, standard dots). Alice generates random 0 < x < | Z ∗ p | . She send g x to Bob. Bob generates random 0 < y < | Z ∗ p | . He sends g y to Alice. Alice has x and g , g y . Bob has g , g x and y . They both compute g xy = ( g y ) x = ( g x ) y . Eve has g , g x , g y . By DHP she cannot compute g xy . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 36

  65. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Definition (Diffie-Hellman key-exchange) Let g ∈ Z ∗ p (publicly known, e.g. RFC, standard dots). Alice generates random 0 < x < | Z ∗ p | . She send g x to Bob. Bob generates random 0 < y < | Z ∗ p | . He sends g y to Alice. Alice has x and g , g y . Bob has g , g x and y . They both compute g xy = ( g y ) x = ( g x ) y . Eve has g , g x , g y . By DHP she cannot compute g xy . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 36

  66. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Definition (Diffie-Hellman key-exchange) Let g ∈ Z ∗ p (publicly known, e.g. RFC, standard dots). Alice generates random 0 < x < | Z ∗ p | . She send g x to Bob. Bob generates random 0 < y < | Z ∗ p | . He sends g y to Alice. Alice has x and g , g y . Bob has g , g x and y . They both compute g xy = ( g y ) x = ( g x ) y . Eve has g , g x , g y . By DHP she cannot compute g xy . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 36

  67. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Definition (Diffie-Hellman key-exchange) Let g ∈ Z ∗ p (publicly known, e.g. RFC, standard dots). Alice generates random 0 < x < | Z ∗ p | . She send g x to Bob. Bob generates random 0 < y < | Z ∗ p | . He sends g y to Alice. Alice has x and g , g y . Bob has g , g x and y . They both compute g xy = ( g y ) x = ( g x ) y . Eve has g , g x , g y . By DHP she cannot compute g xy . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 36

  68. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Key-exchange schemes Definition (Diffie-Hellman key-exchange) Let g ∈ Z ∗ p (publicly known, e.g. RFC, standard dots). Alice generates random 0 < x < | Z ∗ p | . She send g x to Bob. Bob generates random 0 < y < | Z ∗ p | . He sends g y to Alice. Alice has x and g , g y . Bob has g , g x and y . They both compute g xy = ( g y ) x = ( g x ) y . Eve has g , g x , g y . By DHP she cannot compute g xy . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 36

  69. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Encryption and decryption Idea Fine, we can use g xy as a key in a cipher. Enc g xy ( m ) , where Enc is a symmetric cipher. But shouldn’t we be able to include a message directly? Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 37

  70. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Encryption and decryption Definition (ElGamal Encryption Scheme 12 ) Set-up: Let g ∈ Z ∗ p , randomly choose 0 < x < | Z ∗ p | . p , g , g x to everyone. Alice publishes Z ∗ Encryption: Bob chooses random 0 < y < | Z ∗ p | and computes g y . Bob’s message m ∈ Z ∗ p . He sends ( g y , m ( g x ) y ) to Alice. Decryption: Alice computes ( g y ) x and m ( g x ) y (( g y ) x ) − 1 = m . 12 Taher ElGamal. ‘A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms’. In: Advances in Cryptology: Proceedings of CRYPTO 84 . Ed. by George Robert Blakley and David Chaum. Berlin, Daniel Bosk Heidelberg: Springer Berlin Heidelberg, 1985, pp. 10–18. ISBN: KTH/MIUN A High-Level Overview of Cryptography 38 978-3-540-39568-3. DOI: 10.1007/3-540-39568-7_2 . URL:

  71. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Digital signatures Idea Sure, if Bob sends a message to Alice, he’s sure she’s the only one who can decrypt it. Can’t we turn this around? Can’t Alice use the same system to ensure Bob knows the message came from Alice? Exercise Look at the ElGamal encryption scheme for a bit. Try to find a way to ‘run it backwards’. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 39

