1 / 38

Cryptography

Cryptography. Lecture 1. Welcome!. Crypto is amazing Can do things that initially seem impossible Crypto is important It impacts each of us every day Crypto is fun! Deep theory Attackers’ mindset. Somewhat A replication of UMD Crypto. Same education system as College Park

iglesias
Download Presentation

Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cryptography Lecture 1

  2. Welcome! • Crypto is amazing • Can do things that initially seem impossible • Crypto is important • It impacts each of us every day • Crypto is fun! • Deep theory • Attackers’ mindset

  3. SomewhatAreplicationofUMDCrypto • SameeducationsystemasCollegePark • SametextbookasCollegePark • Introduction to Modern Cryptography (2nd edition) Jonathan Katz and Yehuda Lindell • AlmostsameevaluationasCollegePark • Aalto University (Finland) Bar-Ilan University (Israel) Ben-Gurion University (Israel) Boise State University Boston University Brown University Caltech City University of New York Colgate University Columbia University Cornell University Florida Institute of Technology Florida State University George Washington University Georgia Institute of Technology Harvard University IIIT Bangalore Indiana University Indian Institute of Science, Bangalore Johns Hopkins University Koç University Saarland University (Saarland, Germany) Saarland University (Saarland, Germany) La Sapienza (University of Rome, Italy) McGill University (Canada) McMaster University Miami University Northeastern University Northeastern University NYU Ohio State Paderborn University (Germany) Pennsylvania State University Princeton University Purdue University Purdue University Ruhr-University Bochum (Germany) Simon Fraser University (Canada) Stanford University Technologies Net Alliance (Pakistan) Tel-Aviv University (Israel) Tsinghua Univeristy (China) TU Eindhoven Tufts University Universidade Federal de Pernambuco (Brazil) Universita di Salerno (Italy) UniversiteCatholique de Louvain (Belgium) (see also here) University College, London (UK) University of Amsterdam University of Beira Interior University of Bologna (Italy) University of Bonn University of Brasilia University of Bucharest, Romania University of California, Berkeley University of California, Davis University of California, Irvine University of Calgary (Canada) University of Chicago University of Colorado, Denver University of Genoa University of Haifa UIUC University of Maryland University of Michigan University of Nebraska-Lincoln University of North Florida University of Oldenburg (Germany) University of Pennsylvania University of Pittsburgh USC UT Austin University of Virginia Wellesley College

  4. WithSignificantModifications • Cross-listedcourse • UMBCdoesnothaveanadvancedcryptoclass • Teachingwhat’smostessential • Focusingonpracticalthings • Includingsomeadvancedtopics(notmuch) • Addingblockchains • Removingtheunderlyingdesignofblockcipherdesign • Removingstreamcipherdesign • Ataslightlyslowerpace • OursemesterisshorterthanthatofCollegePark

  5. Necessary administrative stuff • Course webpage • https://www.csee.umbc.edu/~hbzhang/teaching.html • OrGoogleHaibinZhang+UMBC • Prerequisites/information posted there • Syllabus posted there • HWs posted there • Announcements posted there

  6. Necessary administrative stuff • Historically, 10-15% of the class drops by end of first full week • Moremaydropafterawhile(ornot) • If you are trying to get in, do the first HW even if not yet admitted • IfyoudonotdothefirstHWandenrolllate,youdonotgetcredit.

  7. TA • ChaoLiu • Half-timeTA • chaoliu717@umbc.edu

  8. This is a tough class • Mathematical prerequisites • Discrete math, probability, modular arithmetic • Requires mathematical maturity • Proofs, abstraction

  9. This is a tough class • CS prerequisites • Binary, hex, pseudocode/algorithms, big-O notation • (Theoryofcomputation/computationalcomplexity/Reduction) • Programming assignments • Hard part should not be the programming, but the thought behind it • Flexibility in choice of language

  10. ActiveLearning • Try to promote “active learning” • MUST read textbook before class • Lecture will move quickly, expect questions and discussion • Quiz(ifnoteveryweek)!!

  11. Textbook • Required textbook: “Introduction to Modern Cryptography, 2nd edition,” Katz and Lindell • Exams will be open book • Physical copies only

  12. HWs/exams • 3-4HWs • Mostlytheory • Someimplementation • NolateHWs;Iwillgiveyouenoughtime;donotstartdoingthemjustbeforethedeadline. • In-class midterm and final • Questions similar to optional HWs and in-class exercises; may also be based on assignments • Anything covered in class or listed on syllabus,orwhatIaskyoutoreadinthebook is fair game

  13. NeedtoAttendEveryLecture • Signupifthereisnoquiz • TAhandlesit • Ifyouaresickorhaveanexcusedleave,youneedtoproveittotheTAandme.

