Elliptic Curve Cryptography and Zero Knowledge Proof
Presentation by Nimish Joseph, at College of Engineering Cherthala, Kerala, India, during Faculty Development Program, on 06-Nov-2013
Elliptic Curve Cryptography for those who are afraid of mathsMartijn Grooten
A low level introduction into elliptic curve cryptography, as presented at BSides San Francisco 2016.
NB don't be put off by the 100 slides; every transition is on its own slide.
This Presentation Elliptical Curve Cryptography give a brief explain about this topic, it will use to enrich your knowledge on this topic. Use this ppt for your reference purpose and if you have any queries you'll ask questions.
Zero Knowledge Proofs: What they are and how they workAll Things Open
Title: Zero Knowledge Proofs: What they are and how they work
Presented at All Things Open 2022
Presented by Jim Zhang
Abstract: Have you ever wanted to convince the security guard at the bar that you are over the legal drinking age, but didn’t want to tell them how old you are? Use a zero knowledge proof! Zero knowledge proofs (or ZKPs) are a powerful cryptographic technology that are being used to build privacy-preserving blockchains, next-generation digital identities, and many other things. Come and learn more about what Zero Knowledge Proofs are and how they work.
This document provides an overview of homomorphic encryption. It begins by defining homomorphic encryption as a form of encryption that allows specific types of computations to be performed on ciphertext and generate an encrypted result that matches the operations performed on the plaintext when decrypted. It then discusses different types of homomorphic encryption including partially homomorphic (additive or multiplicative), fully homomorphic encryption, and provides examples like RSA, ElGamal, and Paillier. The document concludes by listing some applications of homomorphic encryption such as e-voting, biometric verification, and discusses Paillier encryption specifically.
Elliptic curve cryptography (ECC) uses elliptic curves over finite fields for encryption, digital signatures, and key exchange. It provides the same security as RSA or discrete logarithm schemes but with smaller key sizes (e.g. 256-bit ECC vs. 3072-bit RSA). ECC algorithms are also faster and use less energy than other schemes. While ECC offers advantages, security relies on using cryptographically strong elliptic curves and there is no deterministic method to encode messages as curve points.
Elliptic curve cryptography (ECC) uses elliptic curves over finite fields to provide public-key encryption and digital signatures. ECC requires significantly smaller key sizes than other cryptosystems like RSA to provide equivalent security. This allows for faster computations and less storage requirements, making ECC ideal for constrained environments like smartphones. ECC relies on the difficulty of solving the elliptic curve discrete logarithm problem to provide security.
Elliptic curve cryptography (ECC) uses elliptic curves over finite fields for encryption, digital signatures, and key exchange. The key sizes are smaller than RSA for the same security level. Its security relies on the assumed hardness of solving the discrete logarithm problem over elliptic curves. ECC defines elliptic curves with parameters over Galois fields GF(p) for prime p or binary fields GF(2m). Points on the curves along with addition and doubling formulas are used to perform scalar multiplications for cryptographic operations.
Elliptic Curve Cryptography for those who are afraid of mathsMartijn Grooten
A low level introduction into elliptic curve cryptography, as presented at BSides San Francisco 2016.
NB don't be put off by the 100 slides; every transition is on its own slide.
This Presentation Elliptical Curve Cryptography give a brief explain about this topic, it will use to enrich your knowledge on this topic. Use this ppt for your reference purpose and if you have any queries you'll ask questions.
Zero Knowledge Proofs: What they are and how they workAll Things Open
Title: Zero Knowledge Proofs: What they are and how they work
Presented at All Things Open 2022
Presented by Jim Zhang
Abstract: Have you ever wanted to convince the security guard at the bar that you are over the legal drinking age, but didn’t want to tell them how old you are? Use a zero knowledge proof! Zero knowledge proofs (or ZKPs) are a powerful cryptographic technology that are being used to build privacy-preserving blockchains, next-generation digital identities, and many other things. Come and learn more about what Zero Knowledge Proofs are and how they work.
This document provides an overview of homomorphic encryption. It begins by defining homomorphic encryption as a form of encryption that allows specific types of computations to be performed on ciphertext and generate an encrypted result that matches the operations performed on the plaintext when decrypted. It then discusses different types of homomorphic encryption including partially homomorphic (additive or multiplicative), fully homomorphic encryption, and provides examples like RSA, ElGamal, and Paillier. The document concludes by listing some applications of homomorphic encryption such as e-voting, biometric verification, and discusses Paillier encryption specifically.
Elliptic curve cryptography (ECC) uses elliptic curves over finite fields for encryption, digital signatures, and key exchange. It provides the same security as RSA or discrete logarithm schemes but with smaller key sizes (e.g. 256-bit ECC vs. 3072-bit RSA). ECC algorithms are also faster and use less energy than other schemes. While ECC offers advantages, security relies on using cryptographically strong elliptic curves and there is no deterministic method to encode messages as curve points.
Elliptic curve cryptography (ECC) uses elliptic curves over finite fields to provide public-key encryption and digital signatures. ECC requires significantly smaller key sizes than other cryptosystems like RSA to provide equivalent security. This allows for faster computations and less storage requirements, making ECC ideal for constrained environments like smartphones. ECC relies on the difficulty of solving the elliptic curve discrete logarithm problem to provide security.
Elliptic curve cryptography (ECC) uses elliptic curves over finite fields for encryption, digital signatures, and key exchange. The key sizes are smaller than RSA for the same security level. Its security relies on the assumed hardness of solving the discrete logarithm problem over elliptic curves. ECC defines elliptic curves with parameters over Galois fields GF(p) for prime p or binary fields GF(2m). Points on the curves along with addition and doubling formulas are used to perform scalar multiplications for cryptographic operations.
Elliptic Curve Cryptography was presented by Ajithkumar Vyasarao. He began with an introduction to ECC, noting its advantages over RSA like smaller key sizes providing equal security. He described how ECC works using elliptic curves over real numbers and finite fields. He demonstrated point addition and scalar multiplication on curves. ECC can be used for applications like smart cards and mobile devices. For key exchange, Alice and Bob can agree on a starting point and generate secret keys by multiplying a private value with the shared point. ECC provides security through the difficulty of solving the elliptic curve discrete logarithm problem.
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
Symmetric Key Encryption Algorithms can be categorized as stream ciphers or block ciphers. Block ciphers like the Data Encryption Standard (DES) operate on fixed-length blocks of bits, while stream ciphers process messages bit-by-bit. DES is an example of a block cipher that encrypts 64-bit blocks using a 56-bit key. International Data Encryption Algorithm (IDEA) is another block cipher that uses a 128-bit key and 64-bit blocks, employing addition and multiplication instead of XOR like DES. IDEA consists of 8 encryption rounds followed by an output transformation to generate the ciphertext from the plaintext and key.