  72. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Digital signatures Idea Sure, if Bob sends a message to Alice, he’s sure she’s the only one who can decrypt it. Can’t we turn this around? Can’t Alice use the same system to ensure Bob knows the message came from Alice? Exercise Look at the ElGamal encryption scheme for a bit. Try to find a way to ‘run it backwards’. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 39

  73. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Digital signatures Idea Sure, if Bob sends a message to Alice, he’s sure she’s the only one who can decrypt it. Can’t we turn this around? Can’t Alice use the same system to ensure Bob knows the message came from Alice? Exercise Look at the ElGamal encryption scheme for a bit. Try to find a way to ‘run it backwards’. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 39

  74. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Digital signatures Definition (ElGamal Signature Scheme 13 ) Set-up: Let g ∈ Z ∗ p and h be a one-way function . p , g , g x to everyone. Alice publishes Z ∗ Signing m ∈ Z ∗ p : Alice chooses random 0 < y < | Z ∗ p | and computes r = g y ∈ Z ∗ p . She computes s = ( h ( m ) − xr ) y − 1 (mod | Z ∗ p | ) . She sends ( r , s ) to Bob. Verification: Bob checks if g h ( m ) ? p ( g x ) r r s = Z ∗ = Z ∗ p ( g x ) g y ( g y ) ( h ( m ) − xg y ) y − 1 = Z ∗ p g xg y + h ( m ) − xg y Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 40 13

  75. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Digital signatures Note It works without the hash. But then we can multiply two messages and still get a valid signature. Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 41

  76. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Homomorphic properties Definition (Homomorphism) A homomorphism is a map (function) that preserves structure between two algebraic structures. Example Let G 1 = ( R , · ) and G 2 = ( R , +) be groups. g 1 , g ′ 1 ∈ G 1 and g 2 , g ′ 2 ∈ G 2 . Consider log: G 1 → G 2 . log( g 1 · g ′ 1 ) = g 2 + g ′ 2 . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 42

  77. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Homomorphic properties Definition (Homomorphism) A homomorphism is a map (function) that preserves structure between two algebraic structures. Example Let G 1 = ( R , · ) and G 2 = ( R , +) be groups. g 1 , g ′ 1 ∈ G 1 and g 2 , g ′ 2 ∈ G 2 . Consider log: G 1 → G 2 . log( g 1 · g ′ 1 ) = g 2 + g ′ 2 . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 42

  78. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Homomorphic properties Definition (Homomorphism) A homomorphism is a map (function) that preserves structure between two algebraic structures. Example Let G 1 = ( R , · ) and G 2 = ( R , +) be groups. g 1 , g ′ 1 ∈ G 1 and g 2 , g ′ 2 ∈ G 2 . Consider log: G 1 → G 2 . log( g 1 · g ′ 1 ) = g 2 + g ′ 2 . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 42

  79. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Homomorphic properties Definition (Homomorphism) A homomorphism is a map (function) that preserves structure between two algebraic structures. Example Let G 1 = ( R , · ) and G 2 = ( R , +) be groups. g 1 , g ′ 1 ∈ G 1 and g 2 , g ′ 2 ∈ G 2 . Consider log: G 1 → G 2 . log( g 1 · g ′ 1 ) = g 2 + g ′ 2 . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 42

  80. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Homomorphic properties Exercise The encryption (decryption) function of the ElGamal cryptosystem is a homomorphism, what structure does it preserve? Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 43

  81. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Homomorphic properties Example (ElGamal’s homomorphism) Messages m , m ′ , ciphertexts ( g y , m · g xy ) , ( g y ′ , m ′ · g xy ′ ) . Remember: private key x , hence the same. Create ciphertext ( g y g y ′ , m · g xy · m ′ · g xy ′ ) = ( g y + y ′ , m · m ′ · g xy + xy ′ ) = ( g y + y ′ , m · m ′ · g x ( y + y ′ ) ) . Decryption: take g y + y ′ , compute ( g y + y ′ ) x = g x ( y + y ′ ) . Decryption thus yields m · m ′ . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 44

