The document summarizes four cryptographic protocols:
1. Needham-Schroeder protocol authenticates users (A and B) to each other over a network with the help of a trusted authority (Trent).
2. Kerberos protocol allows a client (A) to authenticate to a server (S) in two steps by first authenticating to the Kerberos server and then to the ticket granting service (TGS) of the target server.
3. Secret sharing protocol partitions a secret key (K) into shares and distributes them among trustees, requiring a minimum number of shares to reconstruct the key and preventing any single trustee from accessing the secret.
4. Zero knowledge proofs allow a
Authentication protocols based on zero knowledge proof (Part 2 - Brief talk)Israel Buitron
Second part of a brief introduction to my PhD research titled "Authentication protocols based on zero knowledge proofs".
This presentation was given in a PhD class.
Each grain must hold a charge
When their volume becomes too little, they will no longer be stable & will be influenced by ambient thermal energy
With current technology, this will happen around 130 Gb/in2
The presentation include:
-Diffie hellman key exchange algorithm
-Primitive roots
-Discrete logarithm and discrete logarithm problem
-Attacks on diffie hellman and their possible solution
-Key distribution center
RSA and OAEP
Diffe-Hellman Key Exchange and its Security Aspects
Model of Asymmetric Key Cryptography
Factorization and other methods for Public Key Cryptography
To understand and present the techniques on how to improve round complexity in verifiable secret sharing paradigm as academic assignment. I am also assigned on a project where i will need to implement this protocol.
VSS :
In secret sharing , there is a dealer who shares a secret among a group of n parties in a sharing phase. The requirements are that, for some parameter t < n,any set of t colluding parties gets no information about the dealer’s secret at the end of the sharing phase, yet any set of t+1 parties can recover the dealer’s secret in a later reconstruction phase. Secret sharing assumes the dealer is honest; verifiable secret sharing (VSS) also requires that, no matter what a cheating dealer does (in conjunction with t+1 other colluding parties), there is some unique secret to which the dealer is “committed” by the end of the sharing phase. VSS serves as a fundamental building block in the design of protocols for general secure multi-party computation as well as other specialized goals.
Authentication protocols based on zero knowledge proof (Part 2 - Brief talk)Israel Buitron
Second part of a brief introduction to my PhD research titled "Authentication protocols based on zero knowledge proofs".
This presentation was given in a PhD class.
Each grain must hold a charge
When their volume becomes too little, they will no longer be stable & will be influenced by ambient thermal energy
With current technology, this will happen around 130 Gb/in2
The presentation include:
-Diffie hellman key exchange algorithm
-Primitive roots
-Discrete logarithm and discrete logarithm problem
-Attacks on diffie hellman and their possible solution
-Key distribution center
RSA and OAEP
Diffe-Hellman Key Exchange and its Security Aspects
Model of Asymmetric Key Cryptography
Factorization and other methods for Public Key Cryptography
To understand and present the techniques on how to improve round complexity in verifiable secret sharing paradigm as academic assignment. I am also assigned on a project where i will need to implement this protocol.
VSS :
In secret sharing , there is a dealer who shares a secret among a group of n parties in a sharing phase. The requirements are that, for some parameter t < n,any set of t colluding parties gets no information about the dealer’s secret at the end of the sharing phase, yet any set of t+1 parties can recover the dealer’s secret in a later reconstruction phase. Secret sharing assumes the dealer is honest; verifiable secret sharing (VSS) also requires that, no matter what a cheating dealer does (in conjunction with t+1 other colluding parties), there is some unique secret to which the dealer is “committed” by the end of the sharing phase. VSS serves as a fundamental building block in the design of protocols for general secure multi-party computation as well as other specialized goals.
The Diffie-Hellman algorithm was developed by Whitfield Diffie and Martin Hellman in 1976.
This algorithm was devices not to encrypt the data but to generate same private cryptographic key at both ends so that there is no need to transfer this key from one communication end to another.
Diffie – Hellman algorithm is an algorithm that allows two parties to get the shared secret key using the communication channel, which is not protected from the interception but is protected from modification.
