Session 3 of 3-day course in Engineering Cryptographic Applications held at ACM Theater Tyson's Corner for Microstrategy, Inc.
Key Agreement
Asymmetric Cryptography
RSA
Public Key Protocols
TLS
Day 4 (of 4) of mini-course on Engineering Cryptographic Applications held at AMC Theater Tyson's Corner for Microstrategy, Inc.
See http://www.mightbeevil.com/crypto for details
October 25, 2013
First class of four-part series developed for introducing engineers to cryptography.
Delivered at AMC Theater in Tyson's Corner for Microstrategy, 4 October 2013.
Engineering Cryptographic Applications: Using (and Misusing) Symmetric CiphersDavid Evans
This document discusses using symmetric encryption for applications beyond simple transmission of encrypted messages. It covers generating cryptographically secure random keys, using block cipher modes like CBC and CTR to encrypt files, and securely storing encryption keys and initialization vectors. Generating true randomness is impossible, so physical sources must be amplified with cryptographic pseudorandom number generators. Commonly used block cipher modes like ECB leak information, while CBC and CTR avoid this if properly implemented with random or changing nonces/IVs. Storing keys securely, such as encrypting them with a password-derived key, is also important for practical encrypted storage systems.
This document summarizes an attack that can recover a 104-bit WEP key using less than 40,000 encrypted packets. The attack is an improvement over previous methods, requiring an order of magnitude fewer packets. On an IEEE 802.11g network, the required number of packets can be obtained through packet re-injection in under 60 seconds. The computational effort required is approximately 220 RC4 key setups, which is negligible on modern CPUs. WEP remains the most commonly used wireless encryption protocol, despite known security weaknesses.
This document provides an introduction to cryptography and security mechanisms. It includes sample quiz questions about block cipher block sizes, modes of operation, and key management for block and stream ciphers. It also outlines learning objectives and sections for a unit on public key algorithms, including explaining the basic principles of RSA, ElGamal, and Diffie-Hellman key exchange. Examples are provided for setting up and performing encryption and decryption with RSA and ElGamal.
The document summarizes the International Data Encryption Algorithm (IDEA) and RSA encryption algorithms.
IDEA is a symmetric-key block cipher that operates on 64-bit blocks using a 128-bit key. It consists of 8 identical rounds plus an output transformation. Each round uses operations like XOR, expansion, and multiplication modulo 216+1. IDEA was intended as a replacement for DES and was used in PGP v2.0. RSA is an asymmetric algorithm that uses a public/private key pair based on the difficulty of factoring large numbers that are products of two prime numbers. It involves key generation using prime numbers, computing the modulus and keys, and can encrypt/decrypt messages using those keys. Both
This document provides an overview of computer security concepts, including risks, authentication, encryption, public key cryptography, wireless network security, and hacking tools and techniques. It discusses how attackers can sniff network traffic, crack wireless encryption, scan for vulnerabilities, and use social engineering to compromise systems. The document recommends maintaining up-to-date software, using strong passwords, limiting network access, and backing up data to help secure systems from potential threats.
Public-key cryptography uses two different but mathematically related keys for encryption and decryption. This allows one key to be public for encryption while keeping the other key secret for decryption. The Diffie-Hellman key exchange protocol allows two parties to establish a shared secret key over an insecure channel without any preexisting secret information. The RSA cryptosystem is an example of a public-key cryptosystem based on the difficulty of factoring large prime numbers."
Day 4 (of 4) of mini-course on Engineering Cryptographic Applications held at AMC Theater Tyson's Corner for Microstrategy, Inc.
See http://www.mightbeevil.com/crypto for details
October 25, 2013
First class of four-part series developed for introducing engineers to cryptography.
Delivered at AMC Theater in Tyson's Corner for Microstrategy, 4 October 2013.
Engineering Cryptographic Applications: Using (and Misusing) Symmetric CiphersDavid Evans
This document discusses using symmetric encryption for applications beyond simple transmission of encrypted messages. It covers generating cryptographically secure random keys, using block cipher modes like CBC and CTR to encrypt files, and securely storing encryption keys and initialization vectors. Generating true randomness is impossible, so physical sources must be amplified with cryptographic pseudorandom number generators. Commonly used block cipher modes like ECB leak information, while CBC and CTR avoid this if properly implemented with random or changing nonces/IVs. Storing keys securely, such as encrypting them with a password-derived key, is also important for practical encrypted storage systems.
This document summarizes an attack that can recover a 104-bit WEP key using less than 40,000 encrypted packets. The attack is an improvement over previous methods, requiring an order of magnitude fewer packets. On an IEEE 802.11g network, the required number of packets can be obtained through packet re-injection in under 60 seconds. The computational effort required is approximately 220 RC4 key setups, which is negligible on modern CPUs. WEP remains the most commonly used wireless encryption protocol, despite known security weaknesses.
This document provides an introduction to cryptography and security mechanisms. It includes sample quiz questions about block cipher block sizes, modes of operation, and key management for block and stream ciphers. It also outlines learning objectives and sections for a unit on public key algorithms, including explaining the basic principles of RSA, ElGamal, and Diffie-Hellman key exchange. Examples are provided for setting up and performing encryption and decryption with RSA and ElGamal.
The document summarizes the International Data Encryption Algorithm (IDEA) and RSA encryption algorithms.
IDEA is a symmetric-key block cipher that operates on 64-bit blocks using a 128-bit key. It consists of 8 identical rounds plus an output transformation. Each round uses operations like XOR, expansion, and multiplication modulo 216+1. IDEA was intended as a replacement for DES and was used in PGP v2.0. RSA is an asymmetric algorithm that uses a public/private key pair based on the difficulty of factoring large numbers that are products of two prime numbers. It involves key generation using prime numbers, computing the modulus and keys, and can encrypt/decrypt messages using those keys. Both
This document provides an overview of computer security concepts, including risks, authentication, encryption, public key cryptography, wireless network security, and hacking tools and techniques. It discusses how attackers can sniff network traffic, crack wireless encryption, scan for vulnerabilities, and use social engineering to compromise systems. The document recommends maintaining up-to-date software, using strong passwords, limiting network access, and backing up data to help secure systems from potential threats.
Public-key cryptography uses two different but mathematically related keys for encryption and decryption. This allows one key to be public for encryption while keeping the other key secret for decryption. The Diffie-Hellman key exchange protocol allows two parties to establish a shared secret key over an insecure channel without any preexisting secret information. The RSA cryptosystem is an example of a public-key cryptosystem based on the difficulty of factoring large prime numbers."
