SlideShare a Scribd company logo

Tutorial on Cryptography

K
kenluck2001

This is a set of lectures for the 7Gate academy boot camp. This covers a number of important topics in Cryptography that include secret key cryptography, public key cryptography, zero knowledge proofs, privacy, and anonymity. This is followed with a number of exercises in node.js. CORRECTIONS In page 14, replace "The public key can be announced with compromising security." with "The public key can be announced without compromising security."

Science
1 of 40
Download to read offline
TUTORIAL ON CRYPTOGRAPHY Kenneth Emeka Odoh Vancouver, BC Version 1 Created: July, 2018 Updated: N/A
Kenneth Emeka Odoh 2
Recommended Textbooks ● A Graduate Course in Applied Cryptography by Dan Boneh and Victor Shoup, { https://crypto.stanford.edu/~dabo/cryptobook/BonehShoup_0_4.pdf }. ● Hacking Secret Ciphers with Python by Al Sweigart, { https://inventwithpython.com/hackingciphers.pdf }. ● List of practical exercises { https://github.com/sodium-friends/learntocrypto }. ● http://math.tut.fi/~ruohonen/MC.pdf Kenneth Emeka Odoh 3
Education ● Masters in Computer Science (University of Regina) 2013 - 2016 ● A number of MOOCs in statistics, algorithm, and machine learning Work ● Research assistant in the field of Visual Analytics 2013 - 2016 ○ { https://scholar.google.com/citations?user=3G2ncgwAAAAJ&hl=en } ● Software Engineer in Vancouver, Canada 2017 - ● Regular speaker at a number of Vancouver AI meetups, organizer of distributed systems meetup, and Haskell study group and organizer of Applied Cryptography study group 2017 - Bio Kenneth Emeka Odoh 4
Contents ● Introduction ● Secret key cryptography ● Public key cryptography ● Protocols ● Privacy and anonymity ● Case studies ● Exercises Kenneth Emeka Odoh 5
Introduction Kenneth Emeka Odoh 6
Cryptology consist of the following fields. ● Cryptography ● Cryptanalysis Cryptography is the process for encrypting and decrypting messages. Cryptanalysis is the process of recovering plaintext from the cryptotext without the decryption key. The holy grail of cryptography is to make cryptanalysis very computationally infeasible. Stenography is the art of hiding message in medium that is not obvious. For example, hiding information in images {https://www.csmonitor.com/Science/2010/0630/How-Russian-spies-hid-secret-co des-in-online-photos} Kenneth Emeka Odoh 7
Cryptography provides the following benefits ● Confidentiality ○ Information available to authorized entities ● Integrity ○ Protection from unauthorized information changes. ● Authenticity ○ It is possible to verify the identities of people, computer, and programs. Kenneth Emeka Odoh 8
Cryptanalysis ● Frequency analysis ○ Kasiski method ● Hill method (plaintext - cryptotext attack) Kenneth Emeka Odoh 9
Securing your Resources ● Begin with a threat model ○ Identify the adversaries that you are protecting against, if it is a serious adversary be ready for shock e.g heartbleed bug. ○ How long should the information be secure. ● Identify the trust model. ● Identify the computation resources for encrypting and decrypting with minimal bottleneck. ● Reduce attack surface. Identify all attack vectors and handle the cases. ● Reduce severity of breaches with careful design. This fall into crisis response. ● Cryptography should be used in the mix of other techniques e.g secure coding, access control (permissions management) among others. Kenneth Emeka Odoh 10
Mathematical Foundation of Cryptography ● Factorization ○ Given an integer, n. Find all the prime, p that are factors of n. ● Discrete logarithm ○ Given a prime, p, and integer a and c. Find every s that satisfy as = c mod p. Quick primer on the mathematics of Cryptography. See {Page 1 - 28 / 95} { http://www.cs.helsinki.fi/u/karvi/advanced_1_12.pdf } Kenneth Emeka Odoh 11
Secret Key versus Public key Cryptography Kenneth Emeka Odoh 12
Alice Bob Kenneth Emeka Odoh Figure 1: Communication between Alice and Bob 13
Secret key cryptography The key cannot be made public without compromising security. Public key cryptography Each user has two keys (private key and public key), if is very difficult to get the private key from the public key. The public key can be announced with compromising security. Kenneth Emeka Odoh 14
pt: plaintext Ek : encryption using the key, k Dk : decryption using the key, k ct: cryptotext ct = Ek (pt) pt = Dk (ct) Dk ( Ek (pt) ) = pt Public key Alice ( nA ,eA ) Bob ( nB ,eB ) Private key Alice ( nA ,dA ) Bob ( nB ,dB ) Kenneth Emeka Odoh 15
Trapdoor vs hash function ● Trapdoor is a function that maps an input to an output. This is easy in the forward step from input to output but computationally expensive to recreate the input from the output. This is required for encryption and decryption function. 1 = d*e mod n where d is an inverse of e ● Hash function is a one way function from an input to an output. It is impossible to recreate the input from the output. { https://www.uow.edu.au/~jennie/CSCI971/hash1.pdf } { http://www.cs.nthu.edu.tw/~wkhon/algo08-tutorials/tutorial-hashing.pdf } Kenneth Emeka Odoh 16
RSA { Page 57 / 95 } Diffie-hellman key exchange { Page 80 - 82 / 95 } Elliptic curve { Page 85 - 92 / 95 } { http://www.cs.helsinki.fi/u/karvi/advanced_1_12.pdf } Kenneth Emeka Odoh 17
Message Signature ● Alice, A, wants to send a message, m, to Bob, B ● Create SA as the hash of m. ● Alice encrypts the hashed message using her private key, dA DA (SA ) = SA dA mod nA ● Send message with signature as ( EB ( DA (SA ) ), EB (m) ) to bob ● Once bob receives the message. He verifies the signature to be sure that there are no changes in the messages. Kenneth Emeka Odoh 18
Protocols Kenneth Emeka Odoh 19
Protocol is the sequence of communication steps between entities. This describes the message format and position in the sequence for message delivery and receipt between the participating entities. Kenneth Emeka Odoh 20
● Go to the Primer on protocol and discuss in details { https://www.cs.helsinki.fi/u/karvi/advanced_2_12.pdf }. ● Design principles for public key protocol {page 48 - 49 / 62} ● Discuss the design decisions of goldbug which a diverse collection of cryptographic cipher { https://compendio.github.io/goldbug-manual/ } Kenneth Emeka Odoh 21
Privacy and Anonymity Kenneth Emeka Odoh 22
Privacy vs Secrecy vs Anonymity Secrecy is a high degree of privacy. Anonymity is a way to achieve privacy. ● Is the information indecipherable to the unintended parties? ● It is possible to see the information, but can’t tell where it is from? ● Who can see the sender, but cannot map to the real person? See more information on relationship between information provided and entropy ○ {https://www.johndcook.com/blog/2017/09/12/quantifying-the-information-content-of-personal-data/ } ○ {https://www.johndcook.com/blog/2017/09/20/quantifying-privacy-loss-in-a-statistical-database/ } Kenneth Emeka Odoh 23
