Goals of Cryptography. Definition of a Cryptosystem. Security Kerckhoff's Requirements
|
|
- Rolf Hensley
- 6 years ago
- Views:
Transcription
1 Goals of Cryptography Chapter : Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network Transport Layer Chapter 4: Security on the Application Layer Chapter 5: Security Concepts for Networks : Secret Key Cryptography Cryptosystes Historical approaches Strea Ciphers Block ciphers Secrecy of data essages Only authorized people should be able to read the data Authentication of participants essages Is a user really the one he pretends to be? 3 Anonyity of participants Anonyity of sender /or receiver for third parties Fundaental ters A(lice: Sender of a essage B(ob: Recipient of a essage O(scar: Opponent, attacker on a essage Page Page Definition of a Cryptosyste Security Kerckhoff's Requireents A cryptosyste is a fivetuple (P,C,K,E,D, where the following conditions are satisfied: P is a finite set of possible plaintexts C is a finite set of possible cipher texts K, the key space, is a finite set of possible keys For each k K, there is an encryption rule e k E a corresponding decryption rule d k D Each e k :P C d k :C P are functions such that d k (e k (x=x for every plaintext x P The lastentioned property is the ain property: if a plaintext s encrypted using e k the resulting cipher text is subsequently decrypted using d k, then the original plaintext x results A cryptosyste is called breakable, if a third party is able to recover the plaintext fro a given cipher text without knowledge of the key A set of general cryptosyste requireents are given by Kerckhoff's requireents (883: The syste should be, if not theoretically unbreakable, unbreakable in practice (tie effort, cost, Coproise of the syste details should not inconvenience the correspondents The key should be reeberable without notes, easily changed The cryptogra should be transissible by telegraph The encryption apparatus should be portable operable by a single person The syste should be easy, requiring neither the knowledge of a long list of rules, nor ental strain Page 3 Page 4
2 Classification of Attackers Historical Cryptosystes Cipher textonly: Oscar possesses a string y of the cipher text Known plaintext: Oscar possesses a string x of the plaintext the corresponding cipher text y The proble now is to find out the key which produces y for x 3 Chosen plaintext: Oscar has access to the encryption achinery Hence he can chose a plaintext string x construct the corresponding cipher text string y 4 Chosen cipher text: Oscar has access to the decryption achinery Hence, he can chose a cipher text string y construct the corresponding plaintext string x Monoalphabetic cipher: Each alphabetic character is apped onto a unique alphabetic character Exaples: Shift Cipher, Substitution Cipher, Affine Cipher Polyalphabetic cipher: Each alphabetic character is apped onto various alphabetic characters Exaples: Vigenere Cipher, Hill Cipher, Perutation Cipher Cryptosystes are classified regarding the protection against attackers of these classes: is the iniu requireent on a odern cryptosyste 3 4 are hard tests on a odern cryptosyste Page 5 Page 6 Shift Cipher Substitution Cipher Idea: Map each character x on that character which follows x by a given nuber k of positions Let P = C = K = Z n = {0,,, n} For k K, define e k (x = x + k od n d k (y = y k od n where x,y Z n Idea: use a perutation over the set of characters as key to get a ore flexible schee as in the shift cipher Let P = C = Z n, K = S(Z n (set of perutations over Z n For each perutation p K, define e p (x = p(x, d p (y = p (y where p is the inverse perutation to p, x,y Z n Exaple: n=6, k=3 Encrypt: hello (7,4,,,4 to KHOOR (0,7,4,4,7 This special cipher (k=3 is called Caesar Cipher, because it is said that Julius Caesar used it Exaple: n=6 p: a F n K b G o Y c N p W d E q V e A r C f T s P g X t J h Z u L i O v S I w D k Q x M l B y U H z R coputerscience NYHWLJACPNOAKNA Page 7 Page 8
3 Affine Cipher Idea: cobination of a shift cipher a special perutation, ade by a ultiplication with a constant relatively prie to n Let P = C = Z n K = {(a, b Z n Z n : gcd(a, n = } For k = (a, b K, define y = e k (x = ax + b od n x = d k (y = a (y b od n, where x,y Z n Exaple: n = 6, k=(7,5 hello MROOJ (7,4,,,4 (,7,4,4, od 6 = 64 od 6 = od 6 = 43 od 6 = od 6 = 9 od 6 = od 6 = 3 od 6 = 9 Page 9 Vigenere Cipher Idea: usage of several keys to encrypt blocks of characters Thus, the sae character of plaintext is apped onto several characters in cipher text Exaple: n = 6, =5, k=(7,4,,,4 (Keyword: hello Plaintext: chine sepeo ple (,7,8,3,4; (8,4,5,4,4; (5,,4 Adding: Let be a positive integer, P = C = K = (Z n For a key k = (k,k,,k, define e k (x,,x = (x + k,,x + k d k (y,,y = (y k,,y k, where all operations are perfored in Z n Ciphertext: JLTYS ZIAPC WPP Page 0 Hill Cipher Idea: usage of several keys to encrypt blocks of characters Instead of using a vector of keys, construct a atrix with certain properties Perutation Cipher Idea: use a perutation, but do not perute the characters, but their position Let be a positive integer, K = { invertible atrices over Z n } = {A Z n gcd(det(a,n = }, P = C = (Z n For a key k K, we define e k (x = xk od n d k (y = yk od n, where x, y Z n Exaple: n=37, =, P=C={0,,9,_,a,,z}, 3 3 plaintext: good = (7,5,5,4, k = = 5 ( 7,5 ( 9,4 3 3 = 5 ( 5,4 ( 3,7 Cipher text: 94CG Let be a positive integer, P = C = (Z n, K=S({,,} For a key (a perutation p K, we define e p (x,,x = (x p(,,x p( d p (y,,y = (y s(,,y s( where s = p is the inverse perutation of p Exaple: n=37, P=C={0,,9,_,a,,z}, = 5 Plaintext: [she_i s_bea utifu l] Key = (,4,,5,3 Cipher text: [_EISH EBAS_ FIUUT L_] Page Page