  82. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Homomorphic properties Example (ElGamal’s homomorphism) Messages m , m ′ , ciphertexts ( g y , m · g xy ) , ( g y ′ , m ′ · g xy ′ ) . Remember: private key x , hence the same. Create ciphertext ( g y g y ′ , m · g xy · m ′ · g xy ′ ) = ( g y + y ′ , m · m ′ · g xy + xy ′ ) = ( g y + y ′ , m · m ′ · g x ( y + y ′ ) ) . Decryption: take g y + y ′ , compute ( g y + y ′ ) x = g x ( y + y ′ ) . Decryption thus yields m · m ′ . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 44

  83. Introduction Shared-key cryptography Public-key cryptography More counter-intuitive things References Homomorphic properties Example (ElGamal’s homomorphism) Messages m , m ′ , ciphertexts ( g y , m · g xy ) , ( g y ′ , m ′ · g xy ′ ) . Remember: private key x , hence the same. Create ciphertext ( g y g y ′ , m · g xy · m ′ · g xy ′ ) = ( g y + y ′ , m · m ′ · g xy + xy ′ ) = ( g y + y ′ , m · m ′ · g x ( y + y ′ ) ) . Decryption: take g y + y ′ , compute ( g y + y ′ ) x = g x ( y + y ′ ) . Decryption thus yields m · m ′ . Daniel Bosk KTH/MIUN A High-Level Overview of Cryptography 44

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to the theory of secret key cryptography Andreas H ulsing Eindhoven University

Introduction to the theory of secret key cryptography Andreas H ulsing Eindhoven University

Introduction to the theory of secret key cryptography Andreas H ulsing Eindhoven University of Technology 17 June 2019 Secret key encryption MAC Main primitives of secret key / symmetric cryptography High-level primitives Low-level

1.51k views • 114 slides
Part I: Introduction to Post Quantum Cryptography Tutorial@CHES 2017 - Taipei Tim Gneysu

Part I: Introduction to Post Quantum Cryptography Tutorial@CHES 2017 - Taipei Tim Gneysu

Part I: Introduction to Post Quantum Cryptography Tutorial@CHES 2017 - Taipei Tim Gneysu Ruhr-Universitt Bochum &amp; DFKI 04.10.2017 Overview Goals Provide a high-level introduction to Post-Quantum Cryptography (PQC)

1.18k views • 113 slides
Modern cryptography CSCI 470: Web Science Keith Vertanen Overview Modern cryptography

Modern cryptography CSCI 470: Web Science Keith Vertanen Overview Modern cryptography

Modern cryptography CSCI 470: Web Science Keith Vertanen Overview Modern cryptography Symmetric cryptography DES 3DES AES Asymmetric cryptography Diffie-Hellman key exchange 2 Modern cryptography Moving into

338 views • 16 slides
HIGH LEVEL ARCHITECTURE Introduction Concepts Technical Architecture Overview Ximing Yu HLA

HIGH LEVEL ARCHITECTURE Introduction Concepts Technical Architecture Overview Ximing Yu HLA

HIGH LEVEL ARCHITEC- TURE Ximing Yu HIGH LEVEL ARCHITECTURE Introduction Concepts Technical Architecture Overview Ximing Yu HLA Interface Specification HLA Object Model Template Department of Electrical and Computer Engineering HLA

284 views • 13 slides
Modern cryptography 2 CSCI 470: Web Science Keith Vertanen Overview Modern cryptography

Modern cryptography 2 CSCI 470: Web Science Keith Vertanen Overview Modern cryptography

Modern cryptography 2 CSCI 470: Web Science Keith Vertanen Overview Modern cryptography Asymmetric cryptography Diffie-Hellman key exchange (last time) Pubic key: RSA Pretty Good Privacy (PGP) Digital signing Public