Cryptography, Classical Encryption
Breaking the Cryptosystem
Review the Simple attack to break the cryptosystem
Modular Arithmetic, Groups and Rings
One example each in classical substitutive and transposition ciphering.
Caesar/Affine Cipher –Worksheet and Lab Program
This is a description of the Diffie-Hellman-Merkle Key Exchange process, with a presentation of the essential calculations and some discussion of vulnerabilities
In block coding, we divide our message into blocks, each of k bits, called datawords. We add r redundant bits to each block to make the length n = k + r. The resulting n-bit blocks are called codewords.
Parity checking, Cyclic redundancy checking (CRC) and Hamming codes are some error detection techniques that I discussed here.
This presentation explains basics of Coding Theory in easy and detailed manner with derivations, explanations and examples. It prepares the users for advance Error Control Codes.
These questions are prepared by Classical Programming Experts and are asked during job interviews.The Solution to the given programs are prepared by Programming Experts and are often asked in job interviews. Knowing solution to these problems will help you clear your concepts.
Data Protection Techniques and CryptographyTalha SAVAS
Cryptography:
The study of mathematical techniques related to aspects
of providing information security services (to construct).
Cryptanalysis:
The study of mathematical techniques for attempting to
defeat information security services (to break).
Cryptology:
The study of cryptography and cryptanalysis (both).
The Diffie-Hellman algorithm was developed by Whitfield Diffie and Martin Hellman in 1976.
This algorithm was devices not to encrypt the data but to generate same private cryptographic key at both ends so that there is no need to transfer this key from one communication end to another.
Diffie – Hellman algorithm is an algorithm that allows two parties to get the shared secret key using the communication channel, which is not protected from the interception but is protected from modification.
Cryptography, Classical Encryption
Breaking the Cryptosystem
Review the Simple attack to break the cryptosystem
Modular Arithmetic, Groups and Rings
One example each in classical substitutive and transposition ciphering.
Caesar/Affine Cipher –Worksheet and Lab Program
This is a description of the Diffie-Hellman-Merkle Key Exchange process, with a presentation of the essential calculations and some discussion of vulnerabilities
In block coding, we divide our message into blocks, each of k bits, called datawords. We add r redundant bits to each block to make the length n = k + r. The resulting n-bit blocks are called codewords.
Parity checking, Cyclic redundancy checking (CRC) and Hamming codes are some error detection techniques that I discussed here.
This presentation explains basics of Coding Theory in easy and detailed manner with derivations, explanations and examples. It prepares the users for advance Error Control Codes.
These questions are prepared by Classical Programming Experts and are asked during job interviews.The Solution to the given programs are prepared by Programming Experts and are often asked in job interviews. Knowing solution to these problems will help you clear your concepts.
Data Protection Techniques and CryptographyTalha SAVAS
Cryptography:
The study of mathematical techniques related to aspects
of providing information security services (to construct).
Cryptanalysis:
The study of mathematical techniques for attempting to
defeat information security services (to break).
Cryptology:
The study of cryptography and cryptanalysis (both).
I am Moffat. I am a Statistics Coursework Solver at statisticshomeworksolver.com. I hold a master's in Statistics from Florida, USA. I have been helping students with their homework for the past 5 years. I solve homework related to Statistics.
Visit statisticshomeworksolver.com or email support@statisticshomeworksolver.com.You can also call on +1 678 648 4277 for any assistance with Statistics Coursework Homework.
I am Falid B. I am a Mathematical Statistics Assignment Help Expert at statisticshomeworkhelper.com. I hold a Master's in Statistics, from George Town, Malaysia.I have been helping students with their assignment for the past 6 years. I solve assignments related to Mathematical Statistics.
Visit statisticshomeworkhelper.com or email info@statisticshomeworkhelper.com.You can also call on +1 678 648 4277 for any assistance with Mathematical Statistics Assignment.