Homomorphic encryption allows computations to be performed on encrypted data without decrypting it first. This document discusses homomorphic encryption techniques including partially homomorphic encryptions that support either addition or multiplication operations, and fully homomorphic encryption introduced by Craig Gentry that supports both types of operations. It also covers the use of ideal lattices in lattice-based cryptosystems and the bootstrapping technique used to "refresh" ciphertexts and prevent noise from accumulating during homomorphic computations.
Monero is a cryptocurrency that uses ring signatures to obscure the origin of transactions. It uses twisted Edwards curves to implement elliptic curve cryptography. Ring signatures allow multiple people to sign a transaction at once, making it difficult to determine the true signer. Monero implements ring signatures and uses the Ed25519 elliptic curve for its digital signatures.
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonSSIMeetup
This talk will introduce Zero-Knowledge Proofs (ZKPs) and explain why they are a key element in a growing number of privacy-preserving, digital-identity platforms. Clare will provide basic illustrations of ZKPs and leave the necessary mathematics foundations to the readers.
After this talk you will understand that there is a variety of ZKPs, it’s still early days, and why ZKP is such a perfect tool for digital identity platforms. This talk includes significant updates from the newly-organized ZKProof Standardization organization plus a signal of maturity: one of the first known ZKP vulnerabilities.
Clare will explain why ZKPs are so powerful, and why they are building blocks for a range of applications including privacy-preserving cryptocurrency such as Zcash, Ethereum, Artificial Intelligence, and older versions of Trusted Platform Modules (TPMs). The presentation includes many backup slides for future learning and researching, including four slides of references.
Homomorphic encryption on Blockchain PrinciplesJohann Höchtl
The document discusses homomorphic encryption and secure multiparty computation. Homomorphic encryption allows computations to be performed on encrypted data and obtain an encrypted result without decrypting the data. This allows data to be processed privately. Secure multiparty computation allows distributed parties to jointly compute a function over their private inputs while revealing nothing but the output. Implementations like SPDZ and Enigma aim to perform computations across blockchain networks to allow private analytics on distributed data. Homomorphic encryption accumulates noise with operations, limiting computations, while secure multiparty computation requires rewriting programs to handle control flows and conditionals.
Gives a basic idea of Finite field theory and its uses in Elliptic cure cryptography. ECDLP and Diffie Helman key exchange and Elgamal Encryption with ECC.
In cryptography, a one-time pad (OTP) is an encryption technique that cannot be cracked if used correctly. In this technique, a plaintext is paired with a random ...
This presentation contains the contents pertaining to the undergraduate course on Cryptography and Network Security (UITC203) at Sri Ramakrishna Institute of Technology. This covers the Elliptic Curve Cryptography and the basis of elliptic curve arithmetics.
Homomorphic encryption allows computations to be carried out on encrypted data without decrypting it first. This summary discusses Craig Gentry's scheme for fully homomorphic encryption based on ideal lattices. The scheme works by encrypting bits as ciphertexts with small noise that grows with computations. A bootstrapping procedure called re-crypt reduces the noise to keep ciphertexts decryptable. While promising for applications like cloud computing, the scheme has high computational costs that scale poorly with security level. Current research aims to make homomorphic encryption more efficient and practical.
Polygon ID offers tools that allow developers to build self-sovereign, decentralized and private identity solutions for users that leverage zero knowledge proofs. Polygon ID was released as open source last March 2023 at ETH Denver. In this presentation, Otto Mora, BD Lead for Americas, and Oleksander Brezhniev, Technical Lead at Polygon ID, will be covering aspects of the did:PolygonID method including: Verifiable presentations leveraging ZK Proofs; How the Proofs are generated; Credential Issuance Methods; and Identity Management Features.
Introduction to homomorphic encryption, encryption which allows computations on ciphertext. An overview of key aspects and the ideas that allow these schemes to work is given, as well as examples of how to apply it.
Christoph Matthies (@chrisma0), Hubert Hesse (@hubx), Robert Lehmann (@rlehmann)
This document provides an overview of the Advanced Encryption Standard (AES). It discusses how AES was created through an encryption algorithm competition organized by the National Institute of Standards and Technology to replace the aging Triple DES standard. AES is a symmetric block cipher that encrypts 128-bit blocks using 128, 192, or 256-bit keys and 10, 12, or 14 rounds respectively. The AES encryption process takes the plaintext through several stages - substitution, shifting rows, mixing columns, and adding the round key - with the inverse being applied for decryption. Some potential security attacks on AES are also mentioned, such as related-key and XSL attacks, but it remains secure if implemented correctly.
This document provides an overview of ZK-Snarks (zero-knowledge succinct non-interactive arguments of knowledge). It begins by outlining the problem of two parties conducting a transaction privately without revealing inputs. It then discusses zero-knowledge proofs and how ZK-Snarks allow for verifying computation integrity and input privacy. The document details how ZK-Snarks work by converting programs to arithmetic circuits and using a cryptographic proof system involving polynomial equations to generate proofs that can be verified without revealing inputs. Overall, the document serves as a high-level introduction to ZK-Snarks and how they enable private and verifiable blockchain transactions.
The document summarizes topics related to cryptography including RSA encryption, elliptic curve encryption, man-in-the-middle attacks, and hash functions. It discusses the basic principles of RSA encryption and key generation. It also explains elliptic curve cryptography, including elliptic curve addition and the difficulty of solving elliptic curve discrete logarithm problems. Additionally, it covers man-in-the-middle attacks on public key encryption and key agreement protocols. Finally, it provides an overview of hash functions and their properties like one-wayness and collision resistance.
Image encryption using elliptical curve cryptosytem with hill cipherkarthik kedarisetti
IMAGE ENCRYPTION-BTECH FINAL YEAR PROJECT ZEROTH REVIEW.
Image encryption is rapidly increased recently by the increasing use of the internet and communication
media. Sharing important images over unsecured channels is liable for attacking and stealing. Encryption
techniques are the suitable methods to protect images from attacks. Hill cipher algorithm is one of the
symmetric techniques, it has a simple structure and fast computations, but weak security because sender
and receiver need to use and share the same private key within a non-secure channels. A new image
encryption technique that combines Elliptic Curve Cryptosystem with Hill Cipher (ECCHC) has been proposed
in this paper to convert Hill cipher from symmetric technique to asymmetric one and increase its
security and efficiency and resist the hackers. Self-invertible key matrix is used to generate encryption
and decryption secret key. So, no need to find the inverse key matrix in the decryption process. A secret
key matrix with dimensions 4 4 will be used as an example in this study. Entropy, Peak Signal to Noise
Ratio (PSNR), and Unified Average Changing Intensity (UACI) will be used to assess the grayscale image
encryption efficiency and compare the encrypted image with the original image to evaluate the performance
of the proposed encryption technique.