Zero-Knowledge method This is a probabilistic proof of knowledge of an entity ( prover ), who claims to have information about a resource and proceeds to solve a set of challenges to verify the claim to the ( verifier ). If the challenge is well designed, it is very difficult to perform replay attacks. Discuss the examples ● Ali baba cave ● Colour-blind friend with a pair of balls {https://en.wikipedia.org/wiki/Zero-knowledge_proof } Kenneth Emeka Odoh 24
Properties of Zero-Knowledge proof ● Completeness: A fair verifier will be convinced by a honest prover that is if they are faithfully obeying the protocol. ● Soundness: it is only possible for the prover to cheat the verifier with a very small probability. ● Zero-knowledge: If the statement given by the prover is true, then the only information learnt by the verifier is that the statement of the challenge is true. Mathematical basis for Zero-Knowledge proof ● Discrete logarithm ● Polynomial factorization ● NP-hard problem ○ Hamiltonian cycle Kenneth Emeka Odoh 25
Discrete Logarithm ● P want to prove to V that it has knows the value of x. ● The following information is known to both P and V which consist of a value, y, prime, p, and generator, g. ● P creates y using her secret knowledge, x and sends y to V. ○ y = gx mod p ● The knowledge of x can be used as a proof of identity to V. ● At a later time, On each round ● P generates a random number, r to compute C and send to V. Both options may be used only if the prover doesn't know the value of x and is trying to fool the verifier. This necessitates the need for Option 2 to validate identity of P. ● Option 1 C = gr mod p ● Option 2 C = gr+x mod (p-1) mod p ● On reception of message, C by V. It makes a random choice of either option 1 or 2. ● The verifier can however validate the prover's identity, P without knowledge of x. Kenneth Emeka Odoh 26
Hamiltonian Cycle ● The graph, G is known to both P and V. Only P knows the hamiltonian cycle in the graph, G. ● At the beginning of each round, P creates H which is isomorphic to G. ● The knowledge of hamiltonian can be used as a proof of identity to V. ● At a later time, On each round. ● P creates a graph, H and commits using a commitment scheme to prevent changing of mind after sending H to V. ● Option 1 C = isomorphic permutation function between H and G ● Option 2 C = hamiltonian cycle in H ● On reception of message, C by V. It makes a random choice of either option 1 or 2. ● Verify isomorphic permutation function and hamiltonian cycle of H as a proof of identity of P. Kenneth Emeka Odoh 27
zkSNARKs This is similar to other concepts discuss in this course. However, it seem complicated to be discussed here for more information. This is used in blockchain applications. For more details ● { https://blog.ethereum.org/2016/12/05/zksnarks-in-a-nutshell/ } ● { https://getmonero.org/resources/moneropedia/ringsignatures.html } ● { https://getmonero.org/resources/moneropedia/stealthaddress.html } Kenneth Emeka Odoh 28
Most of the zero-knowledge proof in this presentation require “trusted setup”. There are recent works that do not require “trusted setup”. {https://zcoin.io/zcoin-moving-beyond-trusted-setup-in-zerocoin/ } Trust setup is a case where a party is expected to create and delete the secret in the session. Kenneth Emeka Odoh 29
Case Studies Kenneth Emeka Odoh 30
Bitcoin: A simplistic view ● Bitcoin is a virtual currency that keeps a record of every transaction in a distributed append only public ledger known as blockchain. ● Transactions are securely processed and verified by using a proof of work consensus protocol with a reward scheme for miners. ● Bitcoin is a peer to peer network without a trusted central authority. ● An owner has full ownership over their money (electronic coins). It is possible to spend and receive increased or decreased value of coins without a central authority. Kenneth Emeka Odoh 31
● Users have public and private key for secure communication. ● Digital signatures are added to message to prevent tampering and preventing fraud. ● Each user can have multiple public keys and private keys. Each of keys can be related to a wallet. ● Each user has a destination address which is obtained by hashing the public key provides anonymity. ● Bitcoin transaction is verified by a group of miners. ● Miners wait on a block in a queue like manner. A miner processes the transaction and waits on a quorum of users to verify the transaction. Kenneth Emeka Odoh 32
Exercises Kenneth Emeka Odoh 33
Code Documentation & Tutorial ● Read documentation for setting up node.js. ○ https://www.digitalocean.com/community/tutorials/how-to-install-node-js-on-ubuntu-16-04#how -to-install-using-nvm ○ https://www.w3schools.com/nodejs/default.asp ● Buffer { https://www.w3schools.com/nodejs/ref_buffer.asp } ● File management in Javascript ○ https://stackoverflow.com/questions/2496710/writing-files-in-node-js ○ https://stackoverflow.com/questions/14430859/javascript-best-way-to-convert-associative-arra y-to-string-and-back-the-other-w ● Peer to peer JavaScript ○ { https://github.com/socketio/socket.io-p2p } Kenneth Emeka Odoh 34
● Install the following packages npm install sodium-native npm install duplex-json-stream npm install net ● Get list of installed packages in node.js npm list -g --depth=0 35
Required Exercises ● Coding up the entire exercises ○ { https://github.com/sodium-friends/learntocrypto/tree/master/problems }. ● Describe PGP (pretty good privacy) which uses elgamal algorithm Kenneth Emeka Odoh 36
Optional Project ● Implement simplistic DSA without any complicated padding, message blinding, or protection against side channel attacks. ○ Implement DES ■ {http://page.math.tu-berlin.de/~kant/teaching/hess/krypto-ws2006/de s.htm } ○ Decrypting DES ■ {https://crypto.stackexchange.com/questions/9674/how-does-des-de cryption-work-is-it-the-same-as-encryption-or-the-reverse } Kenneth Emeka Odoh 37
Advanced Project ● Implement the noise protocol as described in { https://noiseprotocol.org/noise.html }. ● Hint: understand this block of code for peer to peer communication {https://github.com/socketio/socket.io-p2p/tree/master/examples/chat } ● For more information on key generation for conference protocol {http://www.cs.helsinki.fi/u/karvi/advanced_3_12.pdf } Kenneth Emeka Odoh 38
Conclusions ● Avoid implementing from scratch ○ Use existing library written by experts ● Side-channel attacks ● Rubber-hose cryptanalysis ● Quantum cryptography Kenneth Emeka Odoh 39
Thanks for listening @kenluck2001 https://www.linkedin.com/in/kenluck2001/ kenneth.odoh@gmail.com https://github.com/kenluck2001?tab=repositories Kenneth Emeka Odoh 40

