1 / 40

Cryptography

Cryptography. Lecture 1. Welcome!. Crypto is amazing! Can do things that seem impossible… Crypto is important and pervasive It impacts each of us every day Crypto is fun! Deep theory Attackers’ mindset, fun assignments. Necessary administrative stuff. Course webpage

boos
Download Presentation

Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cryptography Lecture 1

  2. Welcome! • Crypto is amazing! • Can do things that seem impossible… • Crypto is important and pervasive • It impacts each of us every day • Crypto is fun! • Deep theory • Attackers’ mindset, fun assignments

  3. Necessary administrative stuff • Course webpage • http://www.cs.umd.edu/~jkatz/crypto/s19 • Prerequisites/information posted there • Syllabus/readings posted there • Midterm already scheduled • Slides posted there • HWs posted there (and on Canvas) • Announcements posted there

  4. Necessary administrative stuff • Canvas • HWs will be posted on webpage and Canvas • Use Canvas to submit HWs electronically • Can type solutions using latex (preferred) • Can also scan handwritten solutions • Can also use Word • Piazza • Useful for discussions/questions • Piazza is better than email if others will have the same question, or if other students can help answer

  5. TAs • Erica Blum • Makana Castillo-Martin • Elijah Grubb • Corbin McNeill • Ben Sela • Office hours listed on webpage • May change as semester progresses

  6. This is a tough class • Mathematical prerequisites • Discrete math, probability, modular arithmetic • Requires mathematical maturity • Definitions, theorems, proofs, abstraction

  7. This is a tough class • CS prerequisites • Pseudocode/algorithms, big-O notation • Programming assignments • Hard part should not be the programming, but the thought behind it • Some flexibility in choice of language, but will be required to read code I provide

  8. Textbook • Required textbook: “Introduction to Modern Cryptography, 2nd edition,” Katz and Lindell • Exams will be open book • Physical copies only

  9. Tips for doing well • Expected to read relevant sections of textbook before class • Lecture will move quickly; I expect questions and discussion • If you fall behind on the reading it will be hard to catch up! • Watch my videos on Coursera • “Clicker quizzes” given based on the reading (as well as throughout class) • 5% of the grade

  10. This is a test • Are you able to use the clicker to respond? • A: Yes • B: No

  11. HWs/exams • Expect HWs every 1.5-2 weeks • Optional HWs (ungraded) focusing on theory • Solutions given • Graded HWs involving implementation • Meant to reinforce the abstract concepts • Meant to highlight practical applications • In-class midterm and final • Questions similar to optional HWs and in-class exercises; may also be based on programming assignments • Anything covered in class or listed in readings on syllabus is fair game

  12. Laptops/electronics • No-laptop/no-electronics policy • Distracting to you • Distracting to others • If you feel you need an exception to take notes, talk to me

  13. How to reach me • Best way to contact me is by email:jkatz@cs.umd.edu • Please put “CMSC 456” in subject line • Please email me in advance if you plan to come to office hours

  14. Questions? • Please ask questions throughout!

  15. Course goals • Understand the theoretical basis for real-world crypto • When you encounter crypto in your career: • Understand the key terms • Understand the security guarantees needed/provided • Know how to use crypto • Understand what goes on “under the hood” • “Crypto mindset”

  16. Course non-goals • Designing your own crypto schemes • This is hard! • Implementing crypto for real-world use • This is hard! • Course goal: realize when to consult an expert!

  17. Cryptography (historically) “…the art of writing or solving codes…” • Historically, cryptography focused exclusively on ensuring private communicationbetween two parties sharing secret information in advance using “codes” (akaprivate-key encryption)

  18. Modern cryptography • Much broader scope! • Data integrity, authentication, protocols, … • The public-key setting • Group communication • More-complicated trust models • Foundations (e.g., number theory, quantum-resistance) to systems (e.g., electronic voting, blockchain, cryptocurrencies)

  19. Modern cryptography Design, analysis, and implementation of mathematical techniques for securing information, systems, and distributed computations against adversarial attack