This document provides an overview of network security principles including cryptography, authentication, message integrity, and key distribution. It begins with an introduction to network security concepts and then outlines the topics that will be covered, which include principles of cryptography, authentication, integrity, key distribution, access control using firewalls, common attacks, and security at different layers. Examples are provided to illustrate authentication protocols and their vulnerabilities. Digital signatures and message digests are introduced as techniques for authentication and integrity. Symmetric and public key encryption algorithms like DES, AES, RSA are briefly described. The need for trusted intermediaries like key distribution centers and certification authorities is also noted.
This document provides an overview of cryptography from classical to modern times. It discusses the history and evolution of cryptographic techniques including substitution ciphers, transposition ciphers, codes, public key cryptography, digital signatures, and key distribution problems. The document also summarizes the four main topics that will be covered in the course: the history and foundations of modern cryptography, using cryptography in practice, the theory of cryptography including proofs and definitions, and a special topic in cryptography.
- Public key cryptography uses key pairs consisting of a public key and a private key
- RSA is an asymmetric encryption algorithm that uses these key pairs
- In RSA, the public and private keys are generated based on selecting two large prime numbers p and q, and doing mathematical operations on them like multiplying them to get n, and using p and q to calculate φ
- A public exponent e is also selected such that it is relatively prime to φ
The document discusses various topics related to network security including encryption, authentication, and protocols. It provides an overview of symmetric and public key cryptography, algorithms like DES and RSA, digital signatures, protocols like SSL and IPsec, and applications like PGP. Common security threats like packet sniffing, IP spoofing, and denial of service attacks are also summarized.
1) Quantum key distribution uses quantum entanglement to securely distribute encryption keys between two parties. By measuring entangled quantum states, Alice and Bob can generate a shared random key that an eavesdropper cannot determine without introducing errors.
2) Specifically, the document describes a protocol where Alice and Bob share many entangled photon pairs and randomly measure each photon in either the X or Z basis. Their measurement outcomes will be perfectly correlated when measured in the same basis but random when measured in different bases.
3) This protocol allows Alice and Bob to detect any eavesdropping by Eve, as it would introduce errors in their measurement outcomes. With the secure random key, they can then communicate privately via the one-time pad
This document discusses cryptography and the Caesar cipher. It begins by defining cryptography as the encoding of messages to achieve secure communication and outlines its goals of confidentiality, integrity, and availability. The document then describes the Caesar cipher technique, in which each letter is shifted a fixed number of positions in the alphabet. It provides an example of encrypting a message with a shift of 11. The document explains that the Caesar cipher is vulnerable to brute force and statistical cryptanalysis due to its small key space and predictable letter frequencies. It concludes that more advanced algorithms are needed for secure encryption in the digital age.
This document provides an introduction to cryptography. It defines key terms like cryptography, cryptanalysis, and cryptology. It describes the goals of encryption and authentication. It explains symmetric key cryptography where a shared secret key is used for both encryption and decryption. It also covers public key cryptography using key pairs, digital signatures to authenticate identity, and how public key encryption and signatures can be combined. The document discusses cryptographic attacks and principles like Kerckhoff's principle and provable security. It provides examples of cryptographic algorithms like block ciphers, stream ciphers, hash functions, and key exchange protocols.
Asymmetric key cryptography uses two keys - a public key that can be shared publicly and a private key that is kept secret. This allows two parties who have never shared secrets before, like Alice and Bob, to communicate securely by encrypting messages with each other's public keys. Common asymmetric algorithms discussed are RSA, which uses prime number factorization, and ECC, which is based on elliptic curve discrete logarithms. A public key infrastructure (PKI) with certificate authorities (CAs) is required to authenticate users and manage public keys.
Asymmetric key cryptography uses two keys - a public key that can be shared publicly and a private key that is kept secret. This allows two parties who have never shared secrets before, like Alice and Bob, to communicate securely by encrypting messages with each other's public keys. Common asymmetric algorithms include RSA, which uses prime number factorization, and ECC, which is based on elliptic curve discrete logarithms. Certificate authorities issue digital certificates that bind public keys to identities to facilitate trust in public key infrastructures.
The document provides an introduction to cryptography, including definitions of key terms, goals of cryptography like encryption and authentication, and descriptions of common cryptographic techniques. It summarizes symmetric key encryption where a shared secret key is used for both encryption and decryption, public key encryption using key pairs, digital signatures to authenticate messages, and how public key encryption and signatures can be combined. It also discusses cryptographic attacks, Kerckhoffs' principle of secrecy depending on the key not the algorithm, provable security, block ciphers like AES and DES, encryption modes, stream ciphers, hash functions, message authentication codes, key exchange methods like Diffie-Hellman, and public key cryptosystems like RSA and ElGamal
The document provides an introduction to cryptography, including definitions of key terms, goals of cryptography like encryption and authentication, and descriptions of common cryptographic techniques. It summarizes symmetric key encryption where a shared secret key is used for both encryption and decryption, public key encryption using key pairs, digital signatures to authenticate messages, and how public key encryption and signatures can be combined. It also discusses cryptographic attacks, Kerckhoffs' principle of secrecy depending on the key not the algorithm, provable security, block ciphers like AES and DES, encryption modes, stream ciphers, hash functions, message authentication codes, key exchange methods like Diffie-Hellman, and public key cryptosystems like RSA and ElGamal
This document provides an introduction to cryptography. It defines key terms like cryptography, cryptanalysis, and cryptology. It describes the goals of encryption and authentication. It explains symmetric key cryptography where a shared secret key is used for both encryption and decryption. It also covers public key cryptography using key pairs, digital signatures to provide authentication, and how public key encryption and signatures can be combined. It discusses cryptographic attacks and the importance of Kerckhoffs' principle. It provides an overview of common cryptographic algorithms like block ciphers, stream ciphers, hash functions, and key exchange methods. It also discusses concepts like encryption modes, password hashing, random number generation, and the security of algorithms like RSA and Diffie-
introduction to cryptography (basics of it)neonaveen
This document provides an introduction to cryptography. It defines key terms like cryptography, cryptanalysis, and cryptology. It describes the goals of encryption and authentication. It explains symmetric key cryptography where a shared secret key is used for both encryption and decryption. It also covers public key cryptography using key pairs, digital signatures to provide authentication, and how public key encryption and signatures can be combined. It discusses cryptographic attacks and the importance of Kerckhoffs' principle. It provides an overview of common cryptographic algorithms like block ciphers, stream ciphers, hash functions, and key exchange methods. It also discusses concepts like encryption modes, password hashing, random number generation, and the security of algorithms like RSA and Diffie-
Secure Communication (Distributed computing)Sri Prasanna
The document discusses secure communication and digital signatures. It begins by explaining symmetric cryptography and the key distribution problem. It then describes Diffie-Hellman key exchange, which allows two parties to agree on a secret key over an insecure channel without pre-shared secrets. It also covers RSA public key cryptography. The document discusses using hybrid cryptosystems that combine public key techniques for key exchange and symmetric encryption for bulk data. Finally, it explains how digital signatures using public key cryptography allow a message to be authenticated and integrity protected without encryption.