Information security is one of the most important issues in the
recent times. Elliptic Curve Cryptography (ECC) is one of the most
efficient public key cryptosystems that is secured against adversaries
because it is hard for them to find the secret key and solve
the elliptic curve discrete logarithm problem. Its strengthened
security also comes from the small key size that is used in it with
the same level of safety compared to the other cryptosystems like RSA(Rivest–Shamir–Adleman))
Each grain must hold a charge
When their volume becomes too little, they will no longer be stable & will be influenced by ambient thermal energy
With current technology, this will happen around 130 Gb/in2
Talk given at Devoxx UK 2014
Caveat - without the video these slides can be taken out of context, see Parleys for the full video.
RSA is the oldest kid in the public-key cryptography playground, and its position of toughest and fastest is under sharp competition from ECC (Elliptic Curve Cryptography). We look at the mathematical difference between the two cryptosystems, showing why ECC is faster and “harder” than RSA, but also very energy efficient hence its unique advantage in the mobile space. We show how to use ECC in your Java and Android applications. Before finally summarising the “state of the union” for RSA and ECC in the light of the Snowden leaks, and the likely near-future for public-key cryptography.
Elliptic Curve Cryptography was presented by Ajithkumar Vyasarao. He began with an introduction to ECC, noting its advantages over RSA like smaller key sizes providing equal security. He described how ECC works using elliptic curves over real numbers and finite fields. He demonstrated point addition and scalar multiplication on curves. ECC can be used for applications like smart cards and mobile devices. For key exchange, Alice and Bob can agree on a starting point and generate secret keys by multiplying a private value with the shared point. ECC provides security through the difficulty of solving the elliptic curve discrete logarithm problem.
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
Symmetric Key Encryption Algorithms can be categorized as stream ciphers or block ciphers. Block ciphers like the Data Encryption Standard (DES) operate on fixed-length blocks of bits, while stream ciphers process messages bit-by-bit. DES is an example of a block cipher that encrypts 64-bit blocks using a 56-bit key. International Data Encryption Algorithm (IDEA) is another block cipher that uses a 128-bit key and 64-bit blocks, employing addition and multiplication instead of XOR like DES. IDEA consists of 8 encryption rounds followed by an output transformation to generate the ciphertext from the plaintext and key.
Homomorphic encryption allows computations to be performed on encrypted data without decrypting it first. This document discusses homomorphic encryption techniques including partially homomorphic encryptions that support either addition or multiplication operations, and fully homomorphic encryption introduced by Craig Gentry that supports both types of operations. It also covers the use of ideal lattices in lattice-based cryptosystems and the bootstrapping technique used to "refresh" ciphertexts and prevent noise from accumulating during homomorphic computations.
Monero is a cryptocurrency that uses ring signatures to obscure the origin of transactions. It uses twisted Edwards curves to implement elliptic curve cryptography. Ring signatures allow multiple people to sign a transaction at once, making it difficult to determine the true signer. Monero implements ring signatures and uses the Ed25519 elliptic curve for its digital signatures.
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonSSIMeetup
This talk will introduce Zero-Knowledge Proofs (ZKPs) and explain why they are a key element in a growing number of privacy-preserving, digital-identity platforms. Clare will provide basic illustrations of ZKPs and leave the necessary mathematics foundations to the readers.
After this talk you will understand that there is a variety of ZKPs, it’s still early days, and why ZKP is such a perfect tool for digital identity platforms. This talk includes significant updates from the newly-organized ZKProof Standardization organization plus a signal of maturity: one of the first known ZKP vulnerabilities.
Clare will explain why ZKPs are so powerful, and why they are building blocks for a range of applications including privacy-preserving cryptocurrency such as Zcash, Ethereum, Artificial Intelligence, and older versions of Trusted Platform Modules (TPMs). The presentation includes many backup slides for future learning and researching, including four slides of references.
Homomorphic encryption on Blockchain PrinciplesJohann Höchtl
The document discusses homomorphic encryption and secure multiparty computation. Homomorphic encryption allows computations to be performed on encrypted data and obtain an encrypted result without decrypting the data. This allows data to be processed privately. Secure multiparty computation allows distributed parties to jointly compute a function over their private inputs while revealing nothing but the output. Implementations like SPDZ and Enigma aim to perform computations across blockchain networks to allow private analytics on distributed data. Homomorphic encryption accumulates noise with operations, limiting computations, while secure multiparty computation requires rewriting programs to handle control flows and conditionals.
Gives a basic idea of Finite field theory and its uses in Elliptic cure cryptography. ECDLP and Diffie Helman key exchange and Elgamal Encryption with ECC.
In cryptography, a one-time pad (OTP) is an encryption technique that cannot be cracked if used correctly. In this technique, a plaintext is paired with a random ...
This presentation contains the contents pertaining to the undergraduate course on Cryptography and Network Security (UITC203) at Sri Ramakrishna Institute of Technology. This covers the Elliptic Curve Cryptography and the basis of elliptic curve arithmetics.
Homomorphic encryption allows computations to be carried out on encrypted data without decrypting it first. This summary discusses Craig Gentry's scheme for fully homomorphic encryption based on ideal lattices. The scheme works by encrypting bits as ciphertexts with small noise that grows with computations. A bootstrapping procedure called re-crypt reduces the noise to keep ciphertexts decryptable. While promising for applications like cloud computing, the scheme has high computational costs that scale poorly with security level. Current research aims to make homomorphic encryption more efficient and practical.
Polygon ID offers tools that allow developers to build self-sovereign, decentralized and private identity solutions for users that leverage zero knowledge proofs. Polygon ID was released as open source last March 2023 at ETH Denver. In this presentation, Otto Mora, BD Lead for Americas, and Oleksander Brezhniev, Technical Lead at Polygon ID, will be covering aspects of the did:PolygonID method including: Verifiable presentations leveraging ZK Proofs; How the Proofs are generated; Credential Issuance Methods; and Identity Management Features.
Introduction to homomorphic encryption, encryption which allows computations on ciphertext. An overview of key aspects and the ideas that allow these schemes to work is given, as well as examples of how to apply it.
Christoph Matthies (@chrisma0), Hubert Hesse (@hubx), Robert Lehmann (@rlehmann)
This document provides an overview of the Advanced Encryption Standard (AES). It discusses how AES was created through an encryption algorithm competition organized by the National Institute of Standards and Technology to replace the aging Triple DES standard. AES is a symmetric block cipher that encrypts 128-bit blocks using 128, 192, or 256-bit keys and 10, 12, or 14 rounds respectively. The AES encryption process takes the plaintext through several stages - substitution, shifting rows, mixing columns, and adding the round key - with the inverse being applied for decryption. Some potential security attacks on AES are also mentioned, such as related-key and XSL attacks, but it remains secure if implemented correctly.