4 Breaking Monoalphabetic Ciphers Statistical Characteristics of English Language Monoalphabetic ciphers preserve the frequency of alphabetic characters, pairs, etc Identify alphabetic characters due to their frequency Method to decipher natural languages: Deterine frequency of alphabetic characters of the cipher text Identify alphabetic characters according to their frequency: e, n, i, s, r, a, t (in Gerany: e, n, r, i, s, t, u, d, a, g, l, o, Deterine frequency of pairs Identify eg er to distinguish between er es 3 Look at identified text, resubstitute, guess, Solution: extension of alphabet, eg Data Encryption Stard (DES: 64 characters letter a b c d e f g h i k l probability letter n o p q r s t u v w x y z probability Partition into five groups: E, having probability about 0 T,A,O,I,N,S,H,R, each having probabilities between D,L, each having probabilities around C,U,M,W,F,G,Y,P,B, each having probabilities between V,K,J,X,Q,Z, each having probabilities less than 00 Digra frequencies th he an in er re Page 3 Page 4 Exaple: Cipher Text fro Affine Cipher Secrecy of Cryptosystes: Entropy Cipher text: FMXVEDKAPHFERBNDKRXRSREFMORUDSDKDVSHVUFEDKAPRKDLYEVLRHHRH letter frequency a b c d 7 e 5 f 4 g h 5 Guess: R (8 occurrences is encryption of e D (7 occurrences is encryption of t e k (4 = 7, e k (9 = 3 4a + b = 7, 9a + b = 3 a = 6, b = 9 d k (y = 9y 9 Plaintext: algorithsarequitegeneraldefinitionsofaritheticprocesses i k 5 l n o p q r 8 s 3 t u v 4 w x y z Page 5 Entropy: atheatical easure of inforation or uncertainty An event occurring with probability p ight be encoded by a bit string of approxiate length log c p Let X { x,, x }, P be an ro variable which takes on a finite set of ( X = x = p Entropy of X : the distribution of X a constant c >, with p H( X = 0 = for =,,, p log p c = p = values Reark: c characterises the nuber of values for eleents to be encoded Noral case: c =, ie x {0, } Exaple: let c =, = 8, p = = p 8 = 05 H(X = 8 (05 log 05 = log 05 = 3 You need 3 binary values to encode (identify one of the 8 characters Page 6
5 Perfect Security Perfect Security Properties A cryptosyste has perfect security, if the probability for the plaintext to be s independent of having observed the ciphered text to be y Let (P,C,K,E,D be a cryptosyste, P = {x,,x }, K = {k,, k l }, C = {y,,y n } P: (W,A,P P ro variable, P(P= = p i K: (W,A,P K ro variable, P(K=k = q The distribution of C=e(M,K is defined as P( C = y = r = p q i i, : e( xi, k = y Definition: A cryptosyste (P,C,K,E,D has perfect security, if H(M C = H(M Let (P,C,K,E,D be an cryptosyste with P(P=x > 0 for all x P, P(K=k > 0 for all k K, C = {e(x,k x P, k K} P = K Then: (P,C,K,E,D has perfect security, if P(K=k = for all k K K for all x P, y C exists exactly one k K: e(x,k = y Exaple: let M = K = C = {A,,Z}, define e k (x = x + k od 6, d k (y = y k od 6 If P(K=k = K then the cryptosyste has perfect security (for exactly one letter Page 7 Page 8 Strea Ciphers Structure of Strea Ciphers Advanced ciphering ethod: strea ciphers Strea ciphers encrypt a data strea as it coes in Key is as long as the data strea Exaple: Red Telephone between Moskov Washington is secured with a strea cipher Practical Methods: Synchronous strea cipher Selfsynchronising strea cipher Linear Feedback Shift Registers Idea: convert a strea of plain text into a strea of cipher text by cobining it with a keystrea as long as the plain text Proble: how to produce keystreas? initial state internal state next state function output function keystrea plaintext c i cipher text key k plaintext Define initial state for keystrea Define 'next state' function: cobine the current keystrea eleent with the key k previous cipher text characters Output function can further odify the internal state Encrypt each character of plaintext with a character of the keystrea, eg by XOR ( Page 9 Page 0
6 Definition of Strea Ciphers Autokey Cipher (Siplest Strea Cipher A Strea Cipher is a tuple (P,C,K,L,F,E,D, where the following conditions are satisfied: P is a finite set of possible plaintexts C is a finite set of possible cipher texts K, the keyspace, is a finite set of possible keys L is a finite set called the keystrea alphabet F = (f, f, is the keystrea generator For i, f i : K P i L For each z L, there is an encryption rule e z E a corresponding decryption rule d z D e z : P C d z : C P are functions such that d z (e z (x = x for every plaintext x P Idea: use key k as initial state for the first character For each following character, use the previous one for encryption Encryption is ade like in shift cipher Let P = C = K = L = Z n, z = k, + = For 0 z < n define e z (x = x + z od n d z (y = y z od n, where x,y Z n Principle: plaintext strea: x x x 3 x r encoding + k x x x r cipher strea: c c c 3 c r decoding k x x x r receiver gets: x x x 3 x r Exaple: n = 6, k = 4, plaintext thisisinsecure As strea of integers: Keystrea: Cipher text: HAPAAAAVFWGWBV Page Page Verna Cipher Security Probles of Verna Cipher Idea: use a special case of the Vigenere Cipher Choose a vector of keys as long as the plaintext In the ideal case, the key is a roly generated strea Let P = C = K = L = Z n For each z L, 0 < n: p( z = = define e z (x = x + z od n d z (y = y z od n, where x,y Z n n Exaple: n = Plaintext: Key: Cipher Text: Proble: if sae key is used twice, the Verna Cipher is insecure Let x = (,, s, x = (n,, n s, k = (z,, z s, y l = (c,, c s = ( + z,, s + z s y = (d,, d s = (n + z,, n s + z s Then for all i =,, s: ( ci di od 6 = (( i + zi od 6 ( ni + zi od 6 = ( n od 6 Solution: Onetie Pad any key is used only once i i Decrypt x x at the sae tie by using differences of coon letters Page 3 Page 4
7 Proble: Key Distribution OnetiePad is perfectly secure But how can the roly chosen key be counicated to the receiver? New proble: Transport of the key is as difficult as the transport of the essage! Solution: Usage of pseudorogenerators Best known: x 0 is starting value + = a + b od, for a, b suitably chosen Looks roly, but is absolutely not ro if x 0 is known Synchronous strea cipher Selfsynchronising strea cipher Linear feedback shift register But: Systes are no longer perfectly secure! Synchronous Strea Cipher Characteristics: Keystrea is generated independently fro cipher strea Key k is exped into a keystrea z z z 3 internal state next state function output function keystrea plaintext c i cipher text key k plaintext The keystrea generators on sender receiver side ust be synchronised: if one bit is lost, on receiver side all following bits are decrypted incorrectly No propagation of transission errors: only the garbled bit is decrypted incorrectly Protection against insertion deletion in the cipher text, because these would cause a loss of synchronisation Page 5 Page 6 Generating a Keystrea for Synchronous Strea Ciphers Siple exaples for keystrea ciphers are: Shift Cipher Use a constant keystrea with z = z = z 3 Vigenere Cipher For k = (k,, k repeat key eleents with period = + k is the start vector But: practical keystreas ust have a long period Use Vigenere Cipher with k = (k,, k Keystrea could be generated by + = + + od n Exaple: = 4, n =, k = (, 0, 0, 0 With +4 = + + od generate keystrea:, 0, 0, 0,, 0, 0,,, 0,, 0,,,, Page 7 SelfSynchronising Strea Ciphers key k Characteristics: Each keystrea bit is a function of the previous n cipher text bits The key k further odifies the output of the keystrea generator initial state internal state next state function output function keystrea plaintext c i cipher text Usage of a nbit header roly generated; after this header, both keystrea generators are synchronised Decryption keystrea generator autoatically synchronises with encryption keystrea generator Error propagation: for each cipher text bit gabled, the decryption keystrea generator produces n incorrect keystrea bits Page 8