ABSTRACT: The advent of real functional quantum computers will cause a privacy problem. Indeed, quantum computers are particularly good at solving algorithms that ensure information privacy, like the RSA algorithm. In this talk, we will see how quantum computers can be used to restore unconditional security and privacy.
BIO: Nicolò Leone is a Postdoctoral researcher at the Department of Physics of the University of Trento. He has obtained his PhD in 2022. His research interests are quantum information and integrated photonics.
Module 6
Advanced Networking
Security problems with internet architecture, Introduction to Software defined networking, Working of SDN, SDN in data centre, SDN applications, Data centre networking, IoT.
1. The document discusses the topics of security and cryptography. It covers authentication, encryption algorithms like RSA public-key encryption, and digital signatures.
2. RSA public-key cryptography is described as the most widely used system, where users have public and private keys to encrypt and decrypt messages. It relies on the assumption that factoring large numbers is computationally difficult.
3. Digital signatures are explained as a way for a user to sign a message using their private key so that others can verify it came from that user by decrypting it with the public key.
This document discusses network security concepts including encryption, authentication, and threats. It introduces common network security scenarios involving friends (Alice and Bob) communicating securely while an intruder (Trudy) may intercept or alter messages. Examples of real systems that require security are also given such as web browsers, online banking, and network routers. Common network attacks are then outlined like eavesdropping, spoofing, and denial of service attacks. The document proceeds to explain approaches to network security including symmetric and public key encryption methods. Specific encryption algorithms are described like DES and RSA public key encryption.
Zero Knowledge Proofs: What they are and how they workAll Things Open
Title: Zero Knowledge Proofs: What they are and how they work
Presented at All Things Open 2022
Presented by Jim Zhang
Abstract: Have you ever wanted to convince the security guard at the bar that you are over the legal drinking age, but didn’t want to tell them how old you are? Use a zero knowledge proof! Zero knowledge proofs (or ZKPs) are a powerful cryptographic technology that are being used to build privacy-preserving blockchains, next-generation digital identities, and many other things. Come and learn more about what Zero Knowledge Proofs are and how they work.
This document discusses cryptography and how it can be used to own digital goods like cryptocurrency. It begins by introducing key concepts in cryptography like cryptosystems, attacks, and asymmetry. It then discusses how early systems like Jefferson's wheel cipher provided security through obscurity of algorithms and keys. The document explores how brute force attacks become impractical as key sizes increase due to the vast amounts of energy required. It introduces public key cryptography and how RSA provides asymmetry through a trapdoor function. The document explains how asymmetric cryptography can be used for signatures and confidentiality. It concludes by noting how cryptography achieves the scarcity needed for digital ownership of coins.
This document contains the notes from a class about cryptocurrency. It discusses the final exam, which will involve explaining bitcoin to different audiences and answering substantive questions. It then lists the names of students in the class divided into teams based on their answers to a registration question. The rest of the document outlines a jeopardy game about cryptocurrency topics played between the student teams, including questions about Satoshi Nakamoto, hashing, scripts, cryptography, randomness, and altcoins.
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksDavid Evans
David Evans
DC Area Crypto Day
Johns Hopkins University
30 October 2015
This (non-research) talk will start with a tutorial introduction to cryptocurrencies and how bitcoin works (and doesn’t work) today. We’ll touch on some of the legal, policy, and business aspects of bitcoin and discuss some potential research opportunities in cryptocurrencies.
This document provides an overview of network security principles including cryptography, authentication, message integrity, and key distribution. It begins with an introduction to network security concepts and then outlines the topics that will be covered, which include principles of cryptography, authentication, integrity, key distribution, access control using firewalls, common attacks, and security at different layers. Examples are provided to illustrate authentication protocols and their vulnerabilities. Digital signatures and message digests are introduced as techniques for authentication and integrity. Symmetric and public key encryption algorithms like DES, AES, RSA are briefly described. The need for trusted intermediaries like key distribution centers and certification authorities is also noted.
This document provides an overview of cryptography from classical to modern times. It discusses the history and evolution of cryptographic techniques including substitution ciphers, transposition ciphers, codes, public key cryptography, digital signatures, and key distribution problems. The document also summarizes the four main topics that will be covered in the course: the history and foundations of modern cryptography, using cryptography in practice, the theory of cryptography including proofs and definitions, and a special topic in cryptography.
- Public key cryptography uses key pairs consisting of a public key and a private key
- RSA is an asymmetric encryption algorithm that uses these key pairs
- In RSA, the public and private keys are generated based on selecting two large prime numbers p and q, and doing mathematical operations on them like multiplying them to get n, and using p and q to calculate φ
- A public exponent e is also selected such that it is relatively prime to φ
The document discusses various topics related to network security including encryption, authentication, and protocols. It provides an overview of symmetric and public key cryptography, algorithms like DES and RSA, digital signatures, protocols like SSL and IPsec, and applications like PGP. Common security threats like packet sniffing, IP spoofing, and denial of service attacks are also summarized.
1) Quantum key distribution uses quantum entanglement to securely distribute encryption keys between two parties. By measuring entangled quantum states, Alice and Bob can generate a shared random key that an eavesdropper cannot determine without introducing errors.
2) Specifically, the document describes a protocol where Alice and Bob share many entangled photon pairs and randomly measure each photon in either the X or Z basis. Their measurement outcomes will be perfectly correlated when measured in the same basis but random when measured in different bases.
3) This protocol allows Alice and Bob to detect any eavesdropping by Eve, as it would introduce errors in their measurement outcomes. With the secure random key, they can then communicate privately via the one-time pad
This document discusses cryptography and the Caesar cipher. It begins by defining cryptography as the encoding of messages to achieve secure communication and outlines its goals of confidentiality, integrity, and availability. The document then describes the Caesar cipher technique, in which each letter is shifted a fixed number of positions in the alphabet. It provides an example of encrypting a message with a shift of 11. The document explains that the Caesar cipher is vulnerable to brute force and statistical cryptanalysis due to its small key space and predictable letter frequencies. It concludes that more advanced algorithms are needed for secure encryption in the digital age.