This document provides an overview of ZK-Snarks (zero-knowledge succinct non-interactive arguments of knowledge). It begins by outlining the problem of two parties conducting a transaction privately without revealing inputs. It then discusses zero-knowledge proofs and how ZK-Snarks allow for verifying computation integrity and input privacy. The document details how ZK-Snarks work by converting programs to arithmetic circuits and using a cryptographic proof system involving polynomial equations to generate proofs that can be verified without revealing inputs. Overall, the document serves as a high-level introduction to ZK-Snarks and how they enable private and verifiable blockchain transactions.
The document summarizes topics related to cryptography including RSA encryption, elliptic curve encryption, man-in-the-middle attacks, and hash functions. It discusses the basic principles of RSA encryption and key generation. It also explains elliptic curve cryptography, including elliptic curve addition and the difficulty of solving elliptic curve discrete logarithm problems. Additionally, it covers man-in-the-middle attacks on public key encryption and key agreement protocols. Finally, it provides an overview of hash functions and their properties like one-wayness and collision resistance.
Image encryption using elliptical curve cryptosytem with hill cipherkarthik kedarisetti
IMAGE ENCRYPTION-BTECH FINAL YEAR PROJECT ZEROTH REVIEW.
Image encryption is rapidly increased recently by the increasing use of the internet and communication
media. Sharing important images over unsecured channels is liable for attacking and stealing. Encryption
techniques are the suitable methods to protect images from attacks. Hill cipher algorithm is one of the
symmetric techniques, it has a simple structure and fast computations, but weak security because sender
and receiver need to use and share the same private key within a non-secure channels. A new image
encryption technique that combines Elliptic Curve Cryptosystem with Hill Cipher (ECCHC) has been proposed
in this paper to convert Hill cipher from symmetric technique to asymmetric one and increase its
security and efficiency and resist the hackers. Self-invertible key matrix is used to generate encryption
and decryption secret key. So, no need to find the inverse key matrix in the decryption process. A secret
key matrix with dimensions 4 4 will be used as an example in this study. Entropy, Peak Signal to Noise
Ratio (PSNR), and Unified Average Changing Intensity (UACI) will be used to assess the grayscale image
encryption efficiency and compare the encrypted image with the original image to evaluate the performance
of the proposed encryption technique.
Information security is one of the most important issues in the
recent times. Elliptic Curve Cryptography (ECC) is one of the most
efficient public key cryptosystems that is secured against adversaries
because it is hard for them to find the secret key and solve
the elliptic curve discrete logarithm problem. Its strengthened
security also comes from the small key size that is used in it with
the same level of safety compared to the other cryptosystems like RSA(Rivest–Shamir–Adleman))
Each grain must hold a charge
When their volume becomes too little, they will no longer be stable & will be influenced by ambient thermal energy
With current technology, this will happen around 130 Gb/in2
Talk given at Devoxx UK 2014
Caveat - without the video these slides can be taken out of context, see Parleys for the full video.
RSA is the oldest kid in the public-key cryptography playground, and its position of toughest and fastest is under sharp competition from ECC (Elliptic Curve Cryptography). We look at the mathematical difference between the two cryptosystems, showing why ECC is faster and “harder” than RSA, but also very energy efficient hence its unique advantage in the mobile space. We show how to use ECC in your Java and Android applications. Before finally summarising the “state of the union” for RSA and ECC in the light of the Snowden leaks, and the likely near-future for public-key cryptography.
This document provides an introduction to cryptography. It defines key terms like cryptography, cryptanalysis, and cryptology. It describes the goals of encryption and authentication. It explains symmetric key cryptography where a shared secret key is used for both encryption and decryption. It also covers public key cryptography using key pairs, digital signatures to authenticate identity, and how public key encryption and signatures can be combined. The document discusses cryptographic attacks and principles like Kerckhoff's principle and provable security. It provides examples of cryptographic algorithms like block ciphers, stream ciphers, hash functions, and key exchange protocols.
This document provides an overview of elliptic curve cryptography (ECC). It begins with background on ECC, describing how it was independently proposed in 1985 as an approach to asymmetric cryptography. It then covers the basics of asymmetric cryptosystems and how ECC compares to RSA and Diffie-Hellman. The document goes on to explain elliptic curves over real and finite numbers, how points are added and doubled on elliptic curves, and how this relates to discrete logarithm problems. It discusses implementations of ECC for cryptography and comparisons to RSA in terms of key size and performance. Finally, it covers efficient implementations of ECC for smart cards.
This document summarizes a talk on Sigma protocols and zero-knowledge proofs. Sigma protocols form the basis for building efficient zero-knowledge proofs. They allow a prover to convince a verifier that they know a secret witness for a statement, without revealing the witness. Schnorr's protocol is provided as a simple example of a Sigma protocol for proving knowledge of discrete logarithms. More advanced applications include building zero-knowledge proofs for statements involving AND, OR, and other logical combinations. Sigma protocols can also construct commitment schemes, non-interactive zero-knowledge proofs, and digital signatures when combined with cryptographic primitives like hash functions and random oracles.
The document discusses the arithmetic of elliptic curves. It begins by introducing elliptic curves and their group structure under addition. It describes how points on an elliptic curve form an abelian group and that rational points form a subgroup. It then discusses points of finite order, including points of order 2 and 3. The Nagell-Lutz theorem and Mazur's theorem characterize rational points of finite order. Finally, it introduces Mordell's theorem, which states that the group of rational points on an elliptic curve is finitely generated.
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasanmunicsaa
The document provides an overview of elliptic curve cryptography including:
1. It discusses the evolution of cryptography from ancient times to modern algorithms like RSA, AES, and Diffie-Hellman key exchange.
2. It introduces elliptic curve cryptography as an alternative that provides the same level of security with smaller key sizes due to the difficulty of solving the elliptic curve discrete logarithm problem.
3. It provides examples of elliptic curve groups over prime fields and binary fields, showing how points on the curve satisfy the elliptic curve equation over a finite field.
Authentication protocols based on zero knowledge proof (Part 2 - Brief talk)Israel Buitron
Second part of a brief introduction to my PhD research titled "Authentication protocols based on zero knowledge proofs".
This presentation was given in a PhD class.
Authentication protocols based on zero knowledge proofs (Part 1 - Brief Talk)Israel Buitron
First part of a brief introduction to my PhD research titled "Authentication protocols based on zero knownledge proofs".
This presentation was given in a PhD class.
Bitcoin is a decentralized digital currency that uses cryptography to secure transactions. It allows for peer-to-peer transactions without intermediaries like banks. Transactions are recorded on a public ledger called the blockchain, which uses mining and proof-of-work to validate transactions and create new blocks. Miners are incentivized by new bitcoins and transaction fees to devote resources to processing transactions and maintaining the blockchain. While it enables censorship-resistant transactions, bitcoin is not legal tender and faces risks from volatility, acceptance, and illicit use.
