T Cryptography and Data Security

Similar documents
Table of Contents. Bibliografische Informationen digitalisiert durch

U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, Notes on Algebra

NEW DIGITAL SIGNATURE PROTOCOL BASED ON ELLIPTIC CURVES

Lecture 13 - Basic Number Theory.

RSA and Primality Testing

Implementation of Elliptic Curve Digital Signature Algorithm

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN

Public Key Cryptography and RSA. Review: Number Theory Basics

Basic Algorithms In Computer Algebra

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

Breaking The Code. Ryan Lowe. Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and

Cryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur

8 Primes and Modular Arithmetic

Principles of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms

Public Key Cryptography: RSA and Lots of Number Theory

Discrete Mathematics, Chapter 4: Number Theory and Cryptography

CHAPTER 5. Number Theory. 1. Integers and Division. Discussion

Computer Security: Principles and Practice

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

CRYPTOGRAPHY AND NETWORK SECURITY

Cryptography & Network Security. Introduction. Chester Rebeiro IIT Madras

Lecture 6 - Cryptography

Lecture 13: Factoring Integers

EXAM questions for the course TTM Information Security June Part 1

Modern Block Cipher Standards (AES) Debdeep Mukhopadhyay

CRYPTOG NETWORK SECURITY

Study of algorithms for factoring integers and computing discrete logarithms

Groups in Cryptography

CRIPT - Cryptography and Network Security

ECE 842 Report Implementation of Elliptic Curve Cryptography

A New Efficient Digital Signature Scheme Algorithm based on Block cipher

CrypTool Claudia Eckert / Thorsten Clausius Bernd Esslinger / Jörg Schneider / Henrik Koy

MATH 537 (Number Theory) FALL 2016 TENTATIVE SYLLABUS

Software Tool for Implementing RSA Algorithm

CSCE 465 Computer & Network Security

Overview of Public-Key Cryptography

4.5 Finite Mathematical Systems

Implementing Network Security Protocols

MATH 289 PROBLEM SET 4: NUMBER THEORY

Number Theory and Cryptography using PARI/GP

Challenges in Teaching a Graduate Course in Applied Cryptography

Number Theory. Proof. Suppose otherwise. Then there would be a finite number n of primes, which we may

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

7! Cryptographic Techniques! A Brief Introduction

EXAM questions for the course TTM Information Security May Part 1

SE 4472a / ECE 9064a: Information Security

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

ABSTRACT ALGEBRA: A STUDY GUIDE FOR BEGINNERS

Overview of Number Theory Basics. Divisibility

Solutions to Problem Set 1

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Shor s algorithm and secret sharing

Introduction to Hill cipher

Factoring. Factoring 1

Blinding Self-Certified Key Issuing Protocols Using Elliptic Curves

Cryptography and Key Management Basics

CS 758: Cryptography / Network Security

AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES

Properties of Real Numbers

Computer and Network Security

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

Evaluation of Digital Signature Process

Copy in your notebook: Add an example of each term with the symbols used in algebra 2 if there are any.

Multi-Layered Cryptographic Processor for Network Security

A SOFTWARE COMPARISON OF RSA AND ECC

CS 5490/6490: Network Security Fall 2015

8 Divisibility and prime numbers

An Approach to Shorten Digital Signature Length

SUM OF TWO SQUARES JAHNAVI BHASKAR

Digital Signature. Raj Jain. Washington University in St. Louis

A New Generic Digital Signature Algorithm

Introduction to Cryptography CS 355

IT Networks & Security CERT Luncheon Series: Cryptography

Cryptography Lecture 8. Digital signatures, hash functions

International Journal of Information Technology, Modeling and Computing (IJITMC) Vol.1, No.3,August 2013

V Quantitative Reasoning: Computers, Number Theory and Cryptography

CS 103X: Discrete Structures Homework Assignment 3 Solutions

Lukasz Pater CMMS Administrator and Developer

Network Security Technology Network Management

Chapter. Number Theory and Cryptography. Contents

Public Key Cryptography of Digital Signatures

The Laws of Cryptography with Java Code. by Neal R. Wagner

Cryptography Exercises

Cryptography and Network Security Chapter 8

Number Theory Hungarian Style. Cameron Byerley s interpretation of Csaba Szabó s lectures

Today s Topics. Primes & Greatest Common Divisors

An Introduction to the RSA Encryption Method

Cryptography and Network Security Chapter 9

Test1. Due Friday, March 13, 2015.

