6.857 Computer and Network Security Lecture 13 Today: Pedersen Commitment PK Encryption El Gamal PK encryption Semantic security DDH (Decision Diffie-Hellman) IND-CCA2 Cramer-Shoup PK encryption Readings: Paar and Pelzl, Chapters 6,7,8 Katz and Lindell, Chapter 10 1
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
6.857 Computer and Network Security Lecture 13
Today:
Pedersen Commitment PK Encryption El Gamal PK encryption Semantic security DDH (Decision Diffie-Hellman) IND-CCA2 Cramer-Shoup PK encryption
Readings: Paar and Pelzl, Chapters 6,7,8 Katz and Lindell, Chapter 10
1
______________________________
) /1113
‘FILE UNDER:
e
I ICpvtms%.nk Czc\tmt
U
1
LI-tomm4Incw4%:3c
-i Dptn$ c&nimc4wnni) flvt4% 9
hon)yofan:nofl_ +
I C?) t Lan’+- pvDiua
t5% )C41 fws
‘C
Cmv’
&iocfl by
1cetN
S
I).
‘‘ pt;mts cit cj \pl t.kgfføc
vn°” 4: ?-c “%“P 0
1L’4Hf’ <j):&stnmJ
prC..4. F)
rqr,àorn r E
C.
x
2
izzzzzzj4_L
I}
-.,
----
-_---4
—I -----::
‘t‘C
’is
--c
t.J
.t’
-C
‘--‘
_c
_
1-
‘a
-x
—
+-
--
%-
6-
AA
C
--?;r
L4
c;zzzz
ICC
‘5’”
—‘
-‘
C.
JX
çflp
flt
•-—
‘-
--—
-‘
—-
-c.•-
4-t.
—z
_C
I’S
----‘
L.0
ZL
L_
-_--
C.
oC
4.:C
—z
,Lj
a
“6IaII
V
-j--_
i__
__
__
.-
iiiir
:i
-----‘-—
--•-•- e
-_x
—C
.2
ff
r-I
L1U
k15.1
If‘4C.
--7
r-
::t.
1-4-
z-,•z
‘3
r’4
Ct
3
_______
—- -
5nL-T
rzzzzzzzaz:z*z : i*zz
‘I’ ad
ii
;ç
VtI
TJi4wLkLsai
th
I
ä
i.j
1
1‘C ‘r ‘ ensiaw 10
•AE-±.
w!
.*
1
t$a 4’— a
La
.a
F lC
C’ 2-4. QS1Jr4F-F
L is
if— I I
‘!-*LL_1ZTJZZt’H —1 I
I
Ii
I L -z TiI H- -r—t
pg:: 4k$cttr:4I, I £ a
—_tjthk flyit’c44 4_4r-mmv
, I
I At’h
1-i±i4_t± imzizrz
41tLJ I—r — —- -—t tf -
I ttL h1H —:
I ‘——I -— — — I -. —t —
zi_L.J3
4
LJ5.3
BI’-&qni4) PX encrp%vs (rawr £1
Let be a
(X’eyn tm1y D..I5p.ik a*scrcpi 4 & 6_, iten A.)
A. .4 r4rJbm’am[o,,,j&)-SJ
Let 5tCt*.
Let
&LhtpQt (w) s1c (a J.settpirvn bf 6, i need4)
ncryp%n t•
?ck kèanckm 4nrn [o,,.)a)-s]
Ass.nne rress4,e m ‘iS eICWitnt t
Le€ t recpc’tnt
c =(k
, cpkn4eAt
Dc
L€t’ cs (qO :t receWecI cplwkict
Let n/a. &i4tpbd+vvI.
Cccrectwes1s4flpwssnct
5
L—
—
-
-
-[
-
-
--
——
-_r__i-L
__
H
-oC
rC
InU
.
‘C--
-
S6_I
Sn
*II
II
I,II
US-x0’
.1
V
1-7%
-4-3€‘S
-1--
£
-p
a-9rI‘37
’-o
IØIIa
6
1-ew it dectrie SCtL4t+’y 4tr P)< encryptron?
Wall ea two cia{cviiFons:
C $tman+CC sccutily (oUwasser &Mcc.I
“a4apka tosen cip)wrkit ‘rHc.ck’ (4Cc4) Secwrt.
(is $b we Sqw 4€ syunnic$v. enctypfr.n’)
r• Exqn’.;ner 3erer44ts (pwsw) t.ESfl5 keyenC’1)
• gqm;ner seJs PR 4krers4ry
• AAveisry crnnpAes r po)ynomci 6 a) fme, *&cn
ot*pks two mccayts m31m, of %me
0nà °S%\C [m0ni, (t1i4irtA].