Recommended

Basic techniques in cryptography
Basic techniques in cryptographyBasic techniques in cryptography
Basic techniques in cryptographyShraddha Gupta
 
Computer network (9)
Computer network (9)Computer network (9)
Computer network (9)NYversity
 
Chapter 3
Chapter 3Chapter 3
Chapter 3manojjoshi1234
 
Cs166 mynote
Cs166 mynoteCs166 mynote
Cs166 mynoteKaya Ota
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information SecurityDr Naim R Kidwai
 
An Analysis of RSA Public Exponent e
An Analysis of RSA Public Exponent eAn Analysis of RSA Public Exponent e
An Analysis of RSA Public Exponent eDharmalingam Ganesan
 
Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4Kabul Education University
 
Intro to Cryptography
Intro to CryptographyIntro to Cryptography
Intro to CryptographyGalin Dinkov
 

Recommended

Basic techniques in cryptography
Basic techniques in cryptographyBasic techniques in cryptography
Basic techniques in cryptographyShraddha Gupta
 
Computer network (9)
Computer network (9)Computer network (9)
Computer network (9)NYversity
 
Chapter 3
Chapter 3Chapter 3
Chapter 3manojjoshi1234
 
Cs166 mynote
Cs166 mynoteCs166 mynote
Cs166 mynoteKaya Ota
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information SecurityDr Naim R Kidwai
 
An Analysis of RSA Public Exponent e
An Analysis of RSA Public Exponent eAn Analysis of RSA Public Exponent e
An Analysis of RSA Public Exponent eDharmalingam Ganesan
 
Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4Kabul Education University
 
Intro to Cryptography
Intro to CryptographyIntro to Cryptography
Intro to CryptographyGalin Dinkov
 
Post quantum cryptography - thesis
Post quantum cryptography - thesisPost quantum cryptography - thesis
Post quantum cryptography - thesisSamy Shehata
 
Computer and Network Security
Computer and Network SecurityComputer and Network Security
Computer and Network SecurityMuhammad Yousuf Abdul Qadir
 
Berlin sigma-2017
Berlin sigma-2017Berlin sigma-2017
Berlin sigma-2017Alex Chepurnoy
 
Unit 1
Unit 1Unit 1
Unit 1Trupti Kodinariya
 
Cryptography
CryptographyCryptography
CryptographySmruti Ranjan Sahoo
 
Cryptography
CryptographyCryptography
CryptographyDeepak Kumar
 
Information and network security 32 principles of public key cryptosystems
Information and network security 32 principles of public key cryptosystemsInformation and network security 32 principles of public key cryptosystems
Information and network security 32 principles of public key cryptosystemsVaibhav Khanna
 
cryptography
cryptographycryptography
cryptographyJai Nathwani
 
Module: drand - the Distributed Randomness Beacon
Module: drand - the Distributed Randomness BeaconModule: drand - the Distributed Randomness Beacon
Module: drand - the Distributed Randomness BeaconIoannis Psaras
 
Cryptography
CryptographyCryptography
Cryptographyfsl khan
 
Fabric Engine: Scene graph 2.0
Fabric Engine: Scene graph 2.0Fabric Engine: Scene graph 2.0
Fabric Engine: Scene graph 2.0Fabric Software Inc
 
Network security Encryption
Network security EncryptionNetwork security Encryption
Network security EncryptionJoel Briza
 
Ppt cns
Ppt cnsPpt cns
Ppt cnsAmit Pathak
 
Cryptography
CryptographyCryptography
CryptographyJens Patel
 
Cryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSACryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSAaritraranjan
 
Exploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An ExampleExploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An ExampleDharmalingam Ganesan
 