682 views • 26 slides
High Level Overview Partnerships developed Key strategies Sustainability efforts Colin

High Level Overview Partnerships developed Key strategies Sustainability efforts Colin

7/19/2017 Session Overview Component Breakout Session 3: High Level Overview Colin Simms, Center for Chronic Disease Prevention and Control Health Systems Interventions and Community Health Worker Integration for Hypertension Control

320 views • 11 slides
High-level languages High-level languages are not immune to these problems. Actually, the

High-level languages High-level languages are not immune to these problems. Actually, the

High-level languages High-level languages are not immune to these problems. Actually, the situation is even worse: the compiler might reorder/remove/add memory accesses; and then the hardware will do some relaxed execution. p. 1 Constant

512 views • 26 slides
High-level programming on the GPU with Julia Tim Besard (@maleadt) Yet another high-level

High-level programming on the GPU with Julia Tim Besard (@maleadt) Yet another high-level

Just compile it: High-level programming on the GPU with Julia Tim Besard (@maleadt) Yet another high-level language? julia&gt; function mandel(z) c = z Dynamically typed, high-level syntax maxiter = 80 for n = 1:maxiter if abs(z) &gt; 2

953 views • 44 slides
Treasures Overview District Focus High level of meaningful student discussion throughout the

Treasures Overview District Focus High level of meaningful student discussion throughout the

Treasures Overview District Focus High level of meaningful student discussion throughout the day. Higher level questioning by teacher and students. Differentiated instruction. Purposeful planning, guided by student results and

399 views • 29 slides
Goal als of f presentation High level overview Basic concepts &amp; vocabulary NOT exhaustive

Goal als of f presentation High level overview Basic concepts &amp; vocabulary NOT exhaustive

6/12/2018 Minnesotas Health Records Act (MHRA) &amp; The Federal Health Insurance Portability and Accountability Act of 1996 (HIPAA) Nathan Hopkins House Research Department 6/13/2018 Goal als of f presentation High level overview

299 views • 6 slides
HIGH-LEVEL SEARCH Instead of directly solving a High-level Search Methods given probem

HIGH-LEVEL SEARCH Instead of directly solving a High-level Search Methods given probem

HIGH-LEVEL SEARCH: FROM HYPER- HEURISTICS TO ALGORITHM SELECTION MUSTAFA MISIR HIGH-LEVEL SEARCH Instead of directly solving a High-level Search Methods given probem (~instance), Operates upon perform a search on algorithm space

526 views • 23 slides
TRECVID-2005 High-Level Feature task: Overview Wessel Kraaij TNO &amp; Paul Over NIST

TRECVID-2005 High-Level Feature task: Overview Wessel Kraaij TNO &amp; Paul Over NIST

TRECVID-2005 High-Level Feature task: Overview Wessel Kraaij TNO &amp; Paul Over NIST High-level feature task o Goal: Build benchmark collection for detection methods o Secondary goal: feature-indexing could help search/browsing o

543 views • 32 slides
UN High UN High UN High UN High- - - -Level Meeting on TB Level Meeting on TB Level Meeting

UN High UN High UN High UN High- - - -Level Meeting on TB Level Meeting on TB Level Meeting

UN High UN High UN High UN High- - - -Level Meeting on TB Level Meeting on TB Level Meeting on TB Level Meeting on TB Berlin, 18 May 2017 Berlin, 18 May 2017 Berlin, 18 May 2017 Berlin, 18 May 2017 Lucica Ditiu and Greg Paton, Stop TB

668 views • 20 slides
Standard Implementation Methodology (SIM) High Level Overview of Enhancements for SIM v3.0 Helen

Standard Implementation Methodology (SIM) High Level Overview of Enhancements for SIM v3.0 Helen

