Introduction to Cryptography Jiyou Li lijiyou at sjtu.edu.cn Department of Mathematics, Shanghai Jiao Tong University Sep. 17th, 2013
Introduction to Cryptography
Jiyou Lilijiyou at sjtu.edu.cn
Department of Mathematics, Shanghai Jiao Tong University
Sep. 17th, 2013
Cryptography
Cryptography: the art and science of keeping messagesecure.
Confidentiality;Authentication;Integrity;Nonrepudiation; Electronic payment; Anonymity; Electronicvotes; Zero-knowledge...
Cryptography
Cryptography: the art and science of keeping messagesecure.Confidentiality;
Authentication;Integrity;Nonrepudiation; Electronic payment; Anonymity; Electronicvotes; Zero-knowledge...
Cryptography
Cryptography: the art and science of keeping messagesecure.Confidentiality;Authentication;
Integrity;Nonrepudiation; Electronic payment; Anonymity; Electronicvotes; Zero-knowledge...
Cryptography
Cryptography: the art and science of keeping messagesecure.Confidentiality;Authentication;Integrity;
Nonrepudiation; Electronic payment; Anonymity; Electronicvotes; Zero-knowledge...
Cryptography
Cryptography: the art and science of keeping messagesecure.Confidentiality;Authentication;Integrity;Nonrepudiation; Electronic payment; Anonymity; Electronicvotes; Zero-knowledge...
The Origins of Cryptography
Diplomacy: Zimmerman telegram;
War: Enigma machine, Purple;Individual or corporate privacy;Electronic Commerce...
The Origins of Cryptography
Diplomacy: Zimmerman telegram;War: Enigma machine, Purple;
Individual or corporate privacy;Electronic Commerce...
The Origins of Cryptography
Diplomacy: Zimmerman telegram;War: Enigma machine, Purple;Individual or corporate privacy;
Electronic Commerce...
The Origins of Cryptography
Diplomacy: Zimmerman telegram;War: Enigma machine, Purple;Individual or corporate privacy;Electronic Commerce...
Enigma
Cryptanalysis
Cryptanalysis: the art and science of breaking cipher systems,recovering the plaintext of a message without access to the key.Attack: a attempted cryptanalysis is called an attack.
The n2 Problem;The Kerckhoffs Principle;The Moore Law;The Murphy Law.
Cryptanalysis
Cryptanalysis: the art and science of breaking cipher systems,recovering the plaintext of a message without access to the key.Attack: a attempted cryptanalysis is called an attack.
The n2 Problem;
The Kerckhoffs Principle;The Moore Law;The Murphy Law.
Cryptanalysis
Cryptanalysis: the art and science of breaking cipher systems,recovering the plaintext of a message without access to the key.Attack: a attempted cryptanalysis is called an attack.
The n2 Problem;The Kerckhoffs Principle;
The Moore Law;The Murphy Law.
Cryptanalysis
Cryptanalysis: the art and science of breaking cipher systems,recovering the plaintext of a message without access to the key.Attack: a attempted cryptanalysis is called an attack.
The n2 Problem;The Kerckhoffs Principle;The Moore Law;
The Murphy Law.
Cryptanalysis
Cryptanalysis: the art and science of breaking cipher systems,recovering the plaintext of a message without access to the key.Attack: a attempted cryptanalysis is called an attack.
The n2 Problem;The Kerckhoffs Principle;The Moore Law;The Murphy Law.
Cryptanalytic Attacks
Ciphertext-only attack;
Known plaintext attack ;Chosen plaintext attack;Chosen ciphertext attack.
Cryptanalytic Attacks
Ciphertext-only attack;Known plaintext attack ;
Chosen plaintext attack;Chosen ciphertext attack.
Cryptanalytic Attacks
Ciphertext-only attack;Known plaintext attack ;Chosen plaintext attack;
Chosen ciphertext attack.
Cryptanalytic Attacks
Ciphertext-only attack;Known plaintext attack ;Chosen plaintext attack;Chosen ciphertext attack.
Some Cryptographic Protocols
Bits Commitment;
Key Exchange;Secret Sharing Scheme;Digital Signatures;Cloud Computing Security...
Some Cryptographic Protocols
Bits Commitment;Key Exchange;
Secret Sharing Scheme;Digital Signatures;Cloud Computing Security...
Some Cryptographic Protocols
Bits Commitment;Key Exchange;Secret Sharing Scheme;
Digital Signatures;Cloud Computing Security...
Some Cryptographic Protocols
Bits Commitment;Key Exchange;Secret Sharing Scheme;Digital Signatures;
Cloud Computing Security...