I am Frank P. I am a Statistics Coursework Expert at statisticsassignmenthelp.com. I hold a master's in Statistics from Malacca, Malaysia. I have been helping students with their assignments for the past 10 years. I solve assignments related to Statistics. Visit statisticsassignmenthelp.com or email info@statisticsassignmenthelp.com.
You can also call on +1 678 648 4277 for any assistance with Statistics Assignments.
I am Joshua M. I am a Statistics Coursework Exam Helper at statisticsexamhelp.com. I hold a Masters' Degree in Statistics, from, Michigan State University, USA. I have been helping students with their exams for the past 6 years. You can hire me to take your exam in Statistics Coursework Exam.
Visit statisticsexamhelp.com or email support@statisticsexamhelp.com. You can also call on +1 678 648 4277 for any assistance with the Statistics Coursework Exam.
I am Falid B. I am a Mathematical Statistics Assignment Expert at excelhomeworkhelp.com. I hold a Master's in Statistics, from George Town, Malaysia. I have been helping students with their assignments for the past 6 years. I solved an assignment related to Mathematical Statistics.
Visit excelhomeworkhelp.com or email info@excelhomeworkhelp.com. You can also call on +1 678 648 4277 for any assistance with Mathematical Statistics Assignment.
Derivation of a prime verification formula to prove the related open problemsChris De Corte
In this document, we will develop a new formula to calculate prime numbers and use it to discuss open problems like Goldbach, Polignac and Twin prime conjectures, perfect numbers, the existence of odd harmonic divisors, ...
Note: Some people found already errors in this document. I thank them for reporting them to me. Though, I am able to solve them, I deliberately want to keep these errors in the document for the time being to discourage error seekers from reading my papers. These people look at the details while missing the bigger picture.
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHYijujournal
Secure transformation of data is of prime importance in today’s world. In the present paper, we propose a
double fold authenticated public key encryption scheme which helps us in securely sending the confidential
data between sender and receiver. This scheme makes the encrypted data more secure against various
cryptographic attacks.
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHYijujournal
Secure transformation of data is of prime importance in today’s world. In the present paper, we propose a
double fold authenticated public key encryption scheme which helps us in securely sending the confidential data between sender and receiver. This scheme makes the encrypted data more secure against various
cryptographic attacks.
I am Blake H. I am an Algorithm Exam Expert at programmingexamhelp.com. I hold a PhD. in Programming, from Curtin University, Australia. I have been helping students with their exams for the past 10 years. You can hire me to take your exam in Algorithm.
Visit programmingexamhelp.com or email support@programmingexamhelp.com. You can also call on +1 678 648 4277 for any assistance with the Algorithm Exam.
Question 1 of 215.0 PointsPseudo-random generators, pseudo.docxIRESH3
Question 1 of 21
5.0 Points
Pseudo-random generators, pseudo-random functions and pseudo-random permutations are computationally indistinguishable, respectively, from
A. a function returning a pseudo-random string, a random function, a random permutation
B. a function returning a random string, a random function, a random permutation
C. a function returning a random string, a random permutation, a random function
D. All of the above
Question 2 of 21
5.0 Points
Which of these assumptions is sufficient to construct a pseudo-random generator, a pseudo-random function and a pseudo-random permutation?
A. The hardness of factoring integers that are product of two integers of the same length
B. The hardness of computing discrete logarithms modulo random integers of a given length
C. The hardness of inverting the RSA function
D. Any of the above
Question 3 of 21
5.0 Points
Assume |s1|=|s2|=n and consider the functions defined, for any s1 and s2, as:
(a) G1(s1,s2)=s1 xor s2, (b) G2(s1,s2)=(s1, s2, s1 xor s2).
We have that:
A. G1 and G2 are pseudo-random generators because their outputs are uniformly (and thus, pseudo-randomly) distributed if so are their input
B. G1 and G2 are not pseudo-random generators because either there exists an efficient algorithm that can compute their input from their output or their outputs are not longer than their inputs
C. G1 and G2 are not pseudo-random generators because either their outputs are not longer than their inputs or there exists a statistical test that distinguishes their outputs from a random string of the same length
D.
