Using Secret Key to Foil an Eavesdropper

Slides:

Advertisements

Similar presentations

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Advertisements

PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY Causal Secrecy: An Informed Eavesdropper.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.

Paul Cuff THE SOURCE CODING SIDE OF SECRECY TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AA.

PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY Information Theory for Secrecy and Control.

Enhancing Secrecy With Channel Knowledge

Equivocation A Special Case of Distortion-based Characterization.

CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.

PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY A Framework for Partial Secrecy.

CS470, A.SelcukIntroduction1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CryptographyPerfect secrecySlide 1 Today What does it mean for a cipher to be: –Computational secure? Unconditionally secure? Perfect secrecy –Conditional.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.

Xiaohua (Edward) Li1 and E. Paul Ratazzi2

Presentation Layer Network Format Local Format Information Transformation “few standards, but a lot of ideas”

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Computer Security CS 426 Lecture 3

Secure Communication for Signals Paul Cuff Electrical Engineering Princeton University.

PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY Secure Communication for Distributed Systems.

CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.

Cryptography Week-6.

Cryptanalysis. The Speaker  Chuck Easttom  

EE5552 Network Security and Encryption block 4 Dr. T.J. Owens CEng MIET Dr T. Itagaki MIET, MIEEE, MAES.

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

Lecture 2 Overview.

Rate-distortion Theory for Secrecy Systems

Lec. 5 : History of Cryptologic Research II

Secure Communication for Distributed Systems Paul Cuff Electrical Engineering Princeton University.

Symmetric-Key Cryptography

Cryptography Part 1: Classical Ciphers Jerzy Wojdyło May 4, 2001.

Universal Guessing with Applications to Cipher Systems A Report on Progress DRDO-IISc PME Rajesh Sundaresan ECE Department 14 March 2008 TexPoint fonts.

Toward a Secure Data-Rate Theorem Paul Cuff. Control Setting Controller Encoder System (Plant) Sensors Rate R UiUi XiXi YiYi.

1 A Randomized Space-Time Transmission Scheme for Secret-Key Agreement Xiaohua (Edward) Li 1, Mo Chen 1 and E. Paul Ratazzi 2 1 Department of Electrical.

Traditional Symmetric-Key Ciphers

1 Information Theory Nathanael Paul Oct. 09, 2002.

K. Salah1 Cryptography Module I. K. Salah2 Cryptographic Protocols  Messages should be transmitted to destination  Only the recipient should see it.

CS555Spring 2012/Topic 31 Cryptography CS 555 Topic 3: One-time Pad and Perfect Secrecy.

Invitation to Computer Science 5 th Edition Chapter 8 Information Security.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

Lecture 2 Overview. Cryptography Secret writing – Disguised data cannot be read, modified, or fabricated easily – Feasibility of complexity for communicating.

CHAPTER 14 ENCRYPTION AND DECRYPTION Sajina Pradhan

CS201 Tech-Talk Two: Cryptography Michael Hsu CSULA.

CMSC 414 Computer (and Network) Security Lecture 3 Jonathan Katz.

Page : 1 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Tutorial-5 Theory of Secret-Key.

Introduction CS 303 Algorithmic Number Theory and Cryptography

Vocabulary Big Data - “Big data is a broad term for datasets so large or complex that traditional data processing applications are inadequate.” Moore’s.

Basic Encryption Methods

2018/9/16 Distributed Source Coding Using Syndromes (DISCUS): Design and Construction S.Sandeep Pradhan, Kannan Ramchandran IEEE Transactions on Information.

Lesson 5: Simple Encryption

Cryptography Lecture 3.

B504/I538: Introduction to Cryptography

Cryptography Lecture 4.

Real-world Security of Public Key Crypto

Topic 3: Perfect Secrecy

CS/ECE 478 Network Security Dr. Attila Altay Yavuz

Simple Encryption- Lesson 5

Lesson 7: Simple Encryption

Information-Theoretic Security

Traditional Symmetric-Key Ciphers

Cryptology Design Fundamentals

Information Theoretical Analysis of Digital Watermarking

Cryptography Lecture 3.

Symmetric Encryption or conventional / private-key / single-key

2. Perfect Secret Encryption

Crypto for CTFs.

CIS 5371 Cryptography 2. Perfect Secret Encryption

Presentation transcript:

Using Secret Key to Foil an Eavesdropper Paul Cuff Electrical Engineering Princeton University

Main Idea Secrecy for distributed systems Historic Cryptography Results New Metric for Secrecy Distributed System Action Node B Message Information Node A Attack Adversary Special Cases: rate-distortion theory (no adversary); lossless (Globecom); unlimited secret key; unlimited communication; seperability of nodes B and C.