8 Linear Feedback Shift Registers (LFSR Shift Register for Keystrea Generation Idea: Generate keystrea by use of shift registers of length As initial state, use a key k = (k,, k Siplest exaple: Autokey Cipher for = Generation of keystrea in three stages: k is used as next keystrea bit k,, k are shifted one stage to the left 3 Copute the new value of k by a 'linear feedback': = 0 a k + The values a {0, } are coefficients which deterine, which k are to be considered for coputing k k = For achieving a long period: see LFSR as polynoial Degree of polynoial is length of shift register: k k 4 x 4 + k 3 x 3 + k x k k 3 k 4 + k x + For a axialperiod LFSR, the polynoial fored by the shift register plus the constant ust be a priitive polynoial od Priitive polynoial of degree n: irreducible polynoial that divides x n +, but not x d + for any d that divides n Exaple: = 4 Actual keystrea bit k k k 3 k Cobine several shift registers for longer periods Exaples: Geffe Generator, Alternating StopGo Generator Page 9 Page 30 Geffe Generator Alternating StopGo Generator Characteristics: Keystrea generator using 3 LFSRs, cobined in nonlinear anner Two LFSRs are input to a ultiplexer One LFSR controls output If a, a, a 3 are outputs of the LFSRs, the overall output is b = (a a ( (a a 3 Characteristics: Keystrea generator using 3 LFSRs of different length LFSR is clocked when the output of LFSR is LFSR3 is clocked when the output of LFSR is 0 The output is a xor of LFSR LFSR3 LFSR LFSR3 LFSR a a 3 a to Multiplexer b Linear coplexity: if the LFSRs have the lengths n, n, n 3 the linear coplexity of the generator is (n + n + n n 3 (the '+' coes fro the negation operation Cryptographically weak, falls to a correlation attack: the output b equals the output of LFSR LFSR3 75% of the tie LFSR clock LFSR LFSR3 b Long period large linear coplexity Correlation attack against LFSR possible, but it does not substantially weaken the generator Page 3 Page 3
9 Block Ciphers Definition of Block Ciphers Block ciphers siultaneously encrypt groups of characters of a plaintext essage using a fixed encryption transforation Meoryless, ie the sae function ( the sae key is used to encrypt successive blocks Practical Methods: Data Encryption Stard (DES International Data Encryption Algorith (IDEA Advanced Encryption Stard (AES A Block Cipher is a function which aps nbit plaintext blocks to nbit cipher text blocks; n is called the blocklength A nbit Block Cipher is a tuple (P,C,K,E,D, where the following conditions are satisfied: P = Z n is a finite set of possible plaintext blocks over Z of length n C = Z n is a finite set of possible cipher text blocks over Z of length n K, the keyspace, is a finite set of possible keys For each k K, there is an encryption rule e k E a corresponding decryption rule d k D: e k : P x K C is an biective apping (the encryption function for k, d k : C x K P is the inverse apping (the decryption function with d k (e k (x = x for every plaintext x P Page 33 Page 34 Design Characteristics for Block Ciphers Definition of Encryption Function e k Choice of blocklength n n too long coplex algorith, perforance loss n too short weak encryption, easy to attack Modern variants use n = bit, 64 bit is seen as the right coproise Definition of encryption function e k Assue n = 64, = : apping of values would take about 70 bit For encryption decryption it is not possible to use a table using algoriths for replacing blocks Achieving different results by using a secret key k in the algorith syetric cryptography, secret key cryptography Good algoriths can be published, data are protected by hiding the key Choice of the key length of k Practical key length: bit k too short systeatic testing of all valid keys (Brute Force attack Against Brute Force attacks, a iniu of 70 bit are necessary Page 35 Encryption function Use a cobination of substitution perutation, called a round Nuber of rounds deterines the quality of the encryption Substitution Divide a nbit block in saller chunks with bit ( typically = 4 6 Replacing a bit block with another one by using a table Perutation Exchanging bits by using an invertible function (Perutation Cipher Result of one round Should look like a succession of ro nubers Each input bit should have the sae influence on an output bit Achieved by alternating application of substitution perutation Suitable choice n = ², ie each bit of one bit chunk of the input block Can be passed to a different bit chunk of the output block Reark: encryption decryption have the sae expense Page 36
10 One Round in an Encryption Function 64 bit input block 8 bit 8 bit 8 bit 8 bit 8 bit 8 bit 8 bit 8 bit k S S S 3 S 4 S 5 S 6 S 7 S 8 8 bit 8 bit 8 bit 8 bit 8 bit 8 bit 8 bit 8 bit 64 bit interediate block 64 bit output block Input block with 64 bit Divide input block into 8bit pieces (n = 8bit substitution functions s i derived fro the key k Join 8bit blocks into an interediate block Perutation of the 64 bits, possibly based on the key (best diffusion of single bits by apping the bits of an 8bit piece into different output pieces Page 37
Classical Cryptography
Classical Cryptography CSG 252 Fall 2006 Riccardo Pucella Goals of Cryptography Alice wants to send message X to Bob Oscar is on the wire, listening to communications Alice and Bob share a key K Alice
More informationIntroduction to Information Security
Introuction to Inforation Security Lecture : Classical Ciphers 007. 6. Prof. Byoungcheon Lee sultan (at) joongbu. ac. kr Inforation an Counications University Contents 1. History of cryptographic research.