Patterns for Secure Boot and Secure Storage in Computer SystemsMarcel Winandy
The document describes the secure boot and secure storage patterns. Secure boot ensures the integrity of loaded software by creating a chain of trust where each boot stage verifies the integrity of the next stage before transferring control. Secure storage protects the confidentiality and integrity of stored data by allowing only software that has passed an integrity check to access encrypted data stored in hardware-protected locations. Both patterns are fundamental for trusted computing systems and provide defenses for boot time and stored data integrity.
The presentation describes basics of cryptography and information security. It covers goals of cryptography, history of cipher symmetric and public key cryptography
Wireless sensor Network using Zero Knowledge Protocol pptsofiakhatoon
This document proposes a security model for wireless sensor networks that addresses cloning attacks, man-in-the-middle attacks, and replay attacks. It divides sensor nodes into base stations, cluster heads, and member nodes. Each node knows its cluster head, and base stations store information on all nodes. The model uses a "social fingerprint" based on neighboring nodes and zero knowledge protocols to detect cloned nodes and verify sender authenticity without transmitting sensitive information. Screenshots demonstrate implementation and the model is analyzed for various attack scenarios, performance, and cryptographic strength.
1) Cryptography can reconcile voting secrecy and auditing by enabling a new voting paradigm of secrecy and auditability through techniques like encrypted ballots on a public bulletin board.
2) End-to-end verifiable voting allows voters like Alice to independently verify that their votes were correctly cast and counted in the final results through a public bulletin board and verification of the election paper trail and results.
3) Cryptography creates trust between competitors in voting by allowing independent third-party auditing of election results through techniques like public verifiable encrypted ballots.
Introduction to Elliptic Curve CryptographyDavid Evans
This document summarizes a class on elliptic curve cryptography and bitcoin. It discusses elliptic curves over finite fields, including the field GF(2256 - 232 - 29 - 28 - 27 - 26 - 24 - 1) used in bitcoin. It explains how addition works on elliptic curves via line intersections. The document also notes that finding the discrete logarithm of points on an elliptic curve is considered a hard problem, and this property is important for bitcoin. Students are assigned to investigate the bitcoin they received, complete Project 1 by January 30th, and read materials on bitcoin and elliptic curves.
Palm vein technology uses the unique vein patterns in people's palms as a contactless biometric identifier for authentication. It captures an infrared image of the palm veins, extracts an algorithm-based representation, and compares it to stored palm vein patterns to verify identity. Palm vein patterns are hidden, difficult to forge, and unaffected by skin or hand conditions. Studies show palm vein technology has a very low false acceptance rate of less than 0.00008% and false rejection rate of 0.01%, outperforming other biometrics like fingerprints, iris scans, and voice recognition. While palm vein authentication is highly secure, non-intrusive, and gaining applications like ATM access, it remains relatively expensive and has not seen global
Oruta proposes the first privacy-preserving mechanism for public auditing of shared data stored in the cloud. It exploits ring signatures to compute verification information needed to audit integrity without revealing signer identity. The third party auditor can verify integrity of shared data without retrieving the entire file, while keeping private which user signed each block. Existing methods do not consider privacy for shared data or dynamic groups. Oruta aims to efficiently audit integrity for static groups while preserving identity privacy.
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...CheapSSLsecurity
Learn in detail about the dangers which are lurking in an E-commerce website and how to reduce the risk of such lurks by selecting the right SSL certificate for that E-commerce Business.
Lecture on 18 December 2018
Role of Cryptography in Blockchain
RSA and SHA
Blockchain for Beginners
Elective course from the Faculty of Information Technology, Thai - Nichi Institute of Technology, Bangkok for undergraduate students.
#BlockchainTNI2018
Elliptic Curve Cryptography (ECC) uses elliptic curves over finite fields for public-key encryption, digital signatures, and key exchanges. ECC provides the same security as other cryptosystems but with smaller key sizes. The talk introduced elliptic curves, defined their properties as abelian groups, and explained how to add points on a curve. It then discussed how ECC works analogously to other cryptosystems like El Gamal but using point multiplication on elliptic curves instead of exponentiation in finite fields.
This document provides an overview of finite fields and their importance in cryptography. It discusses how finite fields allow for efficient storage and arithmetic operations on integers for encryption algorithms. The document outlines the basic properties of groups, rings, and fields. It also covers modular arithmetic, greatest common divisors, and Euclid's algorithm for computing gcd. The goal is to introduce concepts needed to understand the arithmetic of the AES encryption algorithm, which uses operations in the finite field GF(28).
This document summarizes key concepts from a lecture on finite fields and their use in cryptography. It introduces finite fields and explains why they are important for cryptography. It discusses the structure of finite fields, including that every finite field has pn elements, where p is a prime number. It also provides examples of computing in finite fields through modular arithmetic.
This document summarizes key concepts from a lecture on finite fields and their use in cryptography. It introduces finite fields and explains why they are important for cryptography. It discusses the structure of finite fields, including that every finite field has pn elements, where p is a prime number. It also provides examples of computing in finite fields through modular arithmetic.
This document summarizes key concepts from a lecture on finite fields including:
- Finite fields have a specific structure with a set number of elements that allows for division, unlike modular arithmetic over integers.
- Modern cryptographic algorithms like AES rely on computations in finite fields to avoid weaknesses from patterns in integer arithmetic.
- The lecture will introduce groups, rings, fields and their properties to provide the foundations for understanding polynomial arithmetic over finite fields used in AES.
This document discusses gate level minimization and optimization of Boolean functions. It covers cost criteria for logic circuits including literal cost, gate input cost, and gate input cost with NOTs. Common techniques for Boolean function optimization are also described, including algebraic manipulation and Karnaugh maps. Karnaugh maps allow visual grouping of minterms to minimize gate inputs and simplify Boolean expressions. The concepts of implicants, prime implicants, and essential prime implicants are introduced in the context of Karnaugh map analysis. Don't care conditions are also discussed.
The document summarizes a presentation on revocable identity-based encryption (RIBE) from codes with rank metric. Key points:
- RIBE adds an efficient revocation procedure to identity-based encryption by using a binary tree structure and key updates.
- The construction is based on low rank parity-check codes, with the master secret key defined as the "trapdoor" generated by the RankSign algorithm.
- Security relies on the rank syndrome decoding problem. Key updates are done efficiently through the binary tree with logarithmic complexity.
- Parameters are given that allow decoding of up to 2wr errors with small failure probability, suitable for the identity-based encryption scheme.
Shai Halevi discusses new ways to protect cloud data and security. Presented at "New Techniques for Protecting Cloud Data and Security" organized by the New York Technology Council.
This document discusses gate-level minimization techniques. It introduces Karnaugh maps as a graphical method to minimize Boolean functions with up to 5 variables by grouping adjacent minterms. The document covers constructing K-maps, simplifying functions using grouping of minterms, and provides examples. It also discusses other minimization techniques like product-of-sums simplification using De Morgan's laws, incorporating don't care conditions, and implementing minimized functions using NAND, NOR, AND-OR-Invert and OR-AND-Invert gates.