G1 and G2 can be proved to be pseudo-random generators using a proof by reduction using the properties of the xor function
Question 4 of 21
5.0 Points
Let us denote as "X ci Y" the fact that random variables X and Y are computationally indistinguishable.
For any random variables X,Y,Z, consider the statements:
(a) if X ci Y then Y ci X,
(b) if X ci Y and Y ci X then X = Y,
(c) if X ci Y and Y ci Z then X ci Z,
(d) if X = Y then X ci Y,
(e) if X ci Y then X = Y.
Which of them are true?
A. (a), (c) and (d)
B. (b), (c) and (d)
C. (b), (c) and (e)
D. (a), (d) and (e)
Question 5 of 21
5.0 Points
An oracle adversary is an adversary that makes queries to an oracle and obtains answers, before making a determination about the oracle. To prove that a permutation P is not a pseudo-random permutation, it suffices to show an efficient oracle adversary that can distinguish, with not negligible probability, the case in which its oracle is P from the case in which its oracle is a random permutation RP with the same input and output domains as P. To obtain an algorithm that makes this distinction, it suffices to find one or more distinguishing conditions among the adversary's query inputs and query outputs such that: (a) if the oracle is P, then the condition holds with high (e.g., 1) probability; (b) if the oracle is RP, ...
I am Tim L. I am a Mathematical Statistics Assignment Expert at excelhomeworkhelp.com. I hold a Master's in Statistics, from Seletar, Singapore. I have been helping students with their assignments for the past 7 years. I solved assignments related to Mathematical Statistics.
Visit excelhomeworkhelp.com or email info@excelhomeworkhelp.com. You can also call on +1 678 648 4277 for any assistance with Mathematical Statistics Assignments.
I am Joanna R. I am a Programming Exam Expert at programmingexamhelp.com. I hold a Bachelor of Information Technology from, California Institute of Technology, United States. I have been helping students with their exams for the past 11 years. You can hire me to take your exam in Programming.
Visit programmingexamhelp.com or email support@programmingexamhelp.com. You can also call on +1 678 648 4277 for any assistance with the Programming Exam.
Elliptic Curves as Tool for Public Key Cryptographyinventy
Research Inventy : International Journal of Engineering and Science is published by the group of young academic and industrial researchers with 12 Issues per year. It is an online as well as print version open access journal that provides rapid publication (monthly) of articles in all areas of the subject such as: civil, mechanical, chemical, electronic and computer engineering as well as production and information technology. The Journal welcomes the submission of manuscripts that meet the general criteria of significance and scientific excellence. Papers will be published by rapid process within 20 days after acceptance and peer review process takes only 7 days. All articles published in Research Inventy will be peer-reviewed.
I am Jayson L. I am a Mathematical Statistics Homework Expert at statisticshomeworkhelper.com. I hold a Master's in Statistics, from Liverpool, UK. I have been helping students with their homework for the past 5 years. I solve homework related to Mathematical Statistics.
Visit statisticshomeworkhelper.com or email info@statisticshomeworkhelper.com.You can also call on +1 678 648 4277 for any assistance with Mathematical Statistics Homework.
I am Racheal W. I am a Probability Assignment Expert at statisticsassignmenthelp.com. I hold a Masters in Statistics from, Massachusetts Institute of Technology, USA.
I have been helping students with their homework for the past 7 years. I solve assignments related to probability.
Visit statisticsassignmenthelp.com or email info@statisticsassignmenthelp.com.
You can also call on +1 678 648 4277 for any assistance with probability assignments.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Security protocols
1. Security Protocols and Applications of Cryptography
By: Abhijit Mondal
Needham-Schroeder Protocol :
Suppose A wants to talk with B over the network. How will B know that he is really talking to A.
This protocol authenticates A to B at the same time allowing them to exchange session keys over
the network.
1. A sends a message to Trent( a trusted individual or a computer program over the network)
consisting of his name a, B's name b and a random number rA
2. Trent generates a random session key k .
Trent then computes c2 = (beA , keA , rA eA , keAeB , aeAeB , teAeB ) mod p , where eA and eB are the
secret keys that Trent shares with A and B respectively, and t is the current system time.