More informationParallel stream cipher for secure high-speed communications
Signal Processing 82 (2002 259 265 www.elsevier.co/locate/sigpro Parallel strea cipher for secure high-speed counications Hoonjae Lee a;, Sangjae Moon b a Departent of Coputer Engineering, Kyungwoon University,
More informationCSCI3381-Cryptography
CSCI3381-Cryptography Lecture 2: Classical Cryptosystems September 3, 2014 This describes some cryptographic systems in use before the advent of computers. All of these methods are quite insecure, from
More informationPEA: Polymorphic Encryption Algorithm based on quantum computation. Nikos Komninos* and Georgios Mantas
Int. J. Systes, Control and Counications, Vol. 3, No., PEA: Polyorphic Encryption Algorith based on quantu coputation Nikos Koninos* and Georgios Mantas Algoriths and Security Group, Athens Inforation
More informations = (Y Q Y P)/(X Q - X P)
Elliptic Curves and their Applications in Cryptography Preeti Shara M.Tech Student Mody University of Science and Technology, Lakshangarh Abstract This paper gives an introduction to elliptic curves. The
More informationLecture 1: Perfect Secrecy and Statistical Authentication. 2 Introduction - Historical vs Modern Cryptography
CS 7880 Graduate Cryptography September 10, 2015 Lecture 1: Perfect Secrecy and Statistical Authentication Lecturer: Daniel Wichs Scribe: Matthew Dippel 1 Topic Covered Definition of perfect secrecy One-time
More informationCODING AND CRYPTOLOGY III CRYPTOLOGY EXERCISES. The questions with a * are extension questions, and will not be included in the assignment.
CODING AND CRYPTOLOGY III CRYPTOLOGY EXERCISES A selection of the following questions will be chosen by the lecturer to form the Cryptology Assignment. The Cryptology Assignment is due by 5pm Sunday 1
More informationQuantum public-key cryptosystems based on induced trapdoor one-way transformations
Quantu public-key cryptosystes based on induced trapdoor one-way transforations Li Yang a, Min Liang a, Bao Li a, Lei Hu a, Deng-Guo Feng b arxiv:1012.5249v2 [quant-ph] 12 Jul 2011 a State Key Laboratory
More informationDTTF/NB479: Dszquphsbqiz Day 26
DTTF/NB479: Dszquphsbqiz Day 26 Announceents:. HW6 due now 2. HW7 posted 3. Will pick pres dates Friday Questions? This week: Discrete Logs, Diffie-Hellan, ElGaal Hash Functions, SHA, Birthday attacks
More informationList Scheduling and LPT Oliver Braun (09/05/2017)
List Scheduling and LPT Oliver Braun (09/05/207) We investigate the classical scheduling proble P ax where a set of n independent jobs has to be processed on 2 parallel and identical processors (achines)
More informationThe Transactional Nature of Quantum Information
The Transactional Nature of Quantu Inforation Subhash Kak Departent of Coputer Science Oklahoa State University Stillwater, OK 7478 ABSTRACT Inforation, in its counications sense, is a transactional property.
More informationFinal Exam Math 105: Topics in Mathematics Cryptology, the Science of Secret Writing Rhodes College Tuesday, 30 April :30 11:00 a.m.