The document discusses homomorphic encryption and secure computation. It describes how homomorphic encryption allows computations to be performed on encrypted data without decrypting it first. This is achieved through encryption schemes that maintain an additive or multiplicative homomorphism. The document outlines a 4-step approach to constructing a fully homomorphic encryption scheme based on linear error-correcting codes. It also compares homomorphic encryption to secure two-party computation techniques for privately computing a function on private inputs.
The document summarizes research on the parameterized complexity of the graph MOTIF problem. It begins by defining the problem and providing an example. It then discusses how graph MOTIF can be solved efficiently using different parameters, such as cluster editing, distance to clique, and vertex cover number. The document also analyzes parameters for which graph MOTIF remains NP-hard, such as the deletion set number parameter. In conclusion, it provides references for the algorithms and results discussed.
Elliptic Curve Cryptography uses elliptic curves over finite fields for public-key encryption, digital signatures, and other applications. The talk introduces elliptic curves, defines their properties like being an abelian group, and explains how to perform point addition graphically. It then discusses how elliptic curve groups can be used in cryptosystems like Elliptic Curve Diffie-Hellman key exchange and Elliptic Curve Digital Signature Algorithm. The talk concludes by outlining how to implement an elliptic curve cryptosystem analogously to El Gamal encryption.
The document summarizes the RSA encryption algorithm. It begins by explaining that RSA was developed in 1977 by Rivest, Shamir and Adleman. It then provides an example to demonstrate how RSA works step-by-step, generating keys, encrypting a message and decrypting the ciphertext. Finally, it discusses some challenges with breaking RSA encryption, including brute force attacks and mathematical attacks based on factoring the encryption keys, as well as timing attacks that aim to deduce keys based on variations in processing time.
Can we reveal the RSA private exponent d from its public key <e, n>? We study this question for two specific cases: e = 3 and e = 65537. Using demos, we verify that RSA reveals the most significant half of the private exponent d when the public exponent e is small. For example, for 2048-bit RSA, the most significant 1024 bits are revealed!
Demystifying Zero Knowledge Proofs [FINAL].pptxRedWhite12
This document provides an overview of zero-knowledge proofs (ZKPs) and their applications. It discusses:
- The history and types of ZKPs including SNARKs, STARKs, and Bulletproofs.
- Projects using different types of ZKPs like Zcash using zk-SNARKs and decentralized exchanges using zk-STARKs.
- The theory behind how ZKPs work by proving computations without revealing inputs, using examples like Diffie-Hellman key exchange and RSA signatures.
- Background math concepts relevant to ZKPs like modular arithmetic, elliptic curves, and finite fields.
1) EIRDH-P combines public key cryptography and steganography by encrypting images and embedding secret messages within the encrypted images.
2) It involves an Image Provider who encrypts a cover image using public key encryption. A Data Hider then embeds a secret message within the encrypted image.
3) The receiver decrypts the stego-image to extract the secret message and recover the original cover image using their private key.
This document summarizes a research paper that proposes a new public key cryptosystem based on the difficulty of inverting the function F(x) = (a × x)Mod(2p)Div(2q). The cryptosystem includes a key exchange algorithm, public key encryption algorithm, and digital signature algorithm. The document analyzes the efficiency and security of the cryptosystem, showing it has O(n) faster time complexity than RSA and Diffie-Hellman. It also reduces breaking the cryptosystem to solving difficult SAT instances or sets of multivariate polynomial equations over F(2). Python implementations of the key exchange and signature algorithms are provided in appendices.
This document discusses analyzing the time complexity of algorithms. It covers estimating time complexity using mathematical models, analyzing worst-case and best-case scenarios, and using Big O notation to describe an algorithm's asymptotic growth rate. Examples are given of linear, logarithmic, quadratic, and exponential time complexities. The document also discusses space complexity and different algorithm complexity classes like constant, logarithmic, linear, and quadratic.
Using timed-release cryptography to mitigate the preservation risk of embargo...Michael Nelson
Slides for:
Rabia Haq, Michael L. Nelson: Using timed-release cryptography to mitigate the preservation risk of embargo periods. 2009 ACM/IEEE Joint Conference on Digital Libraries (JCDL), pp. 183-192.
Similar to Elliptic Curve Cryptography and Zero Knowledge Proof (20)
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
4. Mathematical Background for
Cryptography
• Modulo Arithmetic
d=n*q + r, 0 ≤r<n.
we say this as “d is equal to r modulo n”
r ≡ d (mod n)
5 ≡ 26 (mod 7)
06-Nov-2013
ECC and Zero Knowledge Proof
4
5. Group
• Basic algebraic structure
• A pair <G,*>, where G is a set and * is a binary
operation such that the following hold
Closure
Associativity
Identity Element
Inverse
< Zn, +n >
06-Nov-2013
ECC and Zero Knowledge Proof
5
6. Ring
A triplet < R, +, *>, where + and * are binary operations and R
is a set satisfying the following properties:
<R, +> is a commutative group
For all x, y, and z in R
x*y is also in R
x*(y*z)=(x*y)*z
x*(y+z)= (x*y)+(x*z )
< Zn, +n, *n>
06-Nov-2013
ECC and Zero Knowledge Proof
6
7. Fields
• <R, +, * > is a commutative ring with :
R has a multiplicative identity
Each element, x, in R (except for 0) has an
inverse element in R , denoted by x-1
<Zn, +n, *n > where n is prime.
06-Nov-2013
ECC and Zero Knowledge Proof
7
8. Cryptography - Basics
• Private Key Cryptography
• Public Key Cryptography
06-Nov-2013
ECC and Zero Knowledge Proof
8
12. RSA
•
•
•
•
•
Choose two large primes p and q
n=p*q
φ(n)= (p-1)*(q-1)
Choose e, such that gcd(e, φ(n)) = 1
Compute d, such that d = e-1mod φ(n)
C = Me mod n
M= Cd mod n
06-Nov-2013
ECC and Zero Knowledge Proof
12
13. Discrete Logarithmic Problem
y = gx mod p
Challenge :
Given y, g and p (g and p very large) it is not
VERY EASY(impossible) to calcuate x.
06-Nov-2013
ECC and Zero Knowledge Proof
13
14. Diffie-Hellman Key Exchange
ga mod p
gb mod p
K = (gb mod p)a = gab mod p
06-Nov-2013
K = (ga mod p)b = gab mod p
ECC and Zero Knowledge Proof
14
15. El Gamal Encryption
•
•
•
•
K=gamodp. (p,g,K) public and (a) private
Choose r such that gcd(r,p-1)=1
C1= gr mod p
C2= (m*Kr) mod p... m is the message
Sends(C1, C2)
• To Decrypt C1-a*C2 mod p =m
06-Nov-2013
ECC and Zero Knowledge Proof
15
17. Elliptic Curve Cryptography
• Elliptic Curve (EC) systems as applied to
cryptography were first proposed in 1985
independently by Neal Koblitz and Victor
Miller.