This document provides an introduction to cryptography. It defines key terms like cryptography, cryptanalysis, and cryptology. It describes the goals of encryption and authentication. It explains symmetric key cryptography where a shared secret key is used for both encryption and decryption. It also covers public key cryptography using key pairs, digital signatures to authenticate identity, and how public key encryption and signatures can be combined. The document discusses cryptographic attacks and principles like Kerckhoff's principle and provable security. It provides examples of cryptographic algorithms like block ciphers, stream ciphers, hash functions, and key exchange protocols.
Asymmetric key cryptography uses two keys - a public key that can be shared publicly and a private key that is kept secret. This allows two parties who have never shared secrets before, like Alice and Bob, to communicate securely by encrypting messages with each other's public keys. Common asymmetric algorithms discussed are RSA, which uses prime number factorization, and ECC, which is based on elliptic curve discrete logarithms. A public key infrastructure (PKI) with certificate authorities (CAs) is required to authenticate users and manage public keys.
Asymmetric key cryptography uses two keys - a public key that can be shared publicly and a private key that is kept secret. This allows two parties who have never shared secrets before, like Alice and Bob, to communicate securely by encrypting messages with each other's public keys. Common asymmetric algorithms include RSA, which uses prime number factorization, and ECC, which is based on elliptic curve discrete logarithms. Certificate authorities issue digital certificates that bind public keys to identities to facilitate trust in public key infrastructures.
The document provides an introduction to cryptography, including definitions of key terms, goals of cryptography like encryption and authentication, and descriptions of common cryptographic techniques. It summarizes symmetric key encryption where a shared secret key is used for both encryption and decryption, public key encryption using key pairs, digital signatures to authenticate messages, and how public key encryption and signatures can be combined. It also discusses cryptographic attacks, Kerckhoffs' principle of secrecy depending on the key not the algorithm, provable security, block ciphers like AES and DES, encryption modes, stream ciphers, hash functions, message authentication codes, key exchange methods like Diffie-Hellman, and public key cryptosystems like RSA and ElGamal
The document provides an introduction to cryptography, including definitions of key terms, goals of cryptography like encryption and authentication, and descriptions of common cryptographic techniques. It summarizes symmetric key encryption where a shared secret key is used for both encryption and decryption, public key encryption using key pairs, digital signatures to authenticate messages, and how public key encryption and signatures can be combined. It also discusses cryptographic attacks, Kerckhoffs' principle of secrecy depending on the key not the algorithm, provable security, block ciphers like AES and DES, encryption modes, stream ciphers, hash functions, message authentication codes, key exchange methods like Diffie-Hellman, and public key cryptosystems like RSA and ElGamal
This document provides an introduction to cryptography. It defines key terms like cryptography, cryptanalysis, and cryptology. It describes the goals of encryption and authentication. It explains symmetric key cryptography where a shared secret key is used for both encryption and decryption. It also covers public key cryptography using key pairs, digital signatures to provide authentication, and how public key encryption and signatures can be combined. It discusses cryptographic attacks and the importance of Kerckhoffs' principle. It provides an overview of common cryptographic algorithms like block ciphers, stream ciphers, hash functions, and key exchange methods. It also discusses concepts like encryption modes, password hashing, random number generation, and the security of algorithms like RSA and Diffie-
introduction to cryptography (basics of it)neonaveen
This document provides an introduction to cryptography. It defines key terms like cryptography, cryptanalysis, and cryptology. It describes the goals of encryption and authentication. It explains symmetric key cryptography where a shared secret key is used for both encryption and decryption. It also covers public key cryptography using key pairs, digital signatures to provide authentication, and how public key encryption and signatures can be combined. It discusses cryptographic attacks and the importance of Kerckhoffs' principle. It provides an overview of common cryptographic algorithms like block ciphers, stream ciphers, hash functions, and key exchange methods. It also discusses concepts like encryption modes, password hashing, random number generation, and the security of algorithms like RSA and Diffie-
Secure Communication (Distributed computing)Sri Prasanna
The document discusses secure communication and digital signatures. It begins by explaining symmetric cryptography and the key distribution problem. It then describes Diffie-Hellman key exchange, which allows two parties to agree on a secret key over an insecure channel without pre-shared secrets. It also covers RSA public key cryptography. The document discusses using hybrid cryptosystems that combine public key techniques for key exchange and symmetric encryption for bulk data. Finally, it explains how digital signatures using public key cryptography allow a message to be authenticated and integrity protected without encryption.
ABSTRACT: The advent of real functional quantum computers will cause a privacy problem. Indeed, quantum computers are particularly good at solving algorithms that ensure information privacy, like the RSA algorithm. In this talk, we will see how quantum computers can be used to restore unconditional security and privacy.
BIO: Nicolò Leone is a Postdoctoral researcher at the Department of Physics of the University of Trento. He has obtained his PhD in 2022. His research interests are quantum information and integrated photonics.
Module 6
Advanced Networking
Security problems with internet architecture, Introduction to Software defined networking, Working of SDN, SDN in data centre, SDN applications, Data centre networking, IoT.
1. The document discusses the topics of security and cryptography. It covers authentication, encryption algorithms like RSA public-key encryption, and digital signatures.
2. RSA public-key cryptography is described as the most widely used system, where users have public and private keys to encrypt and decrypt messages. It relies on the assumption that factoring large numbers is computationally difficult.
3. Digital signatures are explained as a way for a user to sign a message using their private key so that others can verify it came from that user by decrypting it with the public key.
This document discusses network security concepts including encryption, authentication, and threats. It introduces common network security scenarios involving friends (Alice and Bob) communicating securely while an intruder (Trudy) may intercept or alter messages. Examples of real systems that require security are also given such as web browsers, online banking, and network routers. Common network attacks are then outlined like eavesdropping, spoofing, and denial of service attacks. The document proceeds to explain approaches to network security including symmetric and public key encryption methods. Specific encryption algorithms are described like DES and RSA public key encryption.
Zero Knowledge Proofs: What they are and how they workAll Things Open
Title: Zero Knowledge Proofs: What they are and how they work
Presented at All Things Open 2022
Presented by Jim Zhang
Abstract: Have you ever wanted to convince the security guard at the bar that you are over the legal drinking age, but didn’t want to tell them how old you are? Use a zero knowledge proof! Zero knowledge proofs (or ZKPs) are a powerful cryptographic technology that are being used to build privacy-preserving blockchains, next-generation digital identities, and many other things. Come and learn more about what Zero Knowledge Proofs are and how they work.
This document discusses cryptography and how it can be used to own digital goods like cryptocurrency. It begins by introducing key concepts in cryptography like cryptosystems, attacks, and asymmetry. It then discusses how early systems like Jefferson's wheel cipher provided security through obscurity of algorithms and keys. The document explores how brute force attacks become impractical as key sizes increase due to the vast amounts of energy required. It introduces public key cryptography and how RSA provides asymmetry through a trapdoor function. The document explains how asymmetric cryptography can be used for signatures and confidentiality. It concludes by noting how cryptography achieves the scarcity needed for digital ownership of coins.
