1 / 50

CRYPTOGRAPHY: STATE OF THE SCIENCE ASIACRYPT 2003 invited talk

CRYPTOGRAPHY: STATE OF THE SCIENCE ASIACRYPT 2003 invited talk. Adi Shamir Computer Science Dept The Weizmann Institute Israel. Cryptography: major trends. Cryptography: major trends. From secret to public. Cryptography is central. Com&info theory. Comp science. crypto. Math& stat.

Download Presentation

CRYPTOGRAPHY: STATE OF THE SCIENCE ASIACRYPT 2003 invited talk

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CRYPTOGRAPHY:STATE OF THE SCIENCEASIACRYPT 2003 invited talk Adi Shamir Computer Science Dept The Weizmann Institute Israel

  2. Cryptography: major trends

  3. Cryptography: major trends • From secret to public

  4. Cryptography is central Com&info theory Comp science crypto Math& stat Computers and chips Hi-tech industry Policy issues

  5. Cryptography is fun • Gets lots of media attention • Attracts hackers • Is full of delightful ideas • Serves as an excellent educational tool

  6. Cryptography: major trends • From secret to public • From national to international

  7. The geography of cryptography • Publicly started in the US

  8. The geography of cryptography • Publicly started in the US • Followed by Europe

  9. The geography of cryptography • Publicly started in the US • Followed by Europe • Is rapidly expanding in Asia

  10. Cryptography: major trends • From secret to public • From national to international • From art to science

  11. Cryptography as a scientific discipline Is thriving as a scientific area of research: • Taught at most major universities • Attracts many excellent students • Discussed at many conferences (>25 in the next 6 months!) • Published in hundreds of papers (e.g., EPRINT) • Major conferences have >500 attendees (Major trade shows have >10,000 attendees) Received the ultimate seal of approval from the general CS community (the Turing award…)

  12. Should we rename the field? • Cryptography means “secret writing” • The official naming of the field: Cryptology = Cryptography + cryptanalysis

  13. Should we rename the field? • Cryptography means “secret writing” • The official naming of the field: Cryptology = Cryptography + cryptanalysis • These terms have problematic conotations • Many research subfields do not deal with the encryption or decryption of secret information

  14. Should we rename the field? • Cryptography means “secret writing” • The official naming of the field: Cryptology = Cryptography + cryptanalysis • These terms have problematic conotations • Many research subfields do not deal with the encryption or decryption of secret information • I propose to call the broader field Adversity Theory = cryptology + other areas

  15. Cryptography: major trends • From secret to public • From national to international • From art to science • From math to physics

  16. Related scientific fields: • OLD COMBINATIONS: • Probability and statistics • Algebra • Number Theory

  17. Related scientific fields: • OLD COMBINATIONS: • Probability and statistics • Algebra • Number Theory • NEW COMBINATIONS: • Signal processing (in steg, fingerprinting) • Electronics (in side channel attacks) • Physics (in quantum computers and crypto)

  18. Cryptography: major trends • From secret to public • From national to international • From art to science • From math to physics • From theory to practice

  19. Cryptography unites Theory & practice • Practical theory: - using abstract math tools in cryptanalysis - proving the security of real protocols -developing new cryptographic schemes • Theoretical practice: - developing new notions of security, complexity, logics, and randomness - turning cryptography from art to science

  20. New challenges in cryptography • Payment systems • Cellular telephony • Wi-Fi networks • RFID tags • DRM systems

  21. Cryptography: major trends • From secret to public • From national to international • From art to science • From math to physics • From theory to practice • From political to legal issues

  22. Cryptographic misconceptions • By policy makers: crypto is dangerous, but: - weak crypto is not a solution - controls can’t stop the inevitable • By researchers: A provably secure system is secure, but: - proven false by indirect attacks - can be based on false assumptions - requires careful choice of parameters • By implementers: Cryptography solves everything, but: - only basic ideas are successfully deployed - only simple attacks are avoided - bad crypto can provide a false sense of security

  23. The three laws of security: • Absolutely secure systems do not exist • To halve your vulnerability, you have to double your expenditure • Cryptography is typically bypassed, not penetrated

  24. Cryptography: A rapidly moving field

  25. Cryptography: A rapidly moving field • 75-80: Public key cryptography, basic schemes

  26. Cryptography: A rapidly moving field • 75-80: Public key cryptography, basic schemes • 80-85: Theoretical foundations, new protocols