The Diffie-Hellman Algorithm
The Diffie-Hellman AlgorithmThe Diffie-Hellman Algorithm
The Diffie-Hellman AlgorithmJay Nagar
 
Blockchain and smart contracts, what they are and why you should really care ...
Blockchain and smart contracts, what they are and why you should really care ...Blockchain and smart contracts, what they are and why you should really care ...
Blockchain and smart contracts, what they are and why you should really care ...maeste
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutannewbie2019
 
Cryptography 101
Cryptography 101Cryptography 101
Cryptography 101Aditya Kamat
 
Consensus in Polkadot - 20190624
Consensus in Polkadot - 20190624Consensus in Polkadot - 20190624
Consensus in Polkadot - 20190624Joe Petrowski
 
Ch9
Ch9Ch9
Ch9Mahender Kumar
 

More Related Content

What's hot

Post quantum cryptography - thesis
Post quantum cryptography - thesisPost quantum cryptography - thesis
Post quantum cryptography - thesisSamy Shehata
 
Information and network security 32 principles of public key cryptosystems
Information and network security 32 principles of public key cryptosystemsInformation and network security 32 principles of public key cryptosystems
Information and network security 32 principles of public key cryptosystemsVaibhav Khanna
 
Module: drand - the Distributed Randomness Beacon
Module: drand - the Distributed Randomness BeaconModule: drand - the Distributed Randomness Beacon
Module: drand - the Distributed Randomness BeaconIoannis Psaras
 
Cryptography
CryptographyCryptography
Cryptographyfsl khan
 
Network security Encryption
Network security EncryptionNetwork security Encryption
Network security EncryptionJoel Briza
 
Cryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSACryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSAaritraranjan
 
Exploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An ExampleExploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An ExampleDharmalingam Ganesan
 
The Diffie-Hellman Algorithm
The Diffie-Hellman AlgorithmThe Diffie-Hellman Algorithm
The Diffie-Hellman AlgorithmJay Nagar
 
Blockchain and smart contracts, what they are and why you should really care ...
Blockchain and smart contracts, what they are and why you should really care ...Blockchain and smart contracts, what they are and why you should really care ...
Blockchain and smart contracts, what they are and why you should really care ...maeste
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutannewbie2019
 

What's hot (19)

Post quantum cryptography - thesis
Post quantum cryptography - thesisPost quantum cryptography - thesis
Post quantum cryptography - thesis
 
Computer and Network Security
Computer and Network SecurityComputer and Network Security
Computer and Network Security
 
Berlin sigma-2017
Berlin sigma-2017Berlin sigma-2017
Berlin sigma-2017
 
Unit 1
Unit 1Unit 1
Unit 1
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Information and network security 32 principles of public key cryptosystems
Information and network security 32 principles of public key cryptosystemsInformation and network security 32 principles of public key cryptosystems
Information and network security 32 principles of public key cryptosystems
 
cryptography
cryptographycryptography
cryptography
 
Module: drand - the Distributed Randomness Beacon
Module: drand - the Distributed Randomness BeaconModule: drand - the Distributed Randomness Beacon
Module: drand - the Distributed Randomness Beacon
 
Cryptography
CryptographyCryptography
Cryptography
 
Fabric Engine: Scene graph 2.0
Fabric Engine: Scene graph 2.0Fabric Engine: Scene graph 2.0
Fabric Engine: Scene graph 2.0
 
Network security Encryption
Network security EncryptionNetwork security Encryption
Network security Encryption
 
Ppt cns
Ppt cnsPpt cns
Ppt cns
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSACryptographic Algorithms: DES and RSA
Cryptographic Algorithms: DES and RSA
 
Exploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An ExampleExploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An Example
 
The Diffie-Hellman Algorithm
The Diffie-Hellman AlgorithmThe Diffie-Hellman Algorithm
The Diffie-Hellman Algorithm
 
Blockchain and smart contracts, what they are and why you should really care ...
Blockchain and smart contracts, what they are and why you should really care ...Blockchain and smart contracts, what they are and why you should really care ...
Blockchain and smart contracts, what they are and why you should really care ...
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutan
 

Similar to Tutorial on Cryptography

Consensus in Polkadot - 20190624
Consensus in Polkadot - 20190624Consensus in Polkadot - 20190624
Consensus in Polkadot - 20190624Joe Petrowski
 
RSA Algm.pptx
RSA Algm.pptxRSA Algm.pptx
RSA Algm.pptxSou Jana
 
Machine Learning with Python
Machine Learning with PythonMachine Learning with Python
Machine Learning with PythonGLC Networks
 
On deriving the private key from a public key
On deriving the private key from a public keyOn deriving the private key from a public key
On deriving the private key from a public keyDharmalingam Ganesan
 
Machine Learning with Python
Machine Learning with Python Machine Learning with Python
Machine Learning with Python GLC Networks
 
Rsa diffi-network security-itt
Rsa diffi-network security-ittRsa diffi-network security-itt
Rsa diffi-network security-ittrameshvvv
 
Crypto & Crpyocurrencies Intro
Crypto & Crpyocurrencies IntroCrypto & Crpyocurrencies Intro
Crypto & Crpyocurrencies IntroTal Shmueli
 
Seun - Breaking into Protocol Engineering (1).pptx
Seun - Breaking into Protocol Engineering (1).pptxSeun - Breaking into Protocol Engineering (1).pptx
Seun - Breaking into Protocol Engineering (1).pptxSeunLanLege1
 
Post quantum cryptography
Post quantum cryptographyPost quantum cryptography
Post quantum cryptographySamy Shehata
 
Total privacy of transactions, Mimblewimble and Grin
Total privacy of transactions, Mimblewimble and GrinTotal privacy of transactions, Mimblewimble and Grin
Total privacy of transactions, Mimblewimble and GrinEugene Pavlenko
 
