Professional Documents
Culture Documents
Overview of Cryptography
Jeong H. Yi jhyi@ics.uci.edu
Random sequences
Symmetric-key ciphers
Arbitrary length hash functions(MACs)
Security Primitives
Symmetric-key Primitives
Public-key Primitives
Background on Functions
Function
Im(f), image of f
the set that all y Y have at least one preimage
1 1 function if
onto function if
Im(f) =Y
f is 11 and onto.
bijection function if
f(x) is easy to compute for all x X, but it is computationally infeasible to find any x X such that f(x) =y.
given trapdoor information, it becomes feasible to find an x X such that f(x) =y.
Symmetric-key ciphers
Block cipher
breaks up the plaintext into blocks of a fixed length, and then encrypts one block at a time.
Stream cipher
takes the plaintext string and produces a ciphertext string using keystream specific case of block cipher with the size of 1
Digital signatures
Nomenclature
M: messages S: signatures SA: signing transformation for A VA: verification transformation for A
Definition
Authentication
Entity authentication (Identification)
corroboration of the identity of an entity (e.g., a person, a computer terminal, a credit card, etc.).
Symmetric-key cryptography
Advantages
high data throughput relatively short size primitives to construct various cryptographic mechanisms
Disadvantages
the key must remain secret at both ends. O(n2) keys to be managed. relatively short lifetime of the key
Public-key cryptography
Advantages
Only the private key must be kept secret relatively long life time of the key relatively efficient digital signature mechanisms smaller verification key O(n) keys to be managed
Disadvantages
Summary of comparison
public-key cryptography
symmetric-key cryptography
Key sizes
Private keys must be larger (e.g., 1024 bits for RSA) than secret keys (e.g., 64 or 128 bits)
most attack on symmetric-key systems is an exhaustive key search
distributed algorithm defined by a sequence of steps precisely specifying the actions required of two or more entities
Cryptographic mechanism
process to establish a shared secret key available to two or more parties subdivided into key agreement and key transport.
Key management
the set of processes and mechanisms which support key establishment and the maintenance of ongoing keying relationships between parties
easy to add and remove entities needs to store only one long-term secret key.
Disadvantages
initial interaction with the TTP. n long-term secret keys maintained by TTP TTP can read all messages. If TTP is compromised, all communications are insecure
Disadvantages
Active adversary can compromise the key management scheme (e.g. man-in-the-middle attack)
Need TTP (e.g., CA) to certify the public key of each entity.
Public-key certification
Advantages
Disadvantages
If the signing key of the TTP is compromised, all communications become insecure.
deduce the decryption key or plaintext by only observing ciphertext. using a quantity of plaintext and corresponding ciphertext. chooses plaintext and is then given corresponding ciphertext.
Known-plaintext attack
Chosen-plaintext attack
chosen-plaintext attack where the choice of plaintext may depend on the ciphertext received from previous requests.
selects the ciphertext and is then given the corresponding plaintext. chosen-ciphertext attack where the choice of ciphertext may depend on the plaintext received from previous requests.
Chosen-ciphertext attack
Attacks on protocols
known-key attack
uses previously used keys to determine new keys records a communication session and replays that session deceives the identity of one of the legitimate parties using code book if message space is small or predictable impersonation or other deception involving selective combination of information from parallel sessions
replay attack
impersonation attack
dictionary attack
interleaving attack
Adversaries have unlimited computational resources Observation of the ciphertext provides no information to an adversary
Complexity-theoretic security
Adversaries have polynomial computational power. Asymptotic analysis and usually also worst-case analysis is used
Provable security
provably secure if the difficulty of defeating crypto system can be shown to be as difficult as solving a well-known number-theoretic problem
computationally secure if the level of computation to defeat crypto system exceeds the computational resources of the adversary Most of the known public-key and symmetric-key schemes