?“ Ij\.
— aSt. ‘WI) 1.
• Eitaminer prtiu qL3o1i Gmp.a+u ct E(P1c, m)
• X4hlCntr ‘seAs c,s to Ahie6ary
• Acversrny ccvnru%s c poiynon’;. C:r’ )i” 4;:nse,
4wn o.4ees t (his “ics? fir
Avenstywnsla qy,e
-j !I)AT
-1 eAGL155
7
I .E P
5 P 91< enttpkon S&MC is
_____
f ?mz[A4i w;ns] 4B4t Zn orAer ‘Sir a W tncøipt:øn cAnt to
bt 5eeur€.1 if mwi flecesS4flIy
- ‘oc r ow1ed.t(RanJomqeA encrtron i’S
bui yosac1jcent .Cor senittc cecwr;>’
El 64nt) PK encypfovi .em4nfrtJly cecwcl
* mott. :b cc.rf bc sRit’%
W9 6c rcfl4o*,PC.J1)rtJ)Ot s0L
i H- L
—iip
HpztHt
H
I: . .. ..-
- - I -
F
L 1 —
H1_li I_i_4 j I il_i
8
r
‘I,
-i
a-P
S.
4..C.
4L-a
-t’
F
4<1
L_
jt—
JL
4.
3—
c—
.S
a.
11t
So
il*3
I5
-‘
-4-
Sj
-a-
-r
t:
44
0.’-
•a-1—
—5
0
ca0
._c,0
.‘S
—._
s-—
I’-4...
IV
o...4
,j:
WJ.
—I
3C
ve.
.C-
0
a°-.
.‘-
3r>4—
v—
—U
4.)
-‘
---
.1
.
Hc
nø
ifZ
?c
I
t-
-n‘J
S
-t.r
•—
QJ
‘4C-p
-n-s
r2
—-_F
C$3)
t
Xc£
‘.4.
UF.’
am
uI
a.
L?
iii;-
9
InI
0-‘
-
I ‘44.
r
-—
-----
—S
Tr
—-I
Lt-fJr4j
14
wI
I;.
fzC
:rL
JL:
Z3._
oL
L:
i:a:
ft
F EIE
EHRE
’!1EJ
tFtF
JHW
EF7’
.E
EE
-—j-
-—r
t:flr
1c:r
irJz:I
iiiz
!r:z
;z:r
rK
:;sm
-.
5—
--
--
IlL
1
3..
-:z
rS
., tr-”r-1-r
a,
tt
r”
—:
—‘--—
flI
JJJt
‘.1‘a
..1.
$4 a.
II-I
I I
‘1
rr
T’T
h’T
tt.
fj
t4j
f 1, 4:
‘el
S
LiS
I.1
it
rw
¶4
—j
ti
13.
b .4
I;
It
±
HI
.
LA
$4
s-
:tsjz
tzt
II
a —a
‘I1—
ti
—_
_
WE
In wE .ff
-
10
L1S,9
• W%k Srbner eiótThn f Stcurify 4r Pk encviph>n?o,c i, .exci.J.s e1cec);Iy..’)
.“,DJD—CcAa. seeurt1’ (ACLA SCture* Setat
rnkr o4apwt ckoe cpvrxt acQ)‘ flJb-CCA sectaMn we Sqiv r 5ymnwtfl ent
• Stmlqr lv Sem.nrt secal, JAn, ex4- tL44j,j i\4 % kttfl*)bn ec4t, fio•
( H bus P1< So QCC2CS 40 tYlCt)iThfl oraclt arn4
• *±
1•
L..
L .L
Ac beftct, flqy f4 ake ornt!t 40 decrypt
k4i’t1 cp\’n4tt è.wrj ss”pie’)
1•
. 1
HH ..
[ZZZZH:Hf h
I
11
3
4=—v
4=
CEQVS!1
___________
3CJNfl
L___
_______
12
ririP
13
-
UI
zzzzz*ç
—
7p
•
__
__
__
__
__
__
_
IJ
I-’
I
-JIi
H
C’
Ua0H
I
14
Iopjc:
IL.E UNDER—
1 L_I 5, 13
The jw .t .1 t ir iei ‘ LI’ . ib-ttfl.
CtE tlt!. 4 tt’it. 4 ti t4 jOlta
I
V
1— — —
cur
iis cc_
Zii;[r:f!?
MIT OpenCourseWarehttp://ocw.mit.edu
6.857 Network and Computer SecuritySpring 2014
For information about citing these materials or our Terms of Use, visit: http://ocw.mit.edu/terms.
Related Documents