Vtu network security(10 ec832) unit 3 notes.
Vtu network security(10 ec832) unit 3 notes.Vtu network security(10 ec832) unit 3 notes.
Vtu network security(10 ec832) unit 3 notes.Jayanth Dwijesh H P
 
The Road Less Traveled: Use-cases, Challenges, and Solutions of Homomorphic E...
The Road Less Traveled: Use-cases, Challenges, and Solutions of Homomorphic E...The Road Less Traveled: Use-cases, Challenges, and Solutions of Homomorphic E...
The Road Less Traveled: Use-cases, Challenges, and Solutions of Homomorphic E...Trupti Shiralkar, CISSP
 
Pen Testing Development
Pen Testing DevelopmentPen Testing Development
Pen Testing DevelopmentCTruncer
 

Similar to Tutorial on Cryptography (20)

Cryptography 101
Cryptography 101Cryptography 101
Cryptography 101
 
Consensus in Polkadot - 20190624
Consensus in Polkadot - 20190624Consensus in Polkadot - 20190624
Consensus in Polkadot - 20190624
 
Ch9
Ch9Ch9
Ch9
 
RSA Algm.pptx
RSA Algm.pptxRSA Algm.pptx
RSA Algm.pptx
 
Machine Learning with Python
Machine Learning with PythonMachine Learning with Python
Machine Learning with Python
 
RSA without Integrity Checks
RSA without Integrity ChecksRSA without Integrity Checks
RSA without Integrity Checks
 
Rsa
RsaRsa
Rsa
 
On deriving the private key from a public key
On deriving the private key from a public keyOn deriving the private key from a public key
On deriving the private key from a public key
 
Machine Learning with Python
Machine Learning with Python Machine Learning with Python
Machine Learning with Python
 
3 pkc+rsa
3 pkc+rsa3 pkc+rsa
3 pkc+rsa
 
Introduction to cryptography
Introduction to cryptographyIntroduction to cryptography
Introduction to cryptography
 
Rsa diffi-network security-itt
Rsa diffi-network security-ittRsa diffi-network security-itt
Rsa diffi-network security-itt
 
PKC&RSA
PKC&RSAPKC&RSA
PKC&RSA
 
Crypto & Crpyocurrencies Intro
Crypto & Crpyocurrencies IntroCrypto & Crpyocurrencies Intro
Crypto & Crpyocurrencies Intro
 
Seun - Breaking into Protocol Engineering (1).pptx
Seun - Breaking into Protocol Engineering (1).pptxSeun - Breaking into Protocol Engineering (1).pptx
Seun - Breaking into Protocol Engineering (1).pptx
 
Post quantum cryptography
Post quantum cryptographyPost quantum cryptography
Post quantum cryptography
 
Total privacy of transactions, Mimblewimble and Grin
Total privacy of transactions, Mimblewimble and GrinTotal privacy of transactions, Mimblewimble and Grin
Total privacy of transactions, Mimblewimble and Grin
 
Vtu network security(10 ec832) unit 3 notes.
Vtu network security(10 ec832) unit 3 notes.Vtu network security(10 ec832) unit 3 notes.
Vtu network security(10 ec832) unit 3 notes.
 
The Road Less Traveled: Use-cases, Challenges, and Solutions of Homomorphic E...
The Road Less Traveled: Use-cases, Challenges, and Solutions of Homomorphic E...The Road Less Traveled: Use-cases, Challenges, and Solutions of Homomorphic E...
The Road Less Traveled: Use-cases, Challenges, and Solutions of Homomorphic E...
 
Pen Testing Development
Pen Testing DevelopmentPen Testing Development
Pen Testing Development
 

More from kenluck2001

Salt Identification Challenge
Salt Identification ChallengeSalt Identification Challenge
Salt Identification Challengekenluck2001
 
Compressed Sensing using Generative Model
Compressed Sensing using Generative ModelCompressed Sensing using Generative Model
Compressed Sensing using Generative Modelkenluck2001
 
Landmark Retrieval & Recognition
Landmark Retrieval & RecognitionLandmark Retrieval & Recognition
Landmark Retrieval & Recognitionkenluck2001
 
Tracking the tracker: Time Series Analysis in Python from First Principles
Tracking the tracker: Time Series Analysis in Python from First PrinciplesTracking the tracker: Time Series Analysis in Python from First Principles
Tracking the tracker: Time Series Analysis in Python from First Principleskenluck2001
 
Tracking the tracker: Time Series Analysis in Python from First Principles
Tracking the tracker: Time Series Analysis in Python from First PrinciplesTracking the tracker: Time Series Analysis in Python from First Principles
Tracking the tracker: Time Series Analysis in Python from First Principleskenluck2001
 
Data visualization in python/Django
Data visualization in python/DjangoData visualization in python/Django
Data visualization in python/Djangokenluck2001
 

More from kenluck2001 (7)

Salt Identification Challenge
Salt Identification ChallengeSalt Identification Challenge
Salt Identification Challenge
 
Compressed Sensing using Generative Model
Compressed Sensing using Generative ModelCompressed Sensing using Generative Model
Compressed Sensing using Generative Model
 
Landmark Retrieval & Recognition
Landmark Retrieval & RecognitionLandmark Retrieval & Recognition
Landmark Retrieval & Recognition
 
Tracking the tracker: Time Series Analysis in Python from First Principles
Tracking the tracker: Time Series Analysis in Python from First PrinciplesTracking the tracker: Time Series Analysis in Python from First Principles
Tracking the tracker: Time Series Analysis in Python from First Principles
 