Trent sends c2 to A. The time t is sent to prevent replay attacks, i.e. an adversary pretending
to be A may sent an old message to Bob.
3. A decrypts the message with eA and extracts the session key k and confirms that rA is the
same value that he sent to Trent. Then A sends to B, c3 = ( keB , aeB , teB ) mod p.
4. B decrypts the message with eB and extracts the session key k, generates a random value rB ,
and sends to A the message c4 = rBk mod p.
5. A decrypts the message with k and computes rB -1 and send to B the message c5 = (rB -1)k
mod p.
6. B decrypts the message with k and verifies that it is rB -1 so A must have the same session
key and he is the real person.
Kerberos Protocol :
Suppose A wants some service from a server S. Then A must authenicate himself to the server
before using it's services. In this symmetric key cryptographic protocol (using DES as encryption
algorithm) , there are 2 doors that needs to be opened before getting access to the server. The first
door is guarded by Kerberos and the second is the Ticket Granting Service(TGS) of the server.
1. A sends a message to the Kerberos server with his identity/password 'a' and the identity of
the Ticket Granting Service(TGS) of the server 'tgs'.
2. The Kerberos server generates a timestamp t, a lifetime for the timestamp l, a random
session key Ka,tgs . It then computes Ta,tgs = {tgs, DES(a, N, l, Ka,tgs ) (etgs) } , where N is the
network address of A, and etgs is the secret key of the TGS shared with Kerberos.
The Kerberos then encrypts the following with A's secret key eA , c1 = DES(Ka,tgs)(eA) and the
following with the TGS's secret key etgs : c2 = DES(Ta,tgs)(etgs). It then sends c1 and c2 to A.
3. A decrypts c1 and extracts Ka,tgs and computes the following Aa,tgs = {DES(a, t, key) (Ka,tgs) },
where key is an additional session key . Then A computes c3 = DES(Aa,tgs)(Ka,tgs ) and sends
c2 and c3 to the TGS of the server.
4. The TGS then decrypts c2 using etgs and extracts Ta,tgs . Then uses Ta,tgs to extract Ka,tgs . The
TGS then decrypt c3 using Ka,tgs and extracts Aa,tgs . The TGS then decrypts Aa,tgs and
compares the information in Aa,tgs with the information in Ta,tgs . If they match then the TGS
sends the following to the client A: c4 = {DES( Ka,s) (Ka,tgs )} and c5 = {DES(Ta,s) ( es )},
where Ta,s = {s, DES(a, N, l, Ka,s ) (es) }, Ka,s is the secret session key for A and the server
and es is the secret key the TGS shares with the server.
5. A then decrypts c4 with Ka,tgs and computes the following Aa,s = {DES(a, t, key) (Ka,s) }and
then c6 = {DES(Aa,s ) (Ka,s )}. A then sends c5 and c6 to the server for communication.
Secret Sharing Protocol :
Handing over the control of a missile to one military general or handing over the key of the locker
2. at the Swiss bank to any one individual would be a risky issue since he may turn out to be crooked.
So to minimise risk of a missile disaster or a bankruptcy is to partition the single key into n parts
and give each part to a trusted individual responsible for the control of the missile or the locker at
Swiss Bank, such that no less than m individuals can recover the orginal key from their share of the
keys. e.g. If the key is K and n = 3, and m =3 then choose k1 and k2 and compute K⊕k1⊕k2 = k3 .
Then distribute k1 , k2 and k3 to three trusted individuals. To construct the original key K , they need
all three keys such that k1⊕k1⊕k3 = K.
Algorithm :
1. Construct a (m-1) degree polynomial f(x) = am-1xm-1 + am-2xm-2 +.....+ a1x + K, where K is the
original secret key and ai ∈Zp for prime p, ai 's are the secrets that must be destroyed.
2. Evaluate f(1), f(2),....., f(n) (mod p) and distribute these values to the n trusted officials
assigned for the execution of the task.