Final Exam Math 10: Topics in Mathematics Cryptology, the Science of Secret Writing Rhodes College Tuesday, 0 April 2002 :0 11:00 a.m. Instructions: Please be as neat as possible (use a pencil), and show
More informationFast Montgomery-like Square Root Computation over GF(2 m ) for All Trinomials
Fast Montgoery-like Square Root Coputation over GF( ) for All Trinoials Yin Li a, Yu Zhang a, a Departent of Coputer Science and Technology, Xinyang Noral University, Henan, P.R.China Abstract This letter
More informationCryptography. Lecture 2: Perfect Secrecy and its Limitations. Gil Segev
Cryptography Lecture 2: Perfect Secrecy and its Limitations Gil Segev Last Week Symmetric-key encryption (KeyGen, Enc, Dec) Historical ciphers that are completely broken The basic principles of modern
More informationTHE UNIVERSITY OF CALGARY FACULTY OF SCIENCE DEPARTMENT OF COMPUTER SCIENCE DEPARTMENT OF MATHEMATICS & STATISTICS MIDTERM EXAMINATION 1 FALL 2018
THE UNIVERSITY OF CALGARY FACULTY OF SCIENCE DEPARTMENT OF COMPUTER SCIENCE DEPARTMENT OF MATHEMATICS & STATISTICS MIDTERM EXAMINATION 1 FALL 2018 CPSC 418/MATH 318 L01 October 17, 2018 Time: 50 minutes
More information5. Classical Cryptographic Techniques from modular arithmetic perspective
. Classical Cryptographic Techniques from modular arithmetic perspective By classical cryptography we mean methods of encipherment that have been used from antiquity through the middle of the twentieth
More informationBirthday Paradox Calculations and Approximation
Birthday Paradox Calculations and Approxiation Joshua E. Hill InfoGard Laboratories -March- v. Birthday Proble In the birthday proble, we have a group of n randoly selected people. If we assue that birthdays
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 3 January 22, 2013 CPSC 467b, Lecture 3 1/35 Perfect secrecy Caesar cipher Loss of perfection Classical ciphers One-time pad Affine
More informationTopics. Probability Theory. Perfect Secrecy. Information Theory
Topics Probability Theory Perfect Secrecy Information Theory Some Terms (P,C,K,E,D) Computational Security Computational effort required to break cryptosystem Provable Security Relative to another, difficult
More informationShift Cipher. For 0 i 25, the ith plaintext character is. E.g. k = 3
Shift Cipher For 0 i 25, the ith plaintext character is shifted by some value 0 k 25 (mod 26). E.g. k = 3 a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y
More informationFeature Extraction Techniques
Feature Extraction Techniques Unsupervised Learning II Feature Extraction Unsupervised ethods can also be used to find features which can be useful for categorization. There are unsupervised ethods that
More informationLecture Notes. Advanced Discrete Structures COT S
Lecture Notes Advanced Discrete Structures COT 4115.001 S15 2015-01-27 Recap ADFGX Cipher Block Cipher Modes of Operation Hill Cipher Inverting a Matrix (mod n) Encryption: Hill Cipher Example Multiple
More informationClassical Cryptography
Outline [1] Introduction: Some Simple Cryptosystems The Shift Cipher The Substitution Cipher The Affine Cipher The Vigenère Cipher The Hill Cipher The Permutation Cipher [2] Cryptanalysis
More informationMulticollision Attacks on Some Generalized Sequential Hash Functions
Multicollision Attacks on Soe Generalized Sequential Hash Functions M. Nandi David R. Cheriton School of Coputer Science University of Waterloo Waterloo, Ontario N2L 3G1, Canada 2nandi@uwaterloo.ca D.
More informationCook-Levin Theorem. SAT is NP-complete
Cook-Levin Theorem SAT is NP-complete In other words SAT NP A NP A P SAT 1 Consider any A NP NTM N that decides A in polytime n k For any input w Σ * valid tableau of configurations 2 Properties of an
More informationThis model assumes that the probability of a gap has size i is proportional to 1/i. i.e., i log m e. j=1. E[gap size] = i P r(i) = N f t.
CS 493: Algoriths for Massive Data Sets Feb 2, 2002 Local Models, Bloo Filter Scribe: Qin Lv Local Models In global odels, every inverted file entry is copressed with the sae odel. This work wells when
More informationChapter 2 Classical Cryptosystems
Chapter 2 Classical Cryptosystems Note We will use the convention that plaintext will be lowercase and ciphertext will be in all capitals. 2.1 Shift Ciphers The idea of the Caesar cipher: To encrypt, shift
More informationIdentity-Based Key Aggregate Cryptosystem from Multilinear Maps
Identity-Based Key Aggregate Cryptosyste fro Multilinear Maps Sikhar Patranabis and Debdeep Mukhopadhyay Departent of Coputer Science and Engineering Indian Institute of Technology Kharagpur {sikhar.patranabis,
More informationVulnerability of MRD-Code-Based Universal Secure Error-Correcting Network Codes under Time-Varying Jamming Links
Vulnerability of MRD-Code-Based Universal Secure Error-Correcting Network Codes under Tie-Varying Jaing Links Jun Kurihara KDDI R&D Laboratories, Inc 2 5 Ohara, Fujiino, Saitaa, 356 8502 Japan Eail: kurihara@kddilabsjp
More informationIntroduction to Cryptography
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Introduction to Cryptography EECE 412 1 Module Outline Historical background Classic ciphers One-time pad The Random Oracle model Random functions:
More informationCryptography - Session 2
Cryptography - Session 2 O. Geil, Aalborg University November 18, 2010 Random variables Discrete random variable X: 1. Probability distribution on finite set X. 2. For x X write Pr(x) = Pr(X = x). X and
More informationAn Attack Bound for Small Multiplicative Inverse of ϕ(n) mod e with a Composed Prime Sum p + q Using Sublattice Based Techniques
Article An Attack Bound for Sall Multiplicative Inverse of ϕn) od e with a Coposed Prie Su p + q Using Sublattice Based Techniques Pratha Anuradha Kaeswari * and Labadi Jyotsna Departent of Matheatics,
More informationCRYPTOGRAPHY AND NUMBER THEORY
CRYPTOGRAPHY AND NUMBER THEORY XINYU SHI Abstract. In this paper, we will discuss a few examples of cryptographic systems, categorized into two different types: symmetric and asymmetric cryptography. We
More informationPolygonal Designs: Existence and Construction
Polygonal Designs: Existence and Construction John Hegean Departent of Matheatics, Stanford University, Stanford, CA 9405 Jeff Langford Departent of Matheatics, Drake University, Des Moines, IA 5011 G
More informationCPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems
CPE 776:DATA SECURITY & CRYPTOGRAPHY Some Number Theory and Classical Crypto Systems Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Some Number Theory
More informationCryptography CS 555. Topic 2: Evolution of Classical Cryptography CS555. Topic 2 1
Cryptography CS 555 Topic 2: Evolution of Classical Cryptography Topic 2 1 Lecture Outline Basics of probability Vigenere cipher. Attacks on Vigenere: Kasisky Test and Index of Coincidence Cipher machines:
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 08 Shannon s Theory (Contd.)
More informationWinter 2008 Introduction to Modern Cryptography Benny Chor and Rani Hod. Assignment #2
0368.3049.01 Winter 2008 Introduction to Modern Cryptography Benny Chor and Rani Hod Assignment #2 Published Sunday, February 17, 2008 and very slightly revised Feb. 18. Due Tues., March 4, in Rani Hod
More informationClassical Cryptography
JASS 05 Seminar: Algorithms for IT Security Classical Cryptography Ilya Saverchenko June 6, 2005 Abstract Cryptography is a study of secret writing. It allows two people, usually referred to as Alice and
More information... Assignment 3 - Cryptography. Information & Communication Security (WS 2018/19) Abtin Shahkarami, M.Sc.