• The discrete logarithm problem on elliptic
curve groups is believed to be more difficult
than the corresponding problem in (the
multiplicative group of nonzero elements of)
the underlying finite field.
06-Nov-2013
ECC and Zero Knowledge Proof
17
18. What Is Elliptic Curve Cryptography
(ECC)?
• Elliptic curve cryptography [ECC] is a public-key
cryptosystem just like RSA, Rabin, and El Gamal.
• Every user has a public and a private key.
– Public key is used for encryption/signature verification.
– Private key is used for decryption/signature generation.
• Elliptic curves are used as an extension to other
current cryptosystems.
06-Nov-2013
ECC and Zero Knowledge Proof
18
19. Using Elliptic Curves In Cryptography
• The central part of any cryptosystem involving elliptic
curves is the elliptic group.
• All public-key cryptosystems have some underlying
mathematical operation.
– RSA has exponentiation (raising the message or ciphertext
to the public or private values)
– ECC has point multiplication (repeated addition of two
points).
06-Nov-2013
ECC and Zero Knowledge Proof
19
20. General form of a EC
• An elliptic curve is a plane curve defined by an
equation of the form
y x ax b
2
3
Examples
06-Nov-2013
ECC and Zero Knowledge Proof
20
21. EC as a group
An Elliptic Curve is a curve given by an equation
y2 = f(x)
Where f(x) is a square-free (no double roots) cubic or a quartic polynomial
y2 = x3 + ax + b
4a3 + 27b2 ≠ 0
EC(-3,2)
So y2 = x3 is not an elliptic curve, but y2 = x3-1 is
06-Nov-2013
ECC and Zero Knowledge Proof
21
22. Elliptical Curve as a Group - Properties
• P + Q = Q + P (commutativity)
• (P + Q) + R = P + (Q + R) (associativity)
• P + O = O + P = P (existence of an identity element)
• there exists ( − P) such that − P + P = P + ( − P)
= O (existence of inverses)
06-Nov-2013
ECC and Zero Knowledge Proof
22
23. Elliptic Curve Picture
y
• Consider elliptic curve
E: y 2 = x 3 - x + 1
P2
P1
x
R
06-Nov-2013
• If P 1 and P 2 are on E , we can
define
R = P1 + P2
as shown in picture
• Addition is all we need
ECC and Zero Knowledge Proof
23
24. Case 1 : R’ ≠P1, R’≠ P2, R’≠ 0
•
•
•
•
•
•
•
P1+P2 = -R’ = R
R = (x3,y3)
Let y=mx+c
m= (y2-y1)/(x2-x1)
y2 = (mx+c)2 = m2x2+2mxc+c2
x3+ax+b = m2x2+2mxc+c2
x3 - m2x2 + (a-2mc)x + (b- c2 ) = 0
06-Nov-2013
ECC and Zero Knowledge Proof
24
26. Case 2 : P1= -P2 or R’ = 0
P1
P2
06-Nov-2013
ECC and Zero Knowledge Proof
26
27. Case 3: R’=P1 or R’=P2
Tangent Line to EC at P2
R
P1
P2
06-Nov-2013
ECC and Zero Knowledge Proof
27
28. Case 4 : Doubling of Point P
Tangent Line to EC at P
R
P
2*P
06-Nov-2013
ECC and Zero Knowledge Proof
28
29. P1=P2
•
•
•
•
•
2y * dy/dx =3x2 + a
Slope of the tangent m = dy/dx = (3x2 + a)/2y
At (x1,y1) = (3x12 + a)/2y1
x3 = m2 –2x1
y3= -y1 +m(x1-x3)
06-Nov-2013
ECC and Zero Knowledge Proof
29
30. Work Out !
• EC(-1,1).
A(1,-1) B( 1/4, 7/8). A+B = ?
• m = (-1-7/8)/(1-1/4) = -5/2
• x3 = (-5/2)2 -1 -1/4 =5
• y3 = -(-1)+(-5)/2*(1-5) = 11
(5,11)
06-Nov-2013
ECC and Zero Knowledge Proof
30
31. Elliptic Curve over Prime Fields
• Points on the curve y2 =x3 +2x +4
0
(0,2) (0,11)
(2,4) (2,9)
(5,3) (5,10)
(7,6) (7,7)
(8,5) (8,8)
(9,6) (9,7)
(10,6) (10,7)
(12,1) (12,11)
06-Nov-2013
ECC and Zero Knowledge Proof
31
32. Hasse’s Theorem
p +1 -2√p ≤ #EC(Fp) ≤ p+1+2√p
Establishes the tight bounds on the number of
points on the EC
06-Nov-2013
ECC and Zero Knowledge Proof
32
33. Work Out!
• EC(2,4) over F13
• A = (2,4) B = (8,5) . Compute A+B
m = (5-4)/(8-2) mod 13 =11
x3 = (112 -2 -8) mod 13 = 7
y3 = (-4 +11*(2-7)) mod 13 = 6
A+B =(7,6)
• Compute 2A = (8,5)
06-Nov-2013
ECC and Zero Knowledge Proof
33
34. ECs Over Binary Fields
• y2+xy =x3 +ax2 +b, b!=0
• A=(x,y) : -A = (x,x+y)
• For adding two points
m= (y2+y1)/(x2+x1)
x3 = m2+m +x1 +x2 + a
y3 = m(x1+x3) +x3 +y1
• Point doubling
m = x1 +(y1/x1)
x3 = m2+m+a
y3 = x12 +(m+1)*x3
06-Nov-2013
ECC and Zero Knowledge Proof
34
35. Discrete Logarithm Problem on
Elliptic Curves
• The problem of computing k given the EC
parameters, G and kG, is called the discrete
log problem for points on an elliptic curve.
• This problem is known to be infeasible in EC
groups beyond 2120 elements
06-Nov-2013
ECC and Zero Knowledge Proof
35
36. Computing kG
• kG = G + G + ...+ G k times
• To compute 168G , compute the series obtained
by doubling the point,
2G, 4G, 8G, 16G, 32G,...
• Now 168 = 10101000 in binary
168G = 128G+32G+8G
O(log k)
06-Nov-2013
ECC and Zero Knowledge Proof
36
37. Diffie-Hellman Modified
• Select <p,a,b,G,n,h>
• Alice chooses x and send xG
• Bob chooses y and send yG
• Alice on receipt compute x(yG) =xyG
• Bob on receipt compute y(xG) = xyG
06-Nov-2013
ECC and Zero Knowledge Proof
37
38. El Gamal Modified
•
•
•
•
•
•
k= aG
Choose r; Compute rG
Compute m + rk
Send <rG, m + rk>
To decrypt a(rG) = rk
m + rk – rk = m
06-Nov-2013
ECC and Zero Knowledge Proof
38
39. Comparison of key sizes for same
level of security
ECC
RSA
• 110
• 512
• 163
• 1024
• 256
• 3072
• 384
• 7680
• 512
• 15360
06-Nov-2013
ECC and Zero Knowledge Proof
39
40. RSA vs ECC Timings
• To encrypt ECC takes nearly 10 times of that
of RSA upto a key size of 384(ECC) and
7680(RSA).