Tracking the tracker: Time Series Analysis in Python from First Principles
Tracking the tracker: Time Series Analysis in Python from First PrinciplesTracking the tracker: Time Series Analysis in Python from First Principles
Tracking the tracker: Time Series Analysis in Python from First Principles
 
Kaggle kenneth
Kaggle kennethKaggle kenneth
Kaggle kenneth
 
Data visualization in python/Django
Data visualization in python/DjangoData visualization in python/Django
Data visualization in python/Django
 

Recently uploaded

G9 Science Q4- Week 1-2 Projectile Motion.ppt
G9 Science Q4- Week 1-2 Projectile Motion.pptG9 Science Q4- Week 1-2 Projectile Motion.ppt
G9 Science Q4- Week 1-2 Projectile Motion.pptMAESTRELLAMesa2
 
Grafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeGrafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeSatoshi NAKAHIRA
 
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxUnlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxanandsmhk
 
STERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCE
STERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCESTERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCE
STERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCEPRINCE C P
 
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡anilsa9823
 
Zoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdfZoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdfSumit Kumar yadav
 
Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)PraveenaKalaiselvan1
 
Animal Communication- Auditory and Visual.pptx
Animal Communication- Auditory and Visual.pptxAnimal Communication- Auditory and Visual.pptx
Animal Communication- Auditory and Visual.pptxUmerFayaz5
 
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...ssifa0344
 
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPirithiRaju
 
Nanoparticles synthesis and characterization​ ​
Nanoparticles synthesis and characterization​ ​Nanoparticles synthesis and characterization​ ​
Nanoparticles synthesis and characterization​ ​kaibalyasahoo82800
 
Botany 4th semester series (krishna).pdf
Botany 4th semester series (krishna).pdfBotany 4th semester series (krishna).pdf
Botany 4th semester series (krishna).pdfSumit Kumar yadav
 
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...Lokesh Kothari
 
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsHubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsSérgio Sacani
 
Chemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdfChemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdfSumit Kumar yadav
 
SOLUBLE PATTERN RECOGNITION RECEPTORS.pptx
SOLUBLE PATTERN RECOGNITION RECEPTORS.pptxSOLUBLE PATTERN RECOGNITION RECEPTORS.pptx
SOLUBLE PATTERN RECOGNITION RECEPTORS.pptxkessiyaTpeter
 
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...Sérgio Sacani
 
Biological Classification BioHack (3).pdf
Biological Classification BioHack (3).pdfBiological Classification BioHack (3).pdf
Biological Classification BioHack (3).pdfmuntazimhurra
 
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Sérgio Sacani
 

Recently uploaded (20)

G9 Science Q4- Week 1-2 Projectile Motion.ppt
G9 Science Q4- Week 1-2 Projectile Motion.pptG9 Science Q4- Week 1-2 Projectile Motion.ppt
G9 Science Q4- Week 1-2 Projectile Motion.ppt
 
Grafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeGrafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real time
 
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxUnlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
 
STERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCE
STERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCESTERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCE
STERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCE
 
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
 
Zoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdfZoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdf
 
Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)
 
Animal Communication- Auditory and Visual.pptx
Animal Communication- Auditory and Visual.pptxAnimal Communication- Auditory and Visual.pptx
Animal Communication- Auditory and Visual.pptx
 
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
 
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
 
Nanoparticles synthesis and characterization​ ​
Nanoparticles synthesis and characterization​ ​Nanoparticles synthesis and characterization​ ​
Nanoparticles synthesis and characterization​ ​
 
Botany 4th semester series (krishna).pdf
Botany 4th semester series (krishna).pdfBotany 4th semester series (krishna).pdf
Botany 4th semester series (krishna).pdf
 
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
 
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsHubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
 
CELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdfCELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdf
 
Chemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdfChemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdf
 
SOLUBLE PATTERN RECOGNITION RECEPTORS.pptx
SOLUBLE PATTERN RECOGNITION RECEPTORS.pptxSOLUBLE PATTERN RECOGNITION RECEPTORS.pptx
SOLUBLE PATTERN RECOGNITION RECEPTORS.pptx
 
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
 
Biological Classification BioHack (3).pdf
Biological Classification BioHack (3).pdfBiological Classification BioHack (3).pdf
Biological Classification BioHack (3).pdf
 