Assignment 3 - Cryptography Information & Communication Security (WS 2018/19) Abtin Shahkarami, M.Sc. Deutsche Telekom Chair of Mobile Business & Multilateral Security Goethe-University Frankfurt a. M.
More informationCryptography. P. Danziger. Transmit...Bob...
10.4 Cryptography P. Danziger 1 Cipher Schemes A cryptographic scheme is an example of a code. The special requirement is that the encoded message be difficult to retrieve without some special piece of
More informationChapter 2. A Look Back. 2.1 Substitution ciphers
Chapter 2 A Look Back In this chapter we take a quick look at some classical encryption techniques, illustrating their weakness and using these examples to initiate questions about how to define privacy.
More informationTopic 5a Introduction to Curve Fitting & Linear Regression
/7/08 Course Instructor Dr. Rayond C. Rup Oice: A 337 Phone: (95) 747 6958 E ail: rcrup@utep.edu opic 5a Introduction to Curve Fitting & Linear Regression EE 4386/530 Coputational ethods in EE Outline
More informationChapter 6 1-D Continuous Groups
Chapter 6 1-D Continuous Groups Continuous groups consist of group eleents labelled by one or ore continuous variables, say a 1, a 2,, a r, where each variable has a well- defined range. This chapter explores:
More informationLow complexity bit parallel multiplier for GF(2 m ) generated by equally-spaced trinomials
Inforation Processing Letters 107 008 11 15 www.elsevier.co/locate/ipl Low coplexity bit parallel ultiplier for GF generated by equally-spaced trinoials Haibin Shen a,, Yier Jin a,b a Institute of VLSI
More informationFinite fields. and we ve used it in various examples and homework problems. In these notes I will introduce more finite fields
Finite fields I talked in class about the field with two eleents F 2 = {, } and we ve used it in various eaples and hoework probles. In these notes I will introduce ore finite fields F p = {,,...,p } for
More informationOutline. Computer Science 418. Number of Keys in the Sum. More on Perfect Secrecy, One-Time Pad, Entropy. Mike Jacobson. Week 3
Outline Computer Science 48 More on Perfect Secrecy, One-Time Pad, Mike Jacobson Department of Computer Science University of Calgary Week 3 2 3 Mike Jacobson (University of Calgary) Computer Science 48
More informationUniform Approximation and Bernstein Polynomials with Coefficients in the Unit Interval
Unifor Approxiation and Bernstein Polynoials with Coefficients in the Unit Interval Weiang Qian and Marc D. Riedel Electrical and Coputer Engineering, University of Minnesota 200 Union St. S.E. Minneapolis,
More informationCombining Classifiers
Cobining Classifiers Generic ethods of generating and cobining ultiple classifiers Bagging Boosting References: Duda, Hart & Stork, pg 475-480. Hastie, Tibsharini, Friedan, pg 246-256 and Chapter 10. http://www.boosting.org/
More informationData and information security: 2. Classical cryptography
ICS 423: s Data and information security: 2. Classical cryptography UHM ICS 423 Fall 2014 Outline ICS 423: s s and crypto systems ciphers ciphers Breaking ciphers What did we learn? Outline ICS 423: s
More informationElliptic Curve Scalar Point Multiplication Algorithm Using Radix-4 Booth s Algorithm
Elliptic Curve Scalar Multiplication Algorith Using Radix-4 Booth s Algorith Elliptic Curve Scalar Multiplication Algorith Using Radix-4 Booth s Algorith Sangook Moon, Non-eber ABSTRACT The ain back-bone
More informationNumber theory (Chapter 4)
EECS 203 Spring 2016 Lecture 12 Page 1 of 8 Number theory (Chapter 4) Review Compute 6 11 mod 13 in an efficient way What is the prime factorization of 100? 138? What is gcd(100, 138)? What is lcm(100,138)?
More informationIntelligent Systems: Reasoning and Recognition. Perceptrons and Support Vector Machines
Intelligent Systes: Reasoning and Recognition Jaes L. Crowley osig 1 Winter Seester 2018 Lesson 6 27 February 2018 Outline Perceptrons and Support Vector achines Notation...2 Linear odels...3 Lines, Planes
More informationDivisibility of Polynomials over Finite Fields and Combinatorial Applications
Designs, Codes and Cryptography anuscript No. (will be inserted by the editor) Divisibility of Polynoials over Finite Fields and Cobinatorial Applications Daniel Panario Olga Sosnovski Brett Stevens Qiang
More informationA block cipher enciphers each block with the same key.
Ciphers are classified as block or stream ciphers. All ciphers split long messages into blocks and encipher each block separately. Block sizes range from one bit to thousands of bits per block. A block
More informationSolutions to the Midterm Test (March 5, 2011)
MATC16 Cryptography and Coding Theory Gábor Pete University of Toronto Scarborough Solutions to the Midterm Test (March 5, 2011) YOUR NAME: DO NOT OPEN THIS BOOKLET UNTIL INSTRUCTED TO DO SO. INSTRUCTIONS:
More informationThe simplest method for constructing APN polynomials EA-inequivalent to power functions
The siplest ethod for constructing APN polynoials EA-inequivalent to power functions Lilya Budaghyan Abstract The first APN polynoials EA-inequivalent to power functions have been constructed in [7, 8]
More informationSTREAM CIPHER. Chapter - 3
STREAM CIPHER Chapter - 3 S t r e a m C i p h e r P a g e 38 S t r e a m C i p h e r P a g e 39 STREAM CIPHERS Stream cipher is a class of symmetric key algorithm that operates on individual bits or bytes.