  27. Cryptography: A rapidly moving field • 75-80: Public key cryptography, basic schemes • 80-85: Theoretical foundations, new protocols • 85-90: Zero Knowledge, secure computation

  28. Cryptography: A rapidly moving field • 75-80: Public key cryptography, basic schemes • 80-85: Theoretical foundations, new protocols • 85-90: Zero Knowledge, secure computation • 90-95: Diff&lin cryptanalysis, quantum comp

  29. Cryptography: A rapidly moving field • 75-80: Public key cryptography, basic schemes • 80-85: Theoretical foundations, new protocols • 85-90: Zero Knowledge, secure computation • 90-95: Diff&lin cryptanalysis, quantum comp • 95-00: Side channel attacks, elliptic curves

  30. Cryptography: A rapidly moving field • 75-80: Public key cryptography, basic schemes • 80-85: Theoretical foundations, new protocols • 85-90: Zero Knowledge, secure computation • 90-95: Diff&lin cryptanalysis, quantum comp • 95-00: Side channel attacks, elliptic curves • 00-05: ???

  31. The basic schemes: Major trends

  32. The basic schemes: Major trends • Secret key cryptography: DES out, AES in

  33. The basic schemes: Major trends • Secret key cryptography: DES out, AES in • Public key cryptography: RSA steady, EC improving, faster schemes increasingly risky and less appealing. Should not be used for long term security.

  34. The basic schemes: Major trends • Secret key cryptography: DES out, AES in • Public key cryptography: RSA steady, EC improving, faster schemes increasingly risky and less appealing. Should not be used for long term security. • Quantum schemes: the wild card

  35. Some of my controvertial positions:

  36. Some of my controvertial positions: When applied in practice:

  37. Some of my controvertial positions: When applied in practice: • Security should not be overdone

  38. Some of my controvertial positions: When applied in practice: • Security should not be overdone • Security should not be overexposed

  39. Some of my controvertial positions: When applied in practice: • Security should not be overdone • Security should not be overexposed • Security should not be underregulated

  40. Some of my controvertial positions: When applied in practice: • Security should not be overdone • Security should not be overexposed • Security should not be underregulated • Security should be guided by an ethical code

  41. Some of my controvertial positions: When applied in practice: • Security should not be overdone • Security should not be overexposed • Security should not be underregulated • Security should be guided by an ethical code • Security should be complemented by legal measures

  42. Cryptographic status report In each of the six major subareas I’ll summarize: • The major achievements so far • Strong and weak points, major challenges • A 1-10 grade

  43. Theory of cryptography • Well defined primitives & definitions of security • Well understood relationships between notions • Deep connections with randomness & complexity • Beautiful mathematical results • Highly developed theory • Excellent design tools • Challenge: reduce dependence on assumptions • Final grade: 9

  44. Public key encryption and signature schemes • RSA, DH, DSA • Based on modular arithmetic, EC, other ideas(?) • Vigorous cryptanalytic research • Excellent theory • Expanding applications • Challenges: Break a major scheme, make a new one • Final grade: 8

  45. Secret key cryptography – block ciphers • DES, AES, modes of operation • Differential and linear cryptanalysis • Good cryptanalytic tools • Reasonable choice of primitives • Many good schemes • Challenge: Connect strong theory with strong practice • Final grade: 7

  46. Secret key cryptography – stream ciphers • Linear feedback shift registers • Fast correlation attacks, algebraic attacks • Limited cryptanalytic tools • Narrow choice of primitives • Many insecure schemes • Challenge: Improve weak theory and weak practice • Final grade: 4

  47. Theoretical Cryptographic protocols • Zero knowledge interactive proofs • Secure multiparty computations • Almost anything is doable and provable • Many gems • Theoretical protocols are too slow • Challenge: Make the strong theory practical • Final grade: 8

  48. Practical Cryptographic protocols • Many ad-hoc ideas • Proofs in the random oracle model (ROM) • Rapidly expanding body of results • Lots of buggy protocols • Reasonable design primitives • Improving theory • Challenges: incorporate side channel attacks, ROM • Final grade: 5

  49. Cryptographic predictions: • AES will remain secure for the forseeable future • Some PK schemes and key sizes will be successfully attacked in the next few years • Crypto will be invisibly everywhere • Vulnerabilities will be visibly everywhere • Crypto research will remain vigorous, but only its simplest ideas will become practically useful • Non-crypto security will remain a mess

  50. Summary • It was a thrilling 25 year journey • The best is yet to come • Thanks to everyone!

More Related