Professional Documents
Culture Documents
OUTLINE
Cryptography
Virus detection
Exploiting the difference between the worst case and
the average case
INTRODUCTION
Cryptography is the science of writing in secret
code and is an ancient art.
Modern
techniques for encoding sensitive
financial information have enabled the explosion
of electronic commerce.
Before computers, any useful cryptographic
scheme was necessarily computationally trivial.
It had to be because both senders and receivers
implemented their algorithms by hand.
With the advent of computers, things changed.
INTRODUCTION
In all the simplest cryptographic systems, the
algorithms that will be used for both encryption and
decryption are fixed and known to everyone.
But those algorithms take two inputs, the text to be
encoded or decoded and a key.
In a symmetric key system, sender and receiver use
the same key.
No message can be sent unless there has been some
prior agreement on a key.
Even if there has been such an agreement, if the
same key is used over an extended period of time, an
eavesdropper may be able to infer the key and break
the code.
RSA ALGORITHM
RSA algorithm[ Rivest , Shamir and Adleman] in
1978.
We assume that Bob and Alice wish to exchange
secure messages and that Eve is attempting to
eavesdrop.
Well call the original(unencrypted text) as
plaintext and the encrypted text as ciphertext.
The most general way to describe RSA is as
follows
RSA ALGORITHM
2.
3.
4.
RSA ALGORITHM
If there exist efficient algorithm for performing
all four of the steps, then Bob and Alice will be
able to exchange messages.
We assume that Eve knows the algorithm encrypt
and decrypt . So she could easily eavesdrop if she
could infer Bobs private key from his public one
or if she could compute decrypt without knowing
Bobs private key.
RSA ALGORITHM
Alice uses the RSA algorithm to send a message to
Bob as follows.
1. Bob constructs his public and private keys.
1.
2.
3.
2.
RSA ALGORITHM
3.
4.
RSA ALGORITHM
2.
RSA IS EFFECTIVE
The function encrypt and decrypt are inverse of
each other and it is proved using eulers
generalization of Fermats Little theorem.
Bob can choose primes efficiently using the
following algorithm.
RSA IS EFFECTIVE
Bob can check gcd efficiently using eulers theorem,
so he can compute e.
Bob can compute d efficiently, using an extension of
euclids algorithm that exploits the quotients that
it produces at each step.
Alice can implement encrypt efficiently. It is not
necessary to compute plaintext and then take its
remainder mod n.
Similarly Bob can implement decrypt efficiently.
Eve cant recreate plaintext because
She cant simply invert encrypt and she cant try every
candidate plaintext and see is she gets one that produces
ciphertext.
VIRUS DETECTION
Given a known computer virus V, consider the
problem of detecting an infection by V.
The most straightforward approach to solving
this problem is just to scan incoming messages by
<V>.
But virus can easily evade this technique by
altering their text in ways that have no effect on
computation that V performs.
For example, source code could be modified to add
blanks in meaningless places or to add leading
0s to numbers.
VIRUS DETECTION
Executable code could be modified by adding
jump instructions to the next instruction.
So the practical virus detection problem can be
stated as Given a known virus V and an input
message M, does M contain the text of a
program that computes the same thing V
computes?
We know the equivalence question is undecidable
for turing machines, using that the equivalence
question for arbitrary programs is also
undecidable.
VIRUS DETECTION
So, we cant solve the virus problem by making a
list of known viruses and comparing new code to
them.
Suppose that, instead of making a list of forbidden
operations, we allowed users to define a white list
of the operations that are to be allowed to be run on
their machines.
Then the job of a virus filter is to compare incoming
code to the operations on the white list.
Any code that is equivalent to some allowed
operation can be declared safe. But now we have
EXACTLY THE SAME PROBLEM. No test for
equivalence exists.
HACKERS
Hackers can exploit these facts
One way to launch a denial of service attack against a
target site S is tend to S a series of messages/requests
that has been crafted so that S will exhibit its worst
case performance. If S was designed so that it could
adequately respond to its traffic in the average case, it
will no longer be able to do so.
One way to get a peek inside a site S and observe
properties that were not intended to be observable is
to time it. For example, it is sometimes possible to
observe the time required by S to perform decryption
or password checking and so to infer its private key or
a stored password
REFERENCES
Automata, Computability, and Complexity|
Theory and Applications [book] by Elaine Rich.
http://www.cs.utexas.edu/~ear/cs341/automataboo
k/appcsecurity_link.html?http://www.cs.rice.edu
/~scrosby/hash