More informationLecture 8 - Cryptography and Information Theory
Lecture 8 - Cryptography and Information Theory Jan Bouda FI MU April 22, 2010 Jan Bouda (FI MU) Lecture 8 - Cryptography and Information Theory April 22, 2010 1 / 25 Part I Cryptosystem Jan Bouda (FI
More information1 Generalization bounds based on Rademacher complexity
COS 5: Theoretical Machine Learning Lecturer: Rob Schapire Lecture #0 Scribe: Suqi Liu March 07, 08 Last tie we started proving this very general result about how quickly the epirical average converges
More informationMATH3302 Cryptography Problem Set 2
MATH3302 Cryptography Problem Set 2 These questions are based on the material in Section 4: Shannon s Theory, Section 5: Modern Cryptography, Section 6: The Data Encryption Standard, Section 7: International
More informationSupport Vector Machine Classification of Uncertain and Imbalanced data using Robust Optimization
Recent Researches in Coputer Science Support Vector Machine Classification of Uncertain and Ibalanced data using Robust Optiization RAGHAV PAT, THEODORE B. TRAFALIS, KASH BARKER School of Industrial Engineering
More informationOptimal Jamming Over Additive Noise: Vector Source-Channel Case
Fifty-first Annual Allerton Conference Allerton House, UIUC, Illinois, USA October 2-3, 2013 Optial Jaing Over Additive Noise: Vector Source-Channel Case Erah Akyol and Kenneth Rose Abstract This paper
More informationWeek 7 An Application to Cryptography
SECTION 9. EULER S GENERALIZATION OF FERMAT S THEOREM 55 Week 7 An Application to Cryptography Cryptography the study of the design and analysis of mathematical techniques that ensure secure communications
More informationA Link Between Integrals and Higher-Order Integrals of SPN Ciphers
Link Between Integrals and Higher-Order Integrals of SPN Ciphers Ruilin Li, Bing Sun, and Chao Li Integral cryptanalysis, which is based on the existence of (higher-order) integral distinguishers, is a
More informationIntroduction to Cryptology. Lecture 2
Introduction to Cryptology Lecture 2 Announcements 2 nd vs. 1 st edition of textbook HW1 due Tuesday 2/9 Readings/quizzes (on Canvas) due Friday 2/12 Agenda Last time Historical ciphers and their cryptanalysis
More informationReal scripts backgrounder 3 - Polyalphabetic encipherment - XOR as a cipher - RSA algorithm. David Morgan
Real scripts backgrounder 3 - Polyalphabetic encipherment - XOR as a cipher - RSA algorithm David Morgan XOR as a cipher Bit element encipherment elements are 0 and 1 use modulo-2 arithmetic Example: 1
More informationNetwork Security Based on Quantum Cryptography Multi-qubit Hadamard Matrices
Global Journal of Computer Science and Technology Volume 11 Issue 12 Version 1.0 July Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals Inc. (USA) Online ISSN:
More informationmonoalphabetic cryptanalysis Character Frequencies (English) Security in Computing Common English Digrams and Trigrams Chapter 2
Common English Digrams and Trigrams Digrams EN RE ER NT TH ON IN TF AN OR Trigrams ENT ION AND ING IVE TIO FOR OUR THI ONE monoalphabetic cryptanalysis See class example Pfleeger, Security in Computing,
More informationCS 282A/MATH 209A: Foundations of Cryptography Prof. Rafail Ostrosky. Lecture 4
CS 282A/MATH 209A: Foundations of Cryptography Prof. Rafail Ostrosky Lecture 4 Lecture date: January 26, 2005 Scribe: Paul Ray, Mike Welch, Fernando Pereira 1 Private Key Encryption Consider a game between
More informationLecture 1: Introduction to Public key cryptography
Lecture 1: Introduction to Public key cryptography Thomas Johansson T. Johansson (Lund University) 1 / 44 Key distribution Symmetric key cryptography: Alice and Bob share a common secret key. Some means
More informationCh 12: Variations on Backpropagation
Ch 2: Variations on Backpropagation The basic backpropagation algorith is too slow for ost practical applications. It ay take days or weeks of coputer tie. We deonstrate why the backpropagation algorith
More informationPrivate-key Systems. Block ciphers. Stream ciphers
Chapter 2 Stream Ciphers Further Reading: [Sim92, Chapter 2] 21 Introduction Remember classication: Private-key Systems Block ciphers Stream ciphers Figure 21: Private-key cipher classication Block Cipher:
More informationPublic Key Cryptography
Public Key Cryptography Introduction Public Key Cryptography Unlike symmetric key, there is no need for Alice and Bob to share a common secret Alice can convey her public key to Bob in a public communication:
More informationPublic Key Cryptography
Public Key Cryptography Spotlight on Science J. Robert Buchanan Department of Mathematics 2011 What is Cryptography? cryptography: study of methods for sending messages in a form that only be understood
More informationChapter 2 : Perfectly-Secret Encryption
COMP547 Claude Crépeau INTRODUCTION TO MODERN CRYPTOGRAPHY _ Second Edition _ Jonathan Katz Yehuda Lindell Chapter 2 : Perfectly-Secret Encryption 1 2.1 Definitions and Basic Properties We refer to probability
More informationRevisiting the security model for aggregate signature schemes
Revisiting the security odel for aggregate signature schees by Marie-Sarah Lacharité A thesis presented to the University of Waterloo in fulfillent of the thesis requireent for the degree of Master of
More informationLinear recurrences and asymptotic behavior of exponential sums of symmetric boolean functions
Linear recurrences and asyptotic behavior of exponential sus of syetric boolean functions Francis N. Castro Departent of Matheatics University of Puerto Rico, San Juan, PR 00931 francis.castro@upr.edu
More informationa a a a a a a m a b a b
Algebra / Trig Final Exa Study Guide (Fall Seester) Moncada/Dunphy Inforation About the Final Exa The final exa is cuulative, covering Appendix A (A.1-A.5) and Chapter 1. All probles will be ultiple choice
More informationA Self-Organizing Model for Logical Regression Jerry Farlow 1 University of Maine. (1900 words)
1 A Self-Organizing Model for Logical Regression Jerry Farlow 1 University of Maine (1900 words) Contact: Jerry Farlow Dept of Matheatics Univeristy of Maine Orono, ME 04469 Tel (07) 866-3540 Eail: farlow@ath.uaine.edu
More informationMULTIPLAYER ROCK-PAPER-SCISSORS
MULTIPLAYER ROCK-PAPER-SCISSORS CHARLOTTE ATEN Contents 1. Introduction 1 2. RPS Magas 3 3. Ites as a Function of Players and Vice Versa 5 4. Algebraic Properties of RPS Magas 6 References 6 1. Introduction
More informationRSA ENCRYPTION USING THREE MERSENNE PRIMES
Int. J. Chem. Sci.: 14(4), 2016, 2273-2278 ISSN 0972-768X www.sadgurupublications.com RSA ENCRYPTION USING THREE MERSENNE PRIMES Ch. J. L. PADMAJA a*, V. S. BHAGAVAN a and B. SRINIVAS b a Department of
More informationHistorical cryptography. cryptography encryption main applications: military and diplomacy
Historical cryptography cryptography encryption main applications: military and diplomacy ancient times world war II Historical cryptography All historical cryptosystems badly broken! No clear understanding
More informationSolutions for week 1, Cryptography Course - TDA 352/DIT 250
Solutions for week, Cryptography Course - TDA 352/DIT 250 In this weekly exercise sheet: you will use some historical ciphers, the OTP, the definition of semantic security and some combinatorial problems.