This document contains the notes from a class about cryptocurrency. It discusses the final exam, which will involve explaining bitcoin to different audiences and answering substantive questions. It then lists the names of students in the class divided into teams based on their answers to a registration question. The rest of the document outlines a jeopardy game about cryptocurrency topics played between the student teams, including questions about Satoshi Nakamoto, hashing, scripts, cryptography, randomness, and altcoins.
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksDavid Evans
David Evans
DC Area Crypto Day
Johns Hopkins University
30 October 2015
This (non-research) talk will start with a tutorial introduction to cryptocurrencies and how bitcoin works (and doesn’t work) today. We’ll touch on some of the legal, policy, and business aspects of bitcoin and discuss some potential research opportunities in cryptocurrencies.
This document summarizes a class about hidden services using Tor and zero knowledge proofs. It discusses the rise of Bitcoin prices in August 2015, provides an overview of how Tor hidden services work through a network of nodes, and how the FBI was able to locate the Silk Road server. It also mentions that Problem Set 3 is due and lists upcoming office hours for students to attend.
This document summarizes anonymity and unlinkability in bitcoin transactions. It discusses how using different bitcoin addresses, or pseudonyms, makes it difficult to link transactions. Techniques like coinjoin and mixers are described that further confound tracing transactions by combining inputs from multiple users. The document mentions Silk Road, an illegal darknet market, and how its founder Ross Ulbricht now aims to create an economic simulation without coercion. It covers some threats to validity in analyzing anonymity and ends discussing communication privacy techniques like onion routing.
1) The midterm discussion covered confirmations in cryptocurrency transactions and the average wait time for the first confirmation.
2) It was noted that the threshold for being considered a "bitcoin expert" based on answering questions well on the midterm was around 85% of questions answered correctly.
3) Students were given updates on assignment due dates and opportunities to improve their midterm score by identifying and correcting incorrect statements in a referenced blockchain report.
The document summarizes a class on scripting and transactions in cryptocurrency. It discusses how Bitcoin core code has evolved over time to interpret scripts for locking and unlocking transactions. Examples are provided of common script patterns used prior to 2010, including pay-to-pubkey-hash and an important bug discovered that could allow stealing outputs. More advanced scripting options are also mentioned, such as checkmultisig.
The document summarizes a class on cryptocurrency and Bitcoin script. It discusses generating Bitcoin addresses through hashing public keys, describes the Bitcoin script language as a stack-based language similar to JVML used to write programs in transactions. It also notes that while Bitcoin script has limitations, altcoins are taking different approaches to scripting languages. Finally, it reminds students that project 2 is due Friday and the next class will feature a guest lecture from Tom Dukes on cyberlaw.
- Cryptocurrency mining requires a massive amount of energy. A single large bitcoin mining facility in China uses $60,000 worth of electricity per month.
- The total hashing power of the bitcoin network is estimated to be around 4.2 x 10^17 hashes per second, equivalent to around 212 megawatts of power continuously. This is around 9 times the power output of Dominion Power's Lake Anna Power Station.
- It is estimated that it takes around 35,395 kWh of electricity to mine a single bitcoin, costing $2,831 at a rate of $0.08 per kWh. However, the reward for mining a block is currently around 25 BTC, worth $5
This document summarizes a class lecture on cryptocurrency mining. It discusses the mining process, which involves finding a nonce value that satisfies the mining difficulty target for a block. Miners include transactions and solve cryptographic puzzles to validate blocks and earn rewards. The document explains Merkle trees, which improve transaction verification scalability. It also discusses the high computational costs and energy requirements of mining, noting specialized mining hardware can solve puzzles thousands of times faster than CPUs. The goal of mining is to process and validate transactions in a decentralized manner to maintain blockchain integrity.
- The document provides an overview of the schedule and topics for a cryptography class, including an introduction to cryptography today, Elliptic Curve Cryptography and signatures on Wednesday, and a checkup on the first three classes next Monday.
- It also lists the assigned readings for chapters 1-4 of the textbook and provides information about the backgrounds of students in the class.
- The remainder of the document discusses setting up a Bitcoin wallet, downloading the blockchain, hierarchical deterministic wallets, and provides a recap of the concepts from the previous class around what makes something a currency and how ownership of digital goods can be established.
This document provides an overview of a class on cryptocurrency and bitcoin. It discusses what makes a good currency, the history of currencies like salt and fiat currency, and challenges with decentralized digital currencies. It introduces bitcoin's approach of using a public ledger recorded through mining to record all transactions in a decentralized way without requiring trust in a central authority. The class will cover cryptography, computer science, economics and other topics through studying bitcoin as a concrete system. Students are assigned to set up a bitcoin wallet and complete readings before the next class.
This document contains the agenda for a cryptocurrency class. It lists several student presentations on topics related to cryptocurrency that will take place, including analyses of SHA hashing in Bitcoin, financial markets and game theory related to cryptocurrencies, and studying coinbase reserves to predict market price. It also references materials on the history of banking and reserve requirements. The document provides details on cryptocurrency student projects and presentations for an upcoming class.
This document summarizes a class on cryptocurrency and Silk Road. It discusses sidechains and how they allow bitcoin to evolve. It covers the legality of bitcoin in different jurisdictions, with some considering it legal, others contentious, and some viewing it as hostile. It then discusses Silk Road, the illegal online marketplace that was shut down, and how it used Tor and bitcoin. It summarizes how the FBI claims to have found the Silk Road server despite its use of Tor anonymity technology.
This document discusses Bloom filters and their use in Bitcoin simplified payment verification (SPV) nodes. It also covers merged mining, which allows mining of multiple cryptocurrencies like Bitcoin and Namecoin using the same hashing power. Sidechains are also mentioned. The document provides details on Bloom filter design and analysis, including the probability of false matches. It notes examples of merged mining blocks and addresses potential issues like those found in the Namecoin code. Project presentation dates are provided at the end.
This document summarizes a class about proofs-of-work for cryptocurrencies like Bitcoin. It discusses how Bitcoin and other cryptocurrencies use computationally intensive but useless proofs-of-work like SHA-256 to motivate investment in specialized hardware. It also explores the possibility of proofs-of-work that have useful outputs, like protein folding, and challenges in designing proofs-of-work that produce useful work while maintaining security properties. Finally, it announces an upcoming class about project proposals.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Tatiana Kojar
Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI.
With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Dive into the realm of operating systems (OS) with Pravash Chandra Das, a seasoned Digital Forensic Analyst, as your guide. 🚀 This comprehensive presentation illuminates the core concepts, types, and evolution of OS, essential for understanding modern computing landscapes.