Cryptography and network security CNET4523

MATH 168: FINAL PROJECT Troels Eriksen. 1 Introduction

An Introduction to Hill Ciphers Using Linear Algebra

= = 3 4, Now assume that P (k) is true for some fixed k 2. This means that

Public Key (asymmetric) Cryptography

Lecture 3: Finding integer solutions to systems of linear equations

THE ADVANTAGES OF ELLIPTIC CURVE CRYPTOGRAPHY FOR WIRELESS SECURITY KRISTIN LAUTER, MICROSOFT CORPORATION

Network Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)

Lecture 6: Finite Fields (PART 3) PART 3: Polynomial Arithmetic. Theoretical Underpinnings of Modern Cryptography

Network Security: Cryptography CS/SS G513 S.K. Sahay

Transcription:

Kaisa Nyberg Email: kaisa dot nyberg at aalto dot fi Department of Computer Science Aalto University School of Science

Lecture 1: Arrangements Course contents Finite Groups and Rings Euclid s Algorithm 2/24

Course agenda Course page: https://mycourses.aalto.fi/course/view.php?id=8905 12 lectures (in English), weeks 37 49 (excl. week 43) Mon 12:15 14:00 Room T2 First lecture Sep 7, last lecture Nov 30, no lecture Oct 20 (week 43) Course grade = your exam result. Must pass programming assignments to pass the course. Per department policy, student feedback is an obligatory part of this course. Instructions will be provided. Upcoming exams: Wed 16.12.15 09:00-12:00 Thu 18.02.16 13:00-16:00 Informal prerequisites Discrete mathematics, Linear algebra, C programming 3/24

Exercises 6 exercise sessions biweekly: Wed 12:15 14:00 2534 2535 (TUAS building) Thu 10:15 12:00 T3 (T-building) Thu 12:15 14:00 T3 (T-building) Optional but highly recommended. Receive up to 6 exam bonus points. Dates of first sessions: Week 38 Teachers: Professor and Dr. Kaitai Liang 4/24

Programming assignments Implementation is a great way to learn how stuff works. 2 assignments in C language: AES Authenticated encryption We use MyCourses for handling the assignments Must complete both assignments to pass. Assignments are individual work, not group work. Late submissions not accepted. Period. Assistant: Dr. Kimmo Järvinen 5/24

How to fail this course and risk academic suspension Give your code to another student; or Take (any part of) another student s code, and optionally, Change the variable names or Change the formatting or Move blocks of code around, and Submit it as your code. Moral of the story Write your own code and don t share any of it. 6/24

Textbooks This course does not strictly follow a single textbook A recommended textbook for additional reading C. Paar, J. Pelzl: Understanding Cryptography, Springer 2010 Good, comprehensive, and free references include: Menezes, van Oorschot, Vanstone, Handbook of Applied Cryptography, http://www.cacr.math.uwaterloo.ca/hac/ Smart, Cryptography, An Introduction, http://www.cs.bris.ac.uk/~nigel/crypto_book/ If you want (more) pointers to material, please ask! 7/24

Course contents Roughly symmetric crypto, then asymmetric crypto First half: Mathematical background (algebra, groups, rings, fields, polynomial rings) Classical cryptography (substitution, Vigenère, Playfair, Hill) Block ciphers (DES, AES, modes of operation) LFSRs, Stream ciphers (A5/1, SNOW 2.0, Trivium) Hash functions (MD5, SHA-1) Second half: Number theory (CRT, Euler s Thm, fast exponentiation) Public key cryptography (RSA, DSA, encryption, key agreement, signatures) Authentication (HMAC, protocols, PKI) Protocols (TLS, IPSec, SSH) (option) Side-channel attacks (power analysis, timing attacks)(option) 8/24

Operations on sets An operation on a set S is a function f : S S S. This implies closure. The operation can be given as a look-up table called the Cayley table. 9/24

Operations on bit-words In how many ways can you operate on bit-words of length 8? Bitwise... Not bitwise... modular arithmetic 10/24

Monoids A monoid (M, ) exhibits 1. Associativity (a b) c = a (b c) for all a, b, c M. 2. Identity There exists e M such that a e = e a = a for all a M. Example. Bit-words of length 8 with bitwise and operation form a monoid. 11/24

Groups A group (G, ) satisfies 1. (G, ) is a monoid. 2. Inverses For all a G there exists b G such that a b = b a = e. If a b = b a for all a, b G then (G, ) is a commutative or abelian group. Example. Bit-words of length m, that is, non-negative integers less than 2 m with multiplication modulo 2 m and identity e = 1, is a monoid, but not a group. Non-zero elements exist which do not have multiplicative inverses: There is no integer x such that 0 x < 2 8 and 4x = 1 (mod 2 8 ). 12/24