More informationEquational Security of a Lattice-based Oblivious Transfer Protocol
Journal of Network Intelligence c 2016 ISSN 2414-8105 (Online) Taiwan Ubiquitous Inforation Volue 2, Nuber 3, August 2017 Equational Security of a Lattice-based Oblivious Transfer Protocol Mo-Meng Liu
More informationOn the Communication Complexity of Lipschitzian Optimization for the Coordinated Model of Computation
journal of coplexity 6, 459473 (2000) doi:0.006jco.2000.0544, available online at http:www.idealibrary.co on On the Counication Coplexity of Lipschitzian Optiization for the Coordinated Model of Coputation
More informationProblem 1. k zero bits. n bits. Block Cipher. Block Cipher. Block Cipher. Block Cipher. removed
Problem 1 n bits k zero bits IV Block Block Block Block removed January 27, 2011 Practical Aspects of Modern Cryptography 2 Problem 1 IV Inverse Inverse Inverse Inverse Missing bits January 27, 2011 Practical
More informationLow-complexity, Low-memory EMS algorithm for non-binary LDPC codes
Low-coplexity, Low-eory EMS algorith for non-binary LDPC codes Adrian Voicila,David Declercq, François Verdier ETIS ENSEA/CP/CNRS MR-85 954 Cergy-Pontoise, (France) Marc Fossorier Dept. Electrical Engineering
More informationASSUME a source over an alphabet size m, from which a sequence of n independent samples are drawn. The classical
IEEE TRANSACTIONS ON INFORMATION THEORY Large Alphabet Source Coding using Independent Coponent Analysis Aichai Painsky, Meber, IEEE, Saharon Rosset and Meir Feder, Fellow, IEEE arxiv:67.7v [cs.it] Jul
More informationCandidates must show on each answer book the type of calculator used. Only calculators permitted under UEA Regulations may be used.
UNIVERSITY OF EAST ANGLIA School of Mathematics May/June UG Examination 2010 2011 CRYPTOGRAPHY Time allowed: 2 hours Attempt THREE questions. Candidates must show on each answer book the type of calculator
More informationMeasuring orbital angular momentum superpositions of light by mode transformation
CHAPTER 7 Measuring orbital angular oentu superpositions of light by ode transforation In chapter 6 we reported on a ethod for easuring orbital angular oentu (OAM) states of light based on the transforation
More informationOn Concurrent Detection of Errors in Polynomial Basis Multiplication
1 On Concurrent Detection of Errors in Polynoial Basis Multiplication Siavash Bayat-Saradi and M. Anwar Hasan Abstract The detection of errors in arithetic operations is an iportant issue. This paper discusses
More informationJay Daigle Occidental College Math 401: Cryptology
3 Block Ciphers Every encryption method we ve studied so far has been a substitution cipher: that is, each letter is replaced by exactly one other letter. In fact, we ve studied stream ciphers, which produce
More informationSecurity Implications of Quantum Technologies
Security Implications of Quantum Technologies Jim Alves-Foss Center for Secure and Dependable Software Department of Computer Science University of Idaho Moscow, ID 83844-1010 email: jimaf@cs.uidaho.edu
More informationLecture (04) Classical Encryption Techniques (III)
Lecture (04) Classical Encryption Techniques (III) Dr. Ahmed M. ElShafee ١ Playfair Cipher one approach to improve security was to encrypt multiple letters the Playfair Cipher is an example invented by
More informationone approach to improve security was to encrypt multiple letters invented by Charles Wheatstone in 1854, but named after his
Lecture (04) Classical Encryption Techniques (III) Dr. Ahmed M. ElShafee ١ The rules for filling in this 5x5 matrix are: L to R, top to bottom, first with keyword after duplicate letters have been removed,
More informationA Model for the Selection of Internet Service Providers
ISSN 0146-4116, Autoatic Control and Coputer Sciences, 2008, Vol. 42, No. 5, pp. 249 254. Allerton Press, Inc., 2008. Original Russian Text I.M. Aliev, 2008, published in Avtoatika i Vychislitel naya Tekhnika,
More informationU.C. Berkeley CS276: Cryptography Luca Trevisan February 5, Notes for Lecture 6
U.C. Berkeley CS276: Cryptography Handout N6 Luca Trevisan February 5, 2009 Notes for Lecture 6 Scribed by Ian Haken, posted February 8, 2009 Summary The encryption scheme we saw last time, based on pseudorandom
More informationThe Vigenère cipher is a stronger version of the Caesar cipher The encryption key is a word/sentence/random text ( and )
A Better Cipher The Vigenère cipher is a stronger version of the Caesar cipher The encryption key is a word/sentence/random text ( and ) To the first letter, add 1 To the second letter, add 14 To the third
More information