3. To find K atleast m officials must come together and disclose their values, then perform
Gaussian elimination to solve the linear system of equations for ai 's and K. Less than m
individual cannot find K without a brute force search over Zp .
Zero Knowledge Proofs :
How to prove someone your identity without revealing information about you? How do you prove
someone that you know the proof of a problem without showing him/her the actual proof ?
This is called Zero Knowledge Proofs since you are not revealing information about your secret to
the verifier at the same time convincing him/her that you are the authentic person. The verifier may
be a spy who is looking to know your secret and pass on that secret to his nation.
e.g. Proving Graph Isomorphism to a verifier V.
Problem : P wants to prove to V the isomorphism between graphs G1 and G2 .
1. P generates a random permutation H of G1 such that H is isomorphic to G1 . P knows the
isomorphism between H and G2 . Finding the isomorphism between G1 and H or G2 and H is
as hard as finding the isomorphism between G1 and G2 , hence nobody knows the relations
between them.
2. P sends H to V.
3. V flips a coin and if its a head then V asks P to prove that H and G1 are isomorphic, else if
its a tail then V asks P to prove that H and G2 are isomorphic.
4. P then complies and proves to V either H and G1 are isomorphic or H and G2 are isomorphic.
5. P then again generates a random permutation graph H' isomorphic to either G1 or G2 and
both of them then follows the steps through 1 to 4. They do these n times until V is
convinced that P knows the isomorphism between G1 and G2 .
Here is how it works:
If P knows the isomorphism between G1 and G2 :
Then whether V asks P to prove H and G1 are isomorphic or H and G2 are isomorphic, P will be able
to prove V everytime until V is convinced of P's identity.
If P does not know the isomorphism between G1 and G2 :
Then if V asks P to prove H and , the graph from which P generated H, are isomorphic then P will
be able to fool V else P will be caught as some false guy. The probability that P will be able to fool
V after n round is 1 in 2n because in one round P fools V with a chance of ½. For n large, the
chances of a false P passing the test is very small.
Here is another variant of Zero Knowledge Proof :
Suppose P wants to prove to V that he knows the solution to the DLP : my = x (mod p) without
telling V what is the value of y.
1. P sends to V the values m, x and p.
2. V generates a random number a and computes the four combinations{am, a-1m-1, a-1m, am-1}
3. (mod p) in any random order and sends the quadruple to P, but does not reveal to P what is
the ordering of the values. V only sends {u,v,w,z} ∈ {am, a-1m-1, a-1m, am-1} (mod p) and
asks P to compute {uy, vy, wy, zy} (mod p).
3. P computes {uy, vy, wy, zy} (mod p) and sends them to V.
4. V then sends a (mod p) to P and asks him to find ay (mod p).
5. P computes ay (mod p) and sends to V.
6. Now V checks : {uy, vy, wy, zy} (mod p) ∈{ayx, a-yx-1, a-yx, ayx-1} (mod p) expects to be in the
correct order as he sent it before.
7. If all of the above relations hold and are in the correct order then V starts another round of
computation from step 2 and continues until V is convinced that P truly knows the value of
y. If any of the above results does not match then P is an impostor.
If P knows the ordering of {am, a-1m-1, a-1m, am-1} (mod p), then P can compute a and P can
construct values such that they give the same relations as when V computes them, thus V has no
chance of knowing whether P really did the computation V desired or P just constructed values to
fool him. Thus an impostor P has a chance of 1 in 24 of correctly guessing the exact permutation
and thus fooling V. In n rounds the chances that an impostor P successfully passes the test is 1/(24)n,
which is extremely small for large n. For n=10, chances that P fools V is of the order of 10-14.
V can still decrease this probability by choosing s random numbers and sending a permutation of
2s+1 elements modulo p. In that case chances of P fooling V in n rounds is 1/(2s+1 !)n . But for large s
the computation performed on the part of V increases exponentially, so s = 2 and n = 10 will be a
good enough choice to catch even the most notorious masterminds.