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
 

Tutorial on Cryptography

  • 1. TUTORIAL ON CRYPTOGRAPHY Kenneth Emeka Odoh Vancouver, BC Version 1 Created: July, 2018 Updated: N/A
  • 3. Recommended Textbooks ● A Graduate Course in Applied Cryptography by Dan Boneh and Victor Shoup, { https://crypto.stanford.edu/~dabo/cryptobook/BonehShoup_0_4.pdf }. ● Hacking Secret Ciphers with Python by Al Sweigart, { https://inventwithpython.com/hackingciphers.pdf }. ● List of practical exercises { https://github.com/sodium-friends/learntocrypto }. ● http://math.tut.fi/~ruohonen/MC.pdf Kenneth Emeka Odoh 3
  • 4. Education ● Masters in Computer Science (University of Regina) 2013 - 2016 ● A number of MOOCs in statistics, algorithm, and machine learning Work ● Research assistant in the field of Visual Analytics 2013 - 2016 ○ { https://scholar.google.com/citations?user=3G2ncgwAAAAJ&hl=en } ● Software Engineer in Vancouver, Canada 2017 - ● Regular speaker at a number of Vancouver AI meetups, organizer of distributed systems meetup, and Haskell study group and organizer of Applied Cryptography study group 2017 - Bio Kenneth Emeka Odoh 4
  • 5. Contents ● Introduction ● Secret key cryptography ● Public key cryptography ● Protocols ● Privacy and anonymity ● Case studies ● Exercises Kenneth Emeka Odoh 5
  • 7. Cryptology consist of the following fields. ● Cryptography ● Cryptanalysis Cryptography is the process for encrypting and decrypting messages. Cryptanalysis is the process of recovering plaintext from the cryptotext without the decryption key. The holy grail of cryptography is to make cryptanalysis very computationally infeasible. Stenography is the art of hiding message in medium that is not obvious. For example, hiding information in images {https://www.csmonitor.com/Science/2010/0630/How-Russian-spies-hid-secret-co des-in-online-photos} Kenneth Emeka Odoh 7
  • 8. Cryptography provides the following benefits ● Confidentiality ○ Information available to authorized entities ● Integrity ○ Protection from unauthorized information changes. ● Authenticity ○ It is possible to verify the identities of people, computer, and programs. Kenneth Emeka Odoh 8
  • 9. Cryptanalysis ● Frequency analysis ○ Kasiski method ● Hill method (plaintext - cryptotext attack) Kenneth Emeka Odoh 9
  • 10. Securing your Resources ● Begin with a threat model ○ Identify the adversaries that you are protecting against, if it is a serious adversary be ready for shock e.g heartbleed bug. ○ How long should the information be secure. ● Identify the trust model. ● Identify the computation resources for encrypting and decrypting with minimal bottleneck. ● Reduce attack surface. Identify all attack vectors and handle the cases. ● Reduce severity of breaches with careful design. This fall into crisis response. ● Cryptography should be used in the mix of other techniques e.g secure coding, access control (permissions management) among others. Kenneth Emeka Odoh 10
  • 11. Mathematical Foundation of Cryptography ● Factorization ○ Given an integer, n. Find all the prime, p that are factors of n. ● Discrete logarithm ○ Given a prime, p, and integer a and c. Find every s that satisfy as = c mod p. Quick primer on the mathematics of Cryptography. See {Page 1 - 28 / 95} { http://www.cs.helsinki.fi/u/karvi/advanced_1_12.pdf } Kenneth Emeka Odoh 11
  • 12. Secret Key versus Public key Cryptography Kenneth Emeka Odoh 12
  • 13. Alice Bob Kenneth Emeka Odoh Figure 1: Communication between Alice and Bob 13
  • 14. Secret key cryptography The key cannot be made public without compromising security. Public key cryptography Each user has two keys (private key and public key), if is very difficult to get the private key from the public key. The public key can be announced with compromising security. Kenneth Emeka Odoh 14
  • 15. pt: plaintext Ek : encryption using the key, k Dk : decryption using the key, k ct: cryptotext ct = Ek (pt) pt = Dk (ct) Dk ( Ek (pt) ) = pt Public key Alice ( nA ,eA ) Bob ( nB ,eB ) Private key Alice ( nA ,dA ) Bob ( nB ,dB ) Kenneth Emeka Odoh 15
  • 16. Trapdoor vs hash function ● Trapdoor is a function that maps an input to an output. This is easy in the forward step from input to output but computationally expensive to recreate the input from the output. This is required for encryption and decryption function. 1 = d*e mod n where d is an inverse of e ● Hash function is a one way function from an input to an output. It is impossible to recreate the input from the output. { https://www.uow.edu.au/~jennie/CSCI971/hash1.pdf } { http://www.cs.nthu.edu.tw/~wkhon/algo08-tutorials/tutorial-hashing.pdf } Kenneth Emeka Odoh 16
  • 17. RSA { Page 57 / 95 } Diffie-hellman key exchange { Page 80 - 82 / 95 } Elliptic curve { Page 85 - 92 / 95 } { http://www.cs.helsinki.fi/u/karvi/advanced_1_12.pdf } Kenneth Emeka Odoh 17
  • 18. Message Signature ● Alice, A, wants to send a message, m, to Bob, B ● Create SA as the hash of m. ● Alice encrypts the hashed message using her private key, dA DA (SA ) = SA dA mod nA ● Send message with signature as ( EB ( DA (SA ) ), EB (m) ) to bob ● Once bob receives the message. He verifies the signature to be sure that there are no changes in the messages. Kenneth Emeka Odoh 18
  • 20. Protocol is the sequence of communication steps between entities. This describes the message format and position in the sequence for message delivery and receipt between the participating entities. Kenneth Emeka Odoh 20
  • 21. ● Go to the Primer on protocol and discuss in details { https://www.cs.helsinki.fi/u/karvi/advanced_2_12.pdf }. ● Design principles for public key protocol {page 48 - 49 / 62} ● Discuss the design decisions of goldbug which a diverse collection of cryptographic cipher { https://compendio.github.io/goldbug-manual/ } Kenneth Emeka Odoh 21
  • 23. Privacy vs Secrecy vs Anonymity Secrecy is a high degree of privacy. Anonymity is a way to achieve privacy. ● Is the information indecipherable to the unintended parties? ● It is possible to see the information, but can’t tell where it is from? ● Who can see the sender, but cannot map to the real person? See more information on relationship between information provided and entropy ○ {https://www.johndcook.com/blog/2017/09/12/quantifying-the-information-content-of-personal-data/ } ○ {https://www.johndcook.com/blog/2017/09/20/quantifying-privacy-loss-in-a-statistical-database/ } Kenneth Emeka Odoh 23