Beginning with the foundational definition, Das clarifies the pivotal role of OS as system software orchestrating hardware resources, software applications, and user interactions. Through succinct descriptions, he delineates the diverse types of OS, from single-user, single-task environments like early MS-DOS iterations, to multi-user, multi-tasking systems exemplified by modern Linux distributions.
Crucial components like the kernel and shell are dissected, highlighting their indispensable functions in resource management and user interface interaction. Das elucidates how the kernel acts as the central nervous system, orchestrating process scheduling, memory allocation, and device management. Meanwhile, the shell serves as the gateway for user commands, bridging the gap between human input and machine execution. 💻
The narrative then shifts to a captivating exploration of prominent desktop OSs, Windows, macOS, and Linux. Windows, with its globally ubiquitous presence and user-friendly interface, emerges as a cornerstone in personal computing history. macOS, lauded for its sleek design and seamless integration with Apple's ecosystem, stands as a beacon of stability and creativity. Linux, an open-source marvel, offers unparalleled flexibility and security, revolutionizing the computing landscape. 🖥️
Moving to the realm of mobile devices, Das unravels the dominance of Android and iOS. Android's open-source ethos fosters a vibrant ecosystem of customization and innovation, while iOS boasts a seamless user experience and robust security infrastructure. Meanwhile, discontinued platforms like Symbian and Palm OS evoke nostalgia for their pioneering roles in the smartphone revolution.
The journey concludes with a reflection on the ever-evolving landscape of OS, underscored by the emergence of real-time operating systems (RTOS) and the persistent quest for innovation and efficiency. As technology continues to shape our world, understanding the foundations and evolution of operating systems remains paramount. Join Pravash Chandra Das on this illuminating journey through the heart of computing. 🌟
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on automated letter generation for Bonterra Impact Management using Google Workspace or Microsoft 365.
Interested in deploying letter generation automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
2. Recap: Symmetric Encryption
Alice
Bob
Ciphertext
Plaintext
AES
AES
Plaintext
Insecure Channel
Key
Key
Assuming we generate strong keys, use an appropriate cipher
mode, and correctly implement a secure symmetric encryption
primitive, we can securely encrypt long messages so even an
adversary with $Quadrillions cannot learn anything interesting.
Assumes a secret already shared between Alice and Bob.
Amplifies that secret to send more data later.
evans@virginia.edu
Engineering Crypto Applications
1
3. Plan for Today
Insecure Channel
Secure Channel
petitions.gov
1. Key Agreement Protocols
2. Solving the remote authentication problem
Asymmetric Encryption, Public-Key Protocols
evans@virginia.edu
Engineering Crypto Applications
2
6. Merkle’s Puzzles: Key Agreement
Alice
1. Generate N random keys:
k0, …, kn-1
2. For each, send
Eki(“key #” + i)
EE37(“key #” ++37)
in random order
k
(“key #” 82)
k
E82 (“key #” + 22)
k22
…
evans@virginia.edu
Engineering Crypto Applications
5
7. Merkle’s Puzzles: Key Agreement
Alice
1. Generate N random keys:
k0, …, kn-1
2. For each, send
Eki(“key #” + i)
EE37(“key #” ++37)
in random order
k
(“key #” 82)
k
E82 (“key #” + 22)
k22
…
evans@virginia.edu
Engineering Crypto Applications
6
8. Alice
1. Generate N random keys:
k0, …, kn-1
2. For each, send
Eki(“key #” + i)
EE37(“key #” ++37)
in random order
k
(“key #” 82)
Bob
k
E82 (“key #” + 22)
k22
…
x
3. Randomly select one of the
received messages.
4. Try all possible keys until finding
kx that decrypts the message to
“key #x”
5. Send x (in clear) to Alice
Shared secret kx
evans@virginia.edu
Engineering Crypto Applications
7
9. Bob
Alice
Security
Generate N random keys:
k0, …, kn-1
2. For each, send
Eki(“key #” + i)
in random order
1.
3.
4.
x
5.
Randomly select one of the
received messages.
Try all possible keys until
finding kx that decrypts the
message to “key #x”
Send x (in clear) to Alice
Shared secret kx
evans@virginia.edu
Engineering Crypto Applications
8
10. Bob
Alice
Security
Generate N random keys:
k0, …, kn-1
2. For each, send
Eki(“key #” + i)
in random order
1.
3.
4.
x
5.
Randomly select one of the
received messages.
Try all possible keys until
finding kx that decrypts the
message to “key #x”
Send x (in clear) to Alice
Shared secret kx
Suppose each key is 56 bits:
Alice has to generate N keys and do N encryptions
Bob has to do 256 max work to brute force
Eve has to do ½N × 255 expected work
So, if 296 is infeasible, N = 242 could work
evans@virginia.edu
Engineering Crypto Applications
9
11. Can we do better?
CRYPTO 2009: Actually is impossible to do better!
Any scheme like this, even with perfect
primitives, can be broken by an adversary
who can do N 2 encryptions (where Alice
and Bob do N encryptions).
To do better, we need some magic math!
evans@virginia.edu
Engineering Crypto Applications
10
12. Time for a Revolution!
“We stand today on the brink of a revolution in cryptography.
The development of cheap digital hardware has freed it from
the design limitations of mechanical computing and brought the
cost of high grade cryptographic devices down to where they can
be used in such commercial applications as remote cash
dispensers and computer terminals. In turn, such applications
create a need for new types of cryptographic systems which
minimize the necessity of secure key distribution channels and
supply the equivalent of a written signature. At the same
time, theoretical developments in information theory and
computer science show promise of providing provably secure
cryptosystems, changing this ancient art into a science.”
Whit Diffie and Martin Hellman, November 1976.
evans@virginia.edu
Engineering Crypto Applications
11
21. “Padlocks” Key Agreement
• We relied on: DA(EB(EA(M))) = EB(M)
• Is this true for AES?
No way! AES (and any strong
symmetric primitive) must involve
non-linear transformations that are
not commutative.
• What operations is it true for?
Multiplication
evans@virginia.edu
Engineering Crypto Applications
20
23. Diffie-Hellman Key Agreement
Alice
Bob
1. Choose and publish:
q (large prime number)
(primitive root of q)
2. Generate random XA
4. Generate random XB.
XA mod q.