  20. Cryptography (historically) “…the art of writing or solving codes…” • Historically, cryptography was an art • Heuristic, unprincipled design and analysis • Schemes proposed, broken, repeat…

  21. Modern cryptography • Cryptography is now much more of a science • Rigorous analysis, firm foundations, deeper understanding, rich theory • The “crypto mindset” has permeated other areas of computer security • Threat modeling • Proofs of security

  22. Cryptography (historically) • Used primarily for military/government applications, plus a few niche applications in industry (e.g., banking)

  23. Modern cryptography • Cryptography is ubiquitous! • Password-based authentication, password hashing • Secure credit-card transactions over the internet • Encrypted WiFi • Disk encryption • Digitally signed software updates • Bitcoin • …

  24. Rough course outline • Building blocks • Pseudorandom (number) generators • Pseudorandom functions/block ciphers • Hash functions • Number theory

  25. Classical Cryptography

  26. Motivation • Allows us to “ease into things…,” introduce notation • Shows why unprincipled approaches are dangerous • Illustrates why things are more difficult than they may appear

  27. Classical cryptography • Until the 1970s, exclusively concerned with ensuring secrecy of communication • I.e., encryption

  28. Classical cryptography • Until the 1970s, relied exclusively on secret information (a key) shared in advance between the communicating parties Private-key cryptography • aka secret-key / shared-key / symmetric-key cryptography

  29. Private-key encryption key key ciphertext c k k m cEnck(m) m := Deck(c) message/plaintext decryption encryption

  30. Private-key encryption k c m c := Enck(m) c c k m := Deck(c)

  31. Private-key encryption • A private-key encryption scheme is defined by a message space M and algorithms (Gen, Enc, Dec): • Gen (key-generation algorithm): outputs kK • Enc (encryption algorithm): takes key k and message mM as input; outputs ciphertext c cEnck(m) • Dec (decryption algorithm): takes key k and ciphertext c as input; outputs m or “error” m := Deck(c) For all mM and k output by Gen,Deck(Enck(m)) = m

  32. Kerckhoffs’s principle • The encryption scheme is not secret • The attacker knows the encryption scheme • The only secret is the key • The key must be chosen at random; kept secret • Arguments in favor of this principle • Easier to keep key secret than algorithm • Easier to change key than to change algorithm • Standardization • Ease of deployment • Public scrutiny

  33. The shift cipher • Consider encrypting English text • Associate ‘a’ with 0; ‘b’ with 1; …; ‘z’ with 25 • k  K = {0, …, 25} • To encrypt using key k, shift every letter of the plaintext by k positions (with wraparound) • Decryption just does the reverse helloworldz cccccccccccjgnnqyqtnfb

  34. Modular arithmetic • x = y mod N if and only if N divides x-y • [x mod N] = the remainder when x is divided by N • I.e., the unique value y{0, …, N-1} such that x = y mod N • 25 = 35 mod 10 • 25 ≠ [35 mod 10] • 5 = [35 mod 10]

  35. The shift cipher, formally • M = {strings over lowercase English alphabet} • Gen: choose uniform k{0, …, 25} • Enck(m1…mt): output c1…ct, where ci := [mi + k mod 26] • Deck(c1…ct): output m1…mt, where mi := [ci - k mod 26] • Can verify that correctness holds…

  36. Is the shift cipher secure? • No -- only 26 possible keys! • Given a ciphertext, try decrypting with every possible key • Only one possibility will “make sense” • (What assumptions are we making here?) • Example of a “brute-force” or “exhaustive-search” attack

  37. Example • Ciphertexturyybjbeyq • Try every possible key… • tqxxaiadxp • spwwzhzcwo • … • helloworld

  38. Byte-wise shift cipher • Work with an alphabet of bytes rather than (English, lowercase) letters • Works natively for arbitrary data! • Use XOR instead of modular addition • Essential properties still hold

  39. Hexadecimal (base 16)

  40. Hexadecimal (base 16) • 0x10 • 0x10 = 16*1 + 0 = 16 • 0x10 = 0001 0000 • 0xAF • 0xAF = 16*A + F = 16*10 + 15 = 175 • 0xAF = 1010 1111

More Related