Standard Implementation Methodology (SIM) High Level Overview of Enhancements for SIM v3.0 Helen Bull Project Management Practice January 26, 2015 1 Agenda 1. Objectives of this Session 2. SIM Timeline 3. Information Channels for SIM

450 views • 24 slides
Fuzzing Tools Jenny Kang High-level overview A pretty slide deck that does a good job of

Fuzzing Tools Jenny Kang High-level overview A pretty slide deck that does a good job of

Fuzzing Tools Jenny Kang High-level overview A pretty slide deck that does a good job of explaining browser fuzzing approaches on a high level Another slide deck on DOM fuzzing Peach (Windows version) PeachPit is an XML file

741 views • 36 slides
What a long strange trip its been Overview High level view of the history of the

What a long strange trip its been Overview High level view of the history of the

What a long strange trip its been Overview High level view of the history of the consumer-survivor community Not dates but themes Provide a context for the rest of the afternoon Way back when . De-institutionalization

216 views • 18 slides
Tees Valley Nature Partnership Steering Group 18 th December 2019 Middlesbrough Football Club

Tees Valley Nature Partnership Steering Group 18 th December 2019 Middlesbrough Football Club

Tees Valley Nature Partnership 2019 Tees Valley Nature Partnership Steering Group 18 th December 2019 Middlesbrough Football Club Tees Valley Nature Partnership 2019 Nature and economy working together Support policies &amp; projects Embed a

342 views • 17 slides
FNV Campaign in WI background Obesity in Wisconsin Marketing impact $2 billion Less than

FNV Campaign in WI background Obesity in Wisconsin Marketing impact $2 billion Less than

Amber Canto, MPH, RDN Health and Well-Being Institute Director University of Wisconsin-Extension erin.aagesen@ces.uwex.edu Erin Aagesen, MS, MPH FNV Campaign Coordinator FoodWIse, a program of UW-Extension erin.aagesen@ces.uwex.edu FNV

359 views • 34 slides
Nigel Paul Smart Computing on Encrypted Data How to do the impossible KU Leuven Dining Bankers

Nigel Paul Smart Computing on Encrypted Data How to do the impossible KU Leuven Dining Bankers

Nigel Paul Smart Computing on Encrypted Data How to do the impossible KU Leuven Dining Bankers (a.k.a. Millionaires Problem) A set of bankers go to lunch. They are celebrating their bonuses just being paid. Each has been given a bonus of x

876 views • 46 slides
PPP ( ) :

PPP ( ) :

PPP ( ) : PPP in Transportation Infrastructure Projects in Israel: Review and Analysis Remy Cohen Bocconi University School of

358 views • 13 slides
CSCI 1951-G Optimization Methods in Finance Part 11: Stochastic Optimization April 13, 2018

CSCI 1951-G Optimization Methods in Finance Part 11: Stochastic Optimization April 13, 2018

CSCI 1951-G Optimization Methods in Finance Part 11: Stochastic Optimization April 13, 2018 1 / 53 Outline 1) Uncertainty in optimization 2) The troubles of an European farmer 3) Two-stage problems with recourse 4) Benders decomposition

763 views • 53 slides
10/04/2017

10/04/2017

10/04/2017 %&amp;'

227 views • 7 slides
Dic$onaries and Tolerant Retrieval Debapriyo Majumdar Information Retrieval

Dic$onaries and Tolerant Retrieval Debapriyo Majumdar Information Retrieval

Dic$onaries and Tolerant Retrieval Debapriyo Majumdar Information Retrieval Spring 2015 Indian Statistical Institute Kolkata Pre-processing of a document decoding tokenizing linguistic processing

709 views • 32 slides
Upstream processing Producing high quality feedstocks Luuk van

Upstream processing Producing high quality feedstocks Luuk van

Upstream processing Producing high quality feedstocks Luuk van der Wielen and Solange Mussa3o, Department of Biotechnology, Faculty of Applied Sciences An

895 views • 22 slides

More recommend