3. Send YA=
5. Send YB= XB mod q.
K = (YB) XA mod q
evans@virginia.edu
K = (YA)XB mod q
Engineering Crypto Applications
22
24. Key Agreement Requirements
Correctness: Both participants get the same key
Security: An eavesdropper cannot find K from
all intercepted values
evans@virginia.edu
Engineering Crypto Applications
23
25. Key Agreement Correctness
Correctness: Both participants get the same key
YA= XA mod q
K = (YB) XA mod q
evans@virginia.edu
YB= XB mod q
K = (YA)XB mod q
Engineering Crypto Applications
24
26. Key Agreement Correctness
Correctness: Both participants get the same key
YA =
XA mod
q
K = (YB) XA mod q
YB=
XB mod
q
K = (YA)XB mod q
= ( XB mod q)XA mod q = ( XA mod q)XB mod q
= ( XBXA mod q) mod q = ( XAXB mod q) mod q
= XBXA mod q
= XAXB mod q
Multiplication commutes (just like the padlocks)!
evans@virginia.edu
Engineering Crypto Applications
25
27. Security
Alice
Bob
1. Choose and publish:
q (large prime number)
(primitive root of q)
2. Generate random XA
4. Generate random XB.
XA mod q.
3. Send YA=
5. Send YB= XB mod q.
K = (YB) XA mod q
K = (YA)XB mod q
An eavesdropper cannot find K from all intercepted values:
q, , YA, YB
evans@virginia.edu
Engineering Crypto Applications
26
28. Primitive Roots
is a primitive root of Bob for all
q if
1 n < q, there is some m,
1. Choose and publish:
1 m < q such that
q (large prime number)
m = n mod q
(primitive root of q) prime numbers have primitive
All
2. Generate random XA roots.
Alice
3. Send YA=
XA mod
q.
4. Generate random XB.
5. Send YB= XB mod q.
Discrete logarithm problem: given , n, and q find
the one 0 XA m < q such that
K = mYB) mod q
(
K = (YA)XB mod q
= n mod q
For good choices of q, this is believed to be hard.
evans@virginia.edu
Engineering Crypto Applications
27
29. Security of Diffie-Hellman
DiscreteAlice
logarithm problem: given , n, andBobfind
q
the one 0 m < q such
1. Choose and publish: that
m = n mod q
q (large prime number)
For good choices of q, this is believed to be hard.
(primitive root of q)
2. Generate random XA
4. Generate random XB.
XA mod q.
3. Send YA=
5. Send Y = XB mod q.
K = (YB) XA mod q
B
Eavesdropper cannot find K from intercepted values: q, , YA, YB
If they could, could solve discrete log problem which is hard:
given YA= XA mod q find XA
evans@virginia.edu
Engineering Crypto Applications
28
30. What about Mallory?
Insecure Channel
(e.g., the Internet)
Ciphertext
Plaintext
Encrypt
Decrypt
Alice
Plaintext
Bob
Mallory
(active attacker)
evans@virginia.edu
Engineering Crypto Applications
29
31. Secure from Active Eavesdropper?
Bob
Alice
Public: q,
XB
XA
K = (YB)
evans@virginia.edu
XA mod
K = (YA)XB mod q
q
Engineering Crypto Applications
30
35. Does D-H Solve This?
Insecure Channel
petitions.gov
How does TJ know he’s really talking to petitions.gov?
How can he establish a secure channel to transmit password?
evans@virginia.edu
Engineering Crypto Applications
34
37. Asymmetry
Required
Messages: everyone
should be able to send
Alice a message that only
Alice can read
Signatures: Bob should be
able to verify Alice signed
a message, but not
impersonate Alice
evans@virginia.edu
Engineering Crypto Applications
36
39. Asymmetric Cryptosystem
(with Kerckhoffs’ Principle)
Alice
Plaintext
Bob
Ciphertext
E
D
Plaintext
Insecure Channel
KUA
KRA
Correctness: DKU (EKR (m)) = m
A
A
Security: given EKR (m), E, KUA, and D, cannot
A
learn anything interesting about m or KRA.
evans@virginia.edu
Engineering Crypto Applications
38
40. Providing Asymmetry
Need a function f that is:
Easy to compute:
given x, easy to compute f (x)
Hard to invert:
given f (x), hard to compute x
Has a trap-door:
given f (x) and t,
easy to compute x
No function (publicly) known with these properties until 1977…
evans@virginia.edu
Engineering Crypto Applications
39
43. RSA Cryptosystem
Ee(M ) = Me mod n
Dd(C ) = Cd mod n
n = pq
p, q are prime
d is relatively prime to (p – 1)(q – 1)
ed 1 mod (p – 1)(q – 1)
evans@virginia.edu
Engineering Crypto Applications
42
44. Correctness of RSA
Ee(M ) = Me mod n
Dd(C ) = Cd mod n
evans@virginia.edu
Engineering Crypto Applications
43
45. Correctness of RSA
Ee(M ) = Me mod n
Dd(C ) = Cd mod n
Dd(Ee(M )) = (Me mod n)d mod n
= Med mod n
= M This step depends on choosing e and d to
have this property: uses Fermat’s little
theorem and Euler’s Totient theorem
evans@virginia.edu
Engineering Crypto Applications
44
46. Bonus: Works in Both Orders
Ee(M ) = Me mod n
Dd(C ) = Cd mod n
Ee (Dd(M )) = (Md mod n)e mod n
= Mde mod n
=M
evans@virginia.edu
Engineering Crypto Applications
45
47. Providing Asymmetry
Need a function f that is:
Easy to compute:
given x, easy to compute f (x)
Hard to invert:
given f (x), hard to compute x
Has a trap-door:
given f (x) and t,
easy to compute x
evans@virginia.edu
Does RSA satisfy these?
Engineering Crypto Applications
46
48. Easy (Enough) to Compute
Easy to compute:
given x, easy to compute f (x)
Ee(M ) =
evans@virginia.edu
e mod
M
Engineering Crypto Applications
n
47
49. Easy (Enough) to Compute
Ee(M ) = Me mod n
a m +n = a m × a n
a2b = ab × ab
Compute Me in about log2e multiplications
Be careful not to have a timing side channel though!
evans@virginia.edu
Engineering Crypto Applications
48
50. Hard to Invert
Given Ee(M ) and e and n, hard to compute M.
If attacker can factor n = pq, easy to find d:
d = e-1 mod (p – 1)(q – 1)
All other attacks are equivalent to factoring n.
No one seems to know a fast way to factor, except
with a quantum computer (and no one seems to yet
know how to build a large one).