  14. Evaluation • Attendanceandparticipation5% • Quiz:20% • HWs:15% • Midterm:30% • Final:30%

  15. How to reach me • Best way to contact me is by email:hbzhang@umbc.edu • Please put “CMSC-443/652d” in subject line • Office hours after class • 11:15-12pmTuTh;prioritygiventostudentswhoneedtorushtootherclasses • TAofficehour • Tobedetermined

  16. Questions? • Please ask questions throughout!

  17. Course goals • Understand real-world crypto via a rigorous approach • When you encounter crypto in your career: • Understand the key terms • Understand the security guarantees provided • Know how to use crypto • Understand what goes on “under the hood” • Proofs!Reduction!

  18. Course non-goals • Designing your own crypto schemes • Implementing your own crypto for real-world use

  19. Cryptography (historically) “…the art of writing or solving codes…” • Historically, cryptography focused exclusively on ensuring private communicationbetween two parties sharing secret information in advance (using “codes” akaprivate-key encryption)

  20. Modern cryptography • Much broader scope! • Data integrity, authentication, protocols, … • The public-key setting • Group communication • More-complicated trust models • Foundations (e.g., number theory, quantum-resistance) to systems (e.g., electronic voting, cryptocurrencies)

  21. Modern cryptography Design, analysis, and implementation of mathematical techniques for securing information, systems, and distributed computations against adversarial attack

  22. Modern cryptography • Cryptography is ubiquitous • Passwords, password hashing • Secure credit-card transactions over the internet • Encrypted WiFi • Disk encryption • Digitally signed software updates • Bitcoin • …

  23. Cryptography (historically) “…the art of writing or solving codes…” • Historically, cryptography was an art • Heuristic, unprincipled design and analysis • Schemes proposed, broken, repeat…

  24. Modern cryptography • Cryptography is now much more of a science • Rigorous analysis, firm foundations, deeper understanding, rich theory • The “crypto mindset” has permeated other areas of computer security • Threat modeling • Proofs of security

  25. Rough course outline • Building blocks • Pseudorandom (number) generators • Pseudorandom functions/block ciphers • Hash functions • Number theory

  26. Classical Cryptography

  27. Motivation • Allows us to “ease into things…,” introduce notation • Shows why unprincipled approaches are dangerous • Illustrates why things are more difficult than they may appear

  28. Classical cryptography • Until the 1970s, exclusively concerned with ensuring secrecy of communication • I.e., encryption

  29. Classical cryptography • Until the 1970s, relied exclusively on secret information (a key) shared in advance between the communicating parties Private-key cryptography • aka secret-key / shared-key / symmetric-key cryptography

  30. Private-key encryption key key ciphertext c k k m c := Enck(m) m := Deck(c) message/plaintext decryption encryption

  31. Private-key encryption k c m c := Enck(m) c c k m := Deck(c)

  32. Private-key encryption • A private-key encryption scheme is defined by a message space M and algorithms (Gen, Enc, Dec): • Gen (key-generation algorithm): outputs kK • Enc (encryption algorithm): takes key k and message mM as input; outputs ciphertext c cEnck(m) • Dec (decryption algorithm): takes key k and ciphertext c as input; outputs m or “error” m := Deck(c) For all mM and k output by Gen,Deck(Enck(m)) = m

  33. Kerckhoffs’s principle • The encryption scheme is not secret • The attacker knows the encryption scheme • The only secret is the key • The key must be chosen at random; kept secret • Some arguments in favor of this principle • Easier to keep key secret than algorithm • Easier to change key than to change algorithm • Standardization • Ease of deployment • Public validation

  34. The shift cipher • Consider encrypting English text • Associate ‘a’ with 0; ‘b’ with 1; …; ‘z’ with 25 • k  K = {0, …, 25} • To encrypt using key k, shift every letter of the plaintext by k positions (with wraparound) • Decryption just does the reverse helloworldz cccccccccccjgnnqyqtnfb

  35. Modular arithmetic • x = y mod N if and only if N divides x-y • [x mod N] = the remainder when x is divided by N • I.e., the unique value y{0, …, N-1} such that x = y mod N • 25 = 35 mod 10 • 25 ≠ [35 mod 10] • 5 = [35 mod 10]

  36. The shift cipher, formally • M = {strings over lowercase English alphabet} • Gen: choose uniform k{0, …, 25} • Enck(m1…mt): output c1…ct, where ci := [mi + k mod 26] • Deck(c1…ct): output m1…mt, where mi := [ci - k mod 26] • Can verify that correctness holds…

  37. Is the shift cipher secure? • No -- only 26 possible keys! • Given a ciphertext, try decrypting with every possible key • Only one possibility will “make sense” • (What assumptions are we making here?) • Example of a “brute-force” or “exhaustive-search” attack

  38. Example • Ciphertexturyybjbeyq • Try every possible key… • tqxxaiadxp • spwwzhzcwo • … • helloworld

More Related