• For Decryption RSA takes more time for a key
size higher than 1024 when compared to ECC
(163)
06-Nov-2013
ECC and Zero Knowledge Proof
40
41. Applications of ECC
• Many devices are small and have limited storage and
computational power
• Where can we apply ECC?
–
–
–
–
Wireless communication devices
Smart cards
Web servers that need to handle many encryption sessions
Any application where security is needed but lacks the
power, storage and computational power that is
necessary for our current cryptosystems
06-Nov-2013
ECC and Zero Knowledge Proof
41
42. A Conference on ECC
• ECC 2013:
https://www.cosic.esat.kuleuven.be/ecc2013
06-Nov-2013
ECC and Zero Knowledge Proof
42
44. Zero Knowledge Proofs (ZKP)
• Goldwasser, Micali, and Rackoff, 1985.
• ZKP instance of Interactive Proof System
• Interactive Proof Systems
– Challenge-Response Authentication
– Prover and Verifier
– Verifier Accepts or Rejects the Prover
06-Nov-2013
ECC and Zero Knowledge Proof
44
45. ZKP
• Zero knowledge Transfer between the Prover and
the Verifier
• The verifier accepts or rejects the proof after
multiple challenges and responses
• Probabilistic Proof Protocol
• Overcomes Problems with Password Based
Authentication
06-Nov-2013
ECC and Zero Knowledge Proof
45
47. Zero Knowledge Proofs
(ZKP)
• Goldwasser, Micali, and Rackoff, 1985.
• ZKP instance of Interactive Proof System
• Interactive Proof Systems
– Challenge-Response Authentication
– Prover and Verifier
– Verifier Accepts or Rejects the Prover
06-Nov-2013
ECC and Zero Knowledge Proof
47
48. Properties of ZKP
• Completeness
– Succeeds with high probability for a true assertion
given an honest verifier and an honest prover.
• Soundness
– Fails for any other false assertion, given a
dishonest prover and an honest verifier
• Zero Knowledge
06-Nov-2013
ECC and Zero Knowledge Proof
48
49. Advantages of ZKP
•
•
•
•
As name Suggests – Zero Knowledge Transfer
Computational Efficiency – No Encryption
No Degradation of the protocol
Based on problems like discrete logarithms and
integer factorization
06-Nov-2013
ECC and Zero Knowledge Proof
49
50. Classic Example
• Ali Baba’s Cave
Alice has to convince Bob She knows the secret to
open the cave door without telling the secret
(source: http://www.rsasecurity.com/rsalabs/faq/2-1-8.html)
06-Nov-2013
ECC and Zero Knowledge Proof
50
51. Fiat-Shamir Identification Protocol
• 3 Message Protocol
• Alice A, the Prover and Bob B, the Verifier
A random modulus n, product of two large prime numbers p
and q generated by a trusted party and made public
• Prover chooses secret s relatively prime to n
• prover computes v = s2 mod n, where v is the public key
A B
A B
A B
06-Nov-2013
: x = r2 mod n
: e { 0,1}
: y = r * se mod n. Is y2 = x * ve ?
ECC and Zero Knowledge Proof
51
52. Fiat-Shamir Identification Protocol (contd)
• Alice chooses a random number r (1 r n-1)
• Sends to Bob x = r2 mod n – commitment
• Bob randomly sends either a 0 or a 1 ( e { 0,1}) as
his challenge
• Depending on the challenge from Bob, Alice
computes the response as y = r if e = 0 or otherwise y
= r*s mod n
• Bob accepts the response upon checking y2 x * ve
mod n
06-Nov-2013
ECC and Zero Knowledge Proof
52
53. Fiat-Shamir Identification Protocol (contd)
• After many iterations, with a very high probability Bob can verify
Alice’s identity
• Alice’s response does not reveal the secret s (with y = r or y = r* s mod
n)
• An intruder can prove Alice’s identity without knowing the secret, if
he knows Bob’s challenge in advance:
– Generate random r
– If expected challenge is 1, send x = r2/v mod n as commitment,
and y = r as response
– If expected challenge is 0, send x = r mod n as commitment
• Probability that any Intruder impersonating the prover can send the
right response is only ½
• Probability reduced as iterations are increased
• Important - Alice should not repeat r
06-Nov-2013
ECC and Zero Knowledge Proof
53
54. Applications
• Watermark Verification
– Show the presence of watermark without
revealing information about it
– prevents from removing the watermark and
reselling multiple duplicate copies
• Others – e-voting, e-cash etc.
06-Nov-2013
ECC and Zero Knowledge Proof
54
55. References
• Network Security and Cryptography, Bernard Menezes
• I. Blake, G. Seroussi, and N. Smart, Elliptic Curves in Cryptography, London
Mathematical Society 265, Cambridge University Press, 1999
• Overview of Zero-Knowledge Protocols, Jeffrey Knapp
• http://en.wikipedia.org/wiki/Elliptic_curve_cryptography as on November
4, 2013
• Koblitz, N. (1987). "Elliptic curve cryptosystems". Mathematics of
Computation 48 (177): 203–209. JSTOR 2007884
• Menezes, A.; Okamoto, T.; Vanstone, S. A. (1993). "Reducing elliptic curve
logarithms to logarithms in a finite field". IEEE Transactions on Information
Theory 39
• K. Malhotra, S. Gardner, and R. Patz, Implementation of Elliptic-Curve
Cryptography on Mobile Healthcare Devices, Networking, Sensing and
Control, 2007 IEEE International Conference on, London, 15–17 April 2007
Page(s):239–244
06-Nov-2013
ECC and Zero Knowledge Proof
55
56. References
• D. Hankerson, A. Menezes, and S.A. Vanstone, Guide to Elliptic Curve
Cryptography, Springer-Verlag, 2004
• http://en.wikipedia.org/wiki/Zero-knowledge_proof as on November 4,
2013
• Stinson, Douglas Robert (2006), Cryptography: Theory and Practice (3rd
ed.), London: CRC Press, ISBN 978-1-58488-508-5
• Agrawal, Manindra; Kayal, Neeraj; Saxena, Nitin (2004). "PRIMES is in P".
Annals of Mathematics 160 (2): 781–793.
• Theory of Computing Course, Cornell University 2009, Zero knowledge
proofs
• A Survey of Zero-Knowledge Proofs with Applications to Cryptography,
Austin Mohr Southern Illinois University at Carbondale
06-Nov-2013
ECC and Zero Knowledge Proof
56