  • 24. Zero-Knowledge method This is a probabilistic proof of knowledge of an entity ( prover ), who claims to have information about a resource and proceeds to solve a set of challenges to verify the claim to the ( verifier ). If the challenge is well designed, it is very difficult to perform replay attacks. Discuss the examples ● Ali baba cave ● Colour-blind friend with a pair of balls {https://en.wikipedia.org/wiki/Zero-knowledge_proof } Kenneth Emeka Odoh 24
  • 25. Properties of Zero-Knowledge proof ● Completeness: A fair verifier will be convinced by a honest prover that is if they are faithfully obeying the protocol. ● Soundness: it is only possible for the prover to cheat the verifier with a very small probability. ● Zero-knowledge: If the statement given by the prover is true, then the only information learnt by the verifier is that the statement of the challenge is true. Mathematical basis for Zero-Knowledge proof ● Discrete logarithm ● Polynomial factorization ● NP-hard problem ○ Hamiltonian cycle Kenneth Emeka Odoh 25
  • 26. Discrete Logarithm ● P want to prove to V that it has knows the value of x. ● The following information is known to both P and V which consist of a value, y, prime, p, and generator, g. ● P creates y using her secret knowledge, x and sends y to V. ○ y = gx mod p ● The knowledge of x can be used as a proof of identity to V. ● At a later time, On each round ● P generates a random number, r to compute C and send to V. Both options may be used only if the prover doesn't know the value of x and is trying to fool the verifier. This necessitates the need for Option 2 to validate identity of P. ● Option 1 C = gr mod p ● Option 2 C = gr+x mod (p-1) mod p ● On reception of message, C by V. It makes a random choice of either option 1 or 2. ● The verifier can however validate the prover's identity, P without knowledge of x. Kenneth Emeka Odoh 26
  • 27. Hamiltonian Cycle ● The graph, G is known to both P and V. Only P knows the hamiltonian cycle in the graph, G. ● At the beginning of each round, P creates H which is isomorphic to G. ● The knowledge of hamiltonian can be used as a proof of identity to V. ● At a later time, On each round. ● P creates a graph, H and commits using a commitment scheme to prevent changing of mind after sending H to V. ● Option 1 C = isomorphic permutation function between H and G ● Option 2 C = hamiltonian cycle in H ● On reception of message, C by V. It makes a random choice of either option 1 or 2. ● Verify isomorphic permutation function and hamiltonian cycle of H as a proof of identity of P. Kenneth Emeka Odoh 27
  • 28. zkSNARKs This is similar to other concepts discuss in this course. However, it seem complicated to be discussed here for more information. This is used in blockchain applications. For more details ● { https://blog.ethereum.org/2016/12/05/zksnarks-in-a-nutshell/ } ● { https://getmonero.org/resources/moneropedia/ringsignatures.html } ● { https://getmonero.org/resources/moneropedia/stealthaddress.html } Kenneth Emeka Odoh 28
  • 29. Most of the zero-knowledge proof in this presentation require “trusted setup”. There are recent works that do not require “trusted setup”. {https://zcoin.io/zcoin-moving-beyond-trusted-setup-in-zerocoin/ } Trust setup is a case where a party is expected to create and delete the secret in the session. Kenneth Emeka Odoh 29
  • 31. Bitcoin: A simplistic view ● Bitcoin is a virtual currency that keeps a record of every transaction in a distributed append only public ledger known as blockchain. ● Transactions are securely processed and verified by using a proof of work consensus protocol with a reward scheme for miners. ● Bitcoin is a peer to peer network without a trusted central authority. ● An owner has full ownership over their money (electronic coins). It is possible to spend and receive increased or decreased value of coins without a central authority. Kenneth Emeka Odoh 31
  • 32. ● Users have public and private key for secure communication. ● Digital signatures are added to message to prevent tampering and preventing fraud. ● Each user can have multiple public keys and private keys. Each of keys can be related to a wallet. ● Each user has a destination address which is obtained by hashing the public key provides anonymity. ● Bitcoin transaction is verified by a group of miners. ● Miners wait on a block in a queue like manner. A miner processes the transaction and waits on a quorum of users to verify the transaction. Kenneth Emeka Odoh 32
  • 34. Code Documentation & Tutorial ● Read documentation for setting up node.js. ○ https://www.digitalocean.com/community/tutorials/how-to-install-node-js-on-ubuntu-16-04#how -to-install-using-nvm ○ https://www.w3schools.com/nodejs/default.asp ● Buffer { https://www.w3schools.com/nodejs/ref_buffer.asp } ● File management in Javascript ○ https://stackoverflow.com/questions/2496710/writing-files-in-node-js ○ https://stackoverflow.com/questions/14430859/javascript-best-way-to-convert-associative-arra y-to-string-and-back-the-other-w ● Peer to peer JavaScript ○ { https://github.com/socketio/socket.io-p2p } Kenneth Emeka Odoh 34
  • 35. ● Install the following packages npm install sodium-native npm install duplex-json-stream npm install net ● Get list of installed packages in node.js npm list -g --depth=0 35
  • 36. Required Exercises ● Coding up the entire exercises ○ { https://github.com/sodium-friends/learntocrypto/tree/master/problems }. ● Describe PGP (pretty good privacy) which uses elgamal algorithm Kenneth Emeka Odoh 36
  • 37. Optional Project ● Implement simplistic DSA without any complicated padding, message blinding, or protection against side channel attacks. ○ Implement DES ■ {http://page.math.tu-berlin.de/~kant/teaching/hess/krypto-ws2006/de s.htm } ○ Decrypting DES ■ {https://crypto.stackexchange.com/questions/9674/how-does-des-de cryption-work-is-it-the-same-as-encryption-or-the-reverse } Kenneth Emeka Odoh 37
  • 38. Advanced Project ● Implement the noise protocol as described in { https://noiseprotocol.org/noise.html }. ● Hint: understand this block of code for peer to peer communication {https://github.com/socketio/socket.io-p2p/tree/master/examples/chat } ● For more information on key generation for conference protocol {http://www.cs.helsinki.fi/u/karvi/advanced_3_12.pdf } Kenneth Emeka Odoh 38
  • 39. Conclusions ● Avoid implementing from scratch ○ Use existing library written by experts ● Side-channel attacks ● Rubber-hose cryptanalysis ● Quantum cryptography Kenneth Emeka Odoh 39