For reasonable security, n should be 2048 bits (comparable to
112-bit symmetric key) – believed sufficient until 2030.
evans@virginia.edu
Engineering Crypto Applications
49
51. Easy to Invert with Trapdoor
e mod
M
Ee(M ) =
n
Dd(C ) = Cd mod n
evans@virginia.edu
Engineering Crypto Applications
50
52. Using RSA: Confidentiality
Alice
Sends confidential
messages to Bob using
his public key
Plaintext
E
Bob
Selects two large primes p, q
Computes ed 1 mod (p – 1)(q – 1)
Publishes n = pq and e, keeps d secret
Ciphertext
D
Plaintext
Insecure Channel
KRB
KUB
Private Key: KRB = d
Bob’s Public Key: KUB = (n, e)
(private exponent)
(modulus, public exponent)
Over 1000x slower than AES! Only use when asymmetry is needed.
evans@virginia.edu
Engineering Crypto Applications
51
53. Using RSA: Signatures
Alice
Sends confidential
messages to Bob using
his public key
Plaintext
E
Bob
Selects two large primes p, q
Computes ed 1 mod (p – 1)(q – 1)
Publishes n = pq and e, keeps d secret
Ciphertext
D
Plaintext
Insecure Channel
KRB
KUB
Private Key: KRB = d
Bob’s Public Key: KUB = (n, e)
(private exponent)
(modulus, public exponent)
Over 1000x slower than AES! Only use when asymmetry is needed.
evans@virginia.edu
Engineering Crypto Applications
52
54. Using RSA: Signatures
Alice
Verifies message is
from Bob using his
public key
Verified
Message
E
Bob
Selects two large primes p, q
Computes ed 1 mod (p – 1)(q – 1)
Publishes n = pq and e, keeps d secret
Signed Message
D
Message
Insecure Channel
KRB
KUB
Private Key: KRB = d
Bob’s Public Key: KUB = (n, e)
(private exponent)
(modulus, public exponent)
Over 1000x slower than AES! Only use when asymmetry is needed.
evans@virginia.edu
Engineering Crypto Applications
53
55. Elliptic Curve
Asymmetric Cryptosystems
Elliptic curve discrete
logarithm problem: given
points P and Q on an
elliptic curve, it is hard to
find an integer k such that
Q = kP (unless you know
trapdoor).
evans@virginia.edu
y2 = x3 – 7 (mod p)
Engineering Crypto Applications
54
56. RSA
1977
ECC
1985
Discovery
(previously discovered in 1969
by GHCQ and perhaps earlier
by NSA)
(adoption limited until ~2005)
“Hard” Problem
Factoring
Discrete Log on Elliptic
Curve
Key Size (~112-bit)
2048 bits (768 bits broken)
224 bits (112 bits broken)
Backdoor Risk
None
Curves selected by NSA
Quantum
Computing Risk
Known fast factoring
algorithms (Shor’s)
Similar (variation of Shor’s
algorithm solves Discrete Log)
Implementation
Challenges
Avoiding weak keys, timing
side channels
Fast operations on elliptic
curves, leaks on invalid inputs
evans@virginia.edu
Engineering Crypto Applications
55
57. RSA
ECC
1985
Lattice Ciphers
(adoption limited
until ~2005)
1996
Factoring
Discrete Log on
Elliptic Curve
Lattice Problems
(e.g., closest vector)
Key Size
(~112-bit)
2048 bits
(768 bits broken)
224 bits
(112 bits broken)
1,000,000 bits
Backdoor Risk
None
Curves selected by NSA
Little
Quantum
Computing
Risk
Known fast
factoring
algorithms
(Shor’s)
Similar (variation of
Shor’s algorithm
solves Discrete Log)
Only if P = NP
Discovery
1977
“Hard”
Problem
Implementation
Challenges
evans@virginia.edu
Avoiding weak
Fast operations on
keys, timing side elliptic curves, leaks
channels Engineering Crypto Applications
on invalid inputs
Only simple arithmetic
(but 10Ks of them)
56
59. Using Asymmetry: Signatures
Alice
Bob
Verifies message is from
Bob using his public key
Verified
Message
E
Generates KUB and KRB
Publishes KUB
Signed Message
D
Message
Insecure Channel
KRB
KUB
Over 1000x slower than AES! (with both RSA and ECC)
What if we need to sign long (bigger than n ~ 2048 bits) messages?
evans@virginia.edu
Engineering Crypto Applications
58
62. Simple Login Protocol
Eve can’t decrypt
without KRpetitions.
petitions.gov
EKUpetitions(“tj” + password)
evans@virginia.edu
Engineering Crypto Applications
DKRpetitions(c)
61
63. Getting Public Keys
• Public keys only useful if you know
you have the right one!
• Secure on-line directory?
What is petitions.gov public key?
keys.gov
KUpetitions
evans@virginia.edu
Engineering Crypto Applications
62
71. SSL (Secure Sockets Layer)
Simplified TLS Handshake Protocol
Client
Verify Certificate
using KUCA
Check identity
matches URL
Generate
random K
Server
Hello
KRCA[Server Identity, KUS]
How did client get KUCA?
EKUS (K)
Decrypt
using
KRS
Secure channel using K
evans@virginia.edu
Engineering Crypto Applications
70
73. How does
VarySign decide
if it should give
certificate to
requester?
Certificates
VarySign.com
petitions.gov, KUPetitions
CP = KRVarySign*“petitions.gov”, KUPetitions]
TJ
CP
Verifies using KUVarySign
evans@virginia.edu
Petitions
Engineering Crypto Applications
72
74. $1500 for 1 year
evans@virginia.edu
Engineering Crypto Applications
$399
73
78. CRL Checking
Mozilla Firefox
Google Chrome
On-line checking is
expensive and may fail
Attacker-in-the-middle
can make it fail
evans@virginia.edu
Engineering Crypto Applications
77
79. SSL (Secure Sockets Layer)
Simplified TLS Handshake Protocol
Client
Server
Hello
some extra steps:
Verify Actual TLS hasKRCA[Server Identity, KUS]
Certificate
using KUCA
- Negotiate versions
CheckAgree
- identity
matches URL
on which ciphers to use (many
options, but beware!)
Generate
Decrypt
-randomauthenticate client also
Can K
KU (K)
E [K]
KUS
S
using
KRS
Secure channel using K
evans@virginia.edu
Engineering Crypto Applications
78
80. Summary
• Many useful applications require asymmetry
– Confidentiality without shared key, signatures
– Others we will cover next week
• Asymmetric cryptosystems can be built using
hard problems in number theory with
trapdoors: RSA (factoring), ECC (discrete log)
• Asymmetric ciphers are very expensive: need
to combine with hashes and symmetric crypto
evans@virginia.edu
Engineering Crypto Applications
79
83. Plan for Final Meeting:
Applications of Asym Crypto
Secure Computation
Future of Cryptosystems
open to
requests!
evans@virginia.edu
MightBeEvil.com/crypto
evans@virginia.edu
Engineering Crypto Applications
82