Another group example Take G ( as all possible ) permutations ( ) of {1, 2, 3} ( ) 1 2 3 1 2 3 1 2 3 π 1 = π 1 2 3 2 = π 1 3 2 3 = ( ) ( ) ( 2 3 1 ) 1 2 3 1 2 3 1 2 3 π 4 = π 3 1 2 5 = π 3 2 1 6 = 2 1 3 and as function composition. Then π i π j for all i, j = 1, 2, 3, 4, 5, 6 is j\i 1 2 3 4 5 6 1 π 1 π 2 π 3 π 4 π 5 π 6 2 π 2 π 1 π 5 π 6 π 3 π 4 3 π 3 π 6 π 4 π 1 π 2 π 5 4 π 4 π 5 π 1 π 3 π 6 π 2 5 π 5 π 4 π 6 π 2 π 1 π 3 6 π 6 π 3 π 2 π 5 π 4 π 1 This is the Cayley table of the. The group (G, ) is not commutative. 13/24

Rings A ring (R, +, ) satisfies 1. (R, +) is a commutative group with identity 0. 2. (R, ) is a monoid with identity 1. 3. Distributivity a (b + c) = a b + a c and (a + b) c = a c + b c for all a, b, c R. Ring example The set R = {0, 1,..., 2 m 2, 2 m 1} with + as addition modulo 2 m and as multiplication modulo 2 m is a finite ring called the ring of integers modulo 2 m denoted Z 2 m. a Z 2 m has a multiplicative inverse if and only if a is odd. 14/24

Prime numbers Q: Why is 2 the oddest of all primes? A: Because it is even. An integer n 2 is said to be prime if its only positive divisors are 1 and n. Otherwise, n is called composite. If p is prime, the set {0, 1,..., p 2, p 1} with + as addition modulo p and as multiplication modulo p is a prime field called the field of integers modulo p denoted Z p. All non-zero elements in Z p have inverses in Z p, that is, Z p \ {0} with multiplication is a group. 15/24

Euclid s algorithm extended and variants D. Knuth, TAOCP vol 2: We might call Euclid s method the granddaddy of all algorithms, because it is the oldest nontrivial algorithm that has survived to the present day. Appeared in Euclid s Elements (300 BC). Simply gcd(n, a) = gcd(a, n mod a) (applied recursively). Can be applied in numerous settings. We are mostly interested in rings like Z n and the polynomial ring Z 2 [x] to be discussed later. Extended version expresses the GCD of the two operands as a linear combination of said operands. 16/24

Table-based approach The following produces equations nx i + ay i = r i. Set r 0 = n, r 1 = a, x 0 = y 1 = 1, x 1 = y 0 = 0 For i 2: ri 2 q i = r i 1 r i = r i 2 q i r i 1 x i = x i 2 q i x i 1 y i = y i 2 q i y i 1 until r i+1 = 0 holds. This is essentially the same method from the previous slide. 17/24

Table-based approach: integer example n = 257 and a = 94 i q r x y --+-------------- 0 257 1 0 1 94 0 1 18/24

Table-based approach: integer example n = 257 and a = 94 i q r x y --+-------------- 0 257 1 0 1 94 0 1 2 2 69 1-2 <-- 19/24

Table-based approach: integer example n = 257 and a = 94 i q r x y --+-------------- 0 257 1 0 1 94 0 1 2 2 69 1-2 3 1 25-1 3 <-- 20/24

Table-based approach: integer example n = 257 and a = 94 i q r x y --+-------------- 0 257 1 0 1 94 0 1 2 2 69 1-2 3 1 25-1 3 4 2 19 3-8 5 1 6-4 11 6 3 1 15-41 7 6 0 <-- 21/24

Computing inverses Use the EEA to compute multiplicative inverses. Examples: Take a Z 2 m odd so gcd(2 m, a) = 1. EEA yields x, y such that 2 m x + ay = 1. Then ay = 1 mod 2 m so b 1 = y mod 2 m. Take a Z p. p is prime so gcd(p, a) = 1. EEA yields x, y such that px + ay = 1. Then ay = 1 mod p so a 1 = y. It s generally useful in any commutative ring. 22/24

Inversion examples From the previously computed linear combination examples: Take 94 Z 257 : ( 41) 94 + 15 257 = 1 gives 94 1 mod 257 = 41 = 216 (mod 257). Note 257 is prime. The multiplicative group Z 257 gives an interesting operation on bit-words of length 8. This operation becomes well defined, when you consider the bit-words as integers. The all-zero word is considered as integer 256. 23/24

Supplementary reading Understanding cryptography Section 1.4 pp. 13 17 Handbook of applied cryptography Sections 2.5 24/24

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information