Some Cryptographic Protocols
Bits Commitment;Key Exchange;Secret Sharing Scheme;Digital Signatures;Cloud Computing Security...
A Cryprtographic Communication Model
Encryption: A key
Ciphertext
Plaintext
Channel Ciphertext
Decryption: A key
Plaintext
&%'$Eve!
��
��
BB
BB
The History of Cryptography
1. B.C.?-1949: Classical Cryptography (Substitutions andpermutations);2. 1949-1976: Symmetric Cryptography (Block Dipher andStream Cipher, based on Shannon’s Theorem);3. 1976-present: Modern Cryptography (Public-Key andasymmetric...).
Caesar Cipher
ABCDEFGHIJKLMNOPQRSTUVWXYZKey = 3DEFGHIJKLMNOPQRSTUVWXYZABCPlaintext: JIAOTONGUNIVERSITYEncryption: Shift by KEY = 3Ciphertext: MLDRWRQJXQLYHUVLWBDecryption: Shift backwards by KEY = 3
Vigenere Cipher
Plaintext: thi sis adu mmy mes sag eKey: ABC ABC ABC ABC ABC ABC ACiphertext: TIK SJU AEW MNA MFU SBI EDecryption: "Subtract0the key ABC from ciphertext mod 26.
Vernam Ciphers
Plaintext: MATHISUSEFULANDFUNKey: NGUJKAMOCTLNYBCIAZEncryption: /Add0key to message mod 26Ciphertext: BGO,..Decryption: /Subtract0key from ciphertext mod 26.
Permutation Cipher
Example: Plaintext: JIAOTO NGUNIV ERSITYEncryption: Group action by KEY =(135246)Ciphertext: OTJIAO VINGUN YTERSIDecryption: Inverse action by KEY =(164253)
Hebern machine
Enigma: invented by Arthur Scherbius
Rotors
Reflector
Plugboard
Electrical pathway
Electrical pathway
Mathematics in Enigma
E(xi) = P ◦ Ri1 ◦ Mi2 ◦ Li3 ◦ U ◦ L−1i3
◦ M−1i2
◦ R−1i1
◦ P−1(xi),
where P, R, M, L, U ∈ S26, Ri1 = ρ−i ◦ R ◦ ρi and U is aconvolution.
Bomber
A Cipher
1. A plaintext space M, a ciphertext space C and a key space K;2. A key generation algorithm;3. An encryption algorithm E;4. A decryption algorithm D.
Do we have unconditionally secure encryption?
TheoremPerfect secrecy is equivalent to H(M|C) = H(M) and to thestatistic independence between M and C.
Theorem (Shannon, 1949)Perfect secrecy implies H(K ) ≥ H(M).
One-Time Pads: Vernam Ciphers
Plaintext: MATHISUSEFULANDFUNKey: NGUJKAMOCTLNYBCIAZEncryption: /Add0key to message mod 26Ciphertext: BGO,..Decryption: /Subtract0key from ciphertext mod 26.
One-Time Pads
One-Time Pads is unconditionally secure;
Problem: Exchanging the key;There are some clever ways to exchange the key; we willstudy some of them!
One-Time Pads
One-Time Pads is unconditionally secure;Problem: Exchanging the key;
There are some clever ways to exchange the key; we willstudy some of them!
One-Time Pads
One-Time Pads is unconditionally secure;Problem: Exchanging the key;There are some clever ways to exchange the key; we willstudy some of them!
Stream Ciphers
1. Making OTP practical;2. Idea: replace "random" key by "pseudorandom" key;3. The security depend on specific pseudorandom generators.
Public-Key Cryptography (1976-)
Discovered by Diffie & Hellman (1976) and now known atGCHQ years before;Uses one-way (asymmetric) functions, public keys, and privatekeys;Mainly based on two hard problems: Factoring large integersand the discrete logarithm problem.
Coding Theory and Cryptography
Cryptography needs reliability�
Mathematics in Cryptography
Linear AlgebraAbstract AlgebraNumber TheoryAlgebraic GeometryProbabilityStatisticsCombinatoricsComputing...
References
1. A classical introduction to modern cryptography, S.Vaudenay, Springer, 2005.2. �èÆ�Ú,¾�I��½�Í,�ÆÑ��, 1999.
Exercises
4. Suppose the one time pad encryption of the message"attackatdawn" is "wxtygcjmxenf". What is the one time padencryption of the message "attackatdusk" under the same key?5. Let M = C = K = {0, 1, . . . , 63} and consider the followingcipher (M, C, K) defined by:
E(k , x) = x + k mod 64.
Does this cipher have perfect secrecy?