Cipher Plaintext: Source of information: Example: English text: Allerton Conference Ciphertext: Encrypted sequence: Example: Non-sense text: cu@sp4isit Encipherer Decipherer Ciphertext Key Plaintext

Example: Substitution Cipher Simple Substitution Example: Plaintext: …RANDOMLY GENERATE A CODEB… Ciphertext: …DFLAUIPV WRLRDFNR F SXARQ… Caesar Cipher Alphabet A B C D E … Mixed Alphabet F Q S A R … Julius Caesar used this cipher, with a shift of 3. His nephew, Augustus, used a shift of 1. Alphabet A B C D E … Mixed Alphabet D E F G H …

Shannon Model Schematic Assumption Requirement Enemy knows everything about the system except the key Requirement The decipherer accurately reconstructs the information Key Key Plaintext Ciphertext Plaintext Encipherer Decipherer Adversary 26! Is about 4 x 10^26 (the number of atoms in my chair). 88.4 bits Redundancy of English is about 3.75 5bits per letter. (without spaces it’s 3.7) About 25 letters needed to decode For simple substitution: C. Shannon, "Communication Theory of Secrecy Systems," Bell Systems Technical Journal, vol. 28, pp. 656-715, Oct. 1949.

Shannon Analysis Perfect Secrecy Adversary learns nothing about the information Only possible if the key is larger than the information C. Shannon, "Communication Theory of Secrecy Systems," Bell Systems Technical Journal, vol. 28, pp. 656-715, Oct. 1949.

Shannon Analysis Equivocation vs Redundancy Equivocation is conditional entropy: Redundancy is lack of entropy of the source: Equivocation reduces with redundancy: C. Shannon, "Communication Theory of Secrecy Systems," Bell Systems Technical Journal, vol. 28, pp. 656-715, Oct. 1949.

Computational Secrecy Some imperfect secrecy is difficult to crack Public Key Encryption Trapdoor Functions Difficulty not proven Often “cat and mouse” game Vulnerable to quantum computer attack 1125897758 834 689 524287 2147483647 X W. Diffie and M. Hellman, “New Directions in Cryptography,” IEEE Trans. on Info. Theory, 22(6), pp. 644-654, 1976.

Information Theoretic Secrecy Achieve secrecy from randomness (key or channel), not from computational limit of adversary. Physical layer secrecy Wyner’s Wiretap Channel [Wyner 1975] Partial Secrecy Typically measured by “equivocation:” Other approaches: Error exponent for guessing eavesdropper [Merhav 2003] Cost inflicted by adversary [this talk] A couple of aspects have been integrated in the study of information theoretic secrecy. One observation is that channel noise can be used, as the key is, to hide the information from an eavesdropper. The other development has been the study of partial secrecy. Insert a diagram if I have time.

Competitive Distributed System Decoder: Encoder: Node A Node B Message Key Information Action Adversary Attack Jam a communication channel; break into a network, counter a military attack; overload a power grid. System payoff: . Adversary:

Zero-Sum Game Value obtained by system: Objective Maximize payoff Key Jam a communication channel; break into a network, counter a military attack; overload a power grid. Information Message Action Node A Node B Attack Adversary

Payoff-Rate Function Theorem: Maximum achievable average payoff Markov relationship: Theorem:

Encoding Scheme Coordination Strategies [Cuff-Permuter-Cover 10] K Coordination Strategies [Cuff-Permuter-Cover 10] Empirical coordination for U Strong coordination for Y

Lossless Case Theorem: Require Y=X Related to Yamamoto’s work [97] Assume a payoff function Related to Yamamoto’s work [97] Very different result Theorem: [Cuff 10] Also required:

Binary-Hamming Case Binary Source: Hamming Distortion Naïve approach Random hashing or time-sharing Optimal approach Reveal excess 0’s or 1’s to condition the hidden bits (black line) (orange line) Source 1 * Public message

What the Adversary doesn’t know can hurt him. Knowledge of Adversary: [Yamamoto 97] [Yamamoto 88]:

No Causal Information (Prior Work) [Theorem 3, Yamamoto 97] Theorem: Choose yields

Summary Framework for Encryption Average cost inflicted by adversary Dynamic settings where information is available causally No use of “equivocation” Optimal performance uses both “strong” and “empirical” coordination.