Universal Guessing with Applications to Cipher Systems A Report on Progress DRDO-IISc PME Rajesh Sundaresan ECE Department 14 March 2008 TexPoint fonts.

Slides:



Advertisements
Similar presentations
Lecture 2: Basic Information Theory TSBK01 Image Coding and Data Compression Jörgen Ahlberg Div. of Sensor Technology Swedish Defence Research Agency (FOI)
Advertisements

Michael Alves, Patrick Dugan, Robert Daniels, Carlos Vicuna
Huffman code and ID3 Prof. Sin-Min Lee Department of Computer Science.
Small Subgraphs in Random Graphs and the Power of Multiple Choices The Online Case Torsten Mütze, ETH Zürich Joint work with Reto Spöhel and Henning Thomas.
Paul Cuff THE SOURCE CODING SIDE OF SECRECY TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AA.
PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY Information Theory for Secrecy and Control.
SIMS-201 Compressing Information. 2  Overview Chapter 7: Compression Introduction Entropy Huffman coding Universal coding.
NON-MALLEABLE EXTRACTORS AND SYMMETRIC KEY CRYPTOGRAPHY FROM WEAK SECRETS Yevgeniy Dodis and Daniel Wichs (NYU) STOC 2009.
CWIT Robust Entropy Rate for Uncertain Sources: Applications to Communication and Control Systems Charalambos D. Charalambous Dept. of Electrical.
Entropy Rates of a Stochastic Process
Department of Computer Science, University of Maryland, College Park, USA TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.:
Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea
PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY A Framework for Partial Secrecy.
Fundamental limits in Information Theory Chapter 10 :
1 Authentication CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 11, 2004.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Foundations of Network and Computer Security J J ohn Black Lecture #3 Aug 28 th 2009 CSCI 6268/TLEN 5550, Fall 2009.
Lattices for Distributed Source Coding - Reconstruction of a Linear function of Jointly Gaussian Sources -D. Krithivasan and S. Sandeep Pradhan - University.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
Shannon ’ s theory part II Ref. Cryptography: theory and practice Douglas R. Stinson.
1 Chapter 1 Introduction. 2 Outline 1.1 A Very Abstract Summary 1.2 History 1.3 Model of the Signaling System 1.4 Information Source 1.5 Encoding a Source.
Lecture 2: Basic Information Theory Thinh Nguyen Oregon State University.
Small Subgraphs in Random Graphs and the Power of Multiple Choices The Online Case Torsten Mütze, ETH Zürich Joint work with Reto Spöhel and Henning Thomas.
CryptographyPerfect secrecySlide 1 Today What does it mean for a cipher to be: –Computational secure? Unconditionally secure? Perfect secrecy –Conditional.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY Secure Communication for Distributed Systems.
1 Advanced Smoothing, Evaluation of Language Models.
EE5552 Network Security and Encryption block 4 Dr. T.J. Owens CEng MIET Dr T. Itagaki MIET, MIEEE, MAES.
Rate-distortion Theory for Secrecy Systems
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
The Operational Meaning of Min- and Max-Entropy
Small subgraphs in the Achlioptas process Reto Spöhel, ETH Zürich Joint work with Torsten Mütze and Henning Thomas TexPoint fonts used in EMF. Read the.
(Important to algorithm analysis )
Password security Dr.Patrick A.H. Bours. 2 Password: Kinds of passwords Password A string of characters: PIN-code A string.
The Secrecy of Compressed Sensing Measurements Yaron Rachlin & Dror Baron TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.:
Channel Capacity.
Theory of Computation II Topic presented by: Alberto Aguilar Gonzalez.
The Operational Meaning of Min- and Max-Entropy Christian Schaffner – CWI Amsterdam, NL joint work with Robert König – Caltech Renato Renner – ETH Zürich,
Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?
Multifactor GPs Suppose now we wish to model different mappings for different styles. We will add a latent style vector s along with x, and define the.
Introduction to Modern Symmetric-key Ciphers
Information Theory Ying Nian Wu UCLA Department of Statistics July 9, 2007 IPAM Summer School.
1 Information Theory Nathanael Paul Oct. 09, 2002.
User Friendly Passwords Nicole Longworth Michael Shoppell RJ Brown.
Bradley Cowie Supervised by Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University DATA CLASSIFICATION FOR CLASSIFIER.
Presentation for CDA6938 Network Security, Spring 2006 Timing Analysis of Keystrokes and Timing Attacks on SSH Authors: Dawn Xiaodong Song, David Wagner,
CS426Fall 2010/Lecture 51 Computer Security CS 426 Lecture 5 Cryptography: Cryptographic Hash Function.
Iftach Haitner and Eran Omri Coin Flipping with Constant Bias Implies One-Way Functions TexPoint fonts used in EMF. Read the TexPoint manual before you.
Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.
Learning, Uncertainty, and Information: Evaluating Models Big Ideas November 12, 2004.
SEAC-3 J.Teuhola Information-Theoretic Foundations Founder: Claude Shannon, 1940’s Gives bounds for:  Ultimate data compression  Ultimate transmission.
 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.
Information and Network Security Lecture 2 Dr. Hadi AL Saadi.
CHAPTER 14 ENCRYPTION AND DECRYPTION Sajina Pradhan
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
(C) 2000, The University of Michigan 1 Language and Information Handout #2 September 21, 2000.
CS555Spring 2012/Topic 141 Cryptography CS 555 Topic 14: CBC-MAC & Hash Functions.
Chapter 4: Information Theory. Learning Objectives LO 4.1 – Understand discrete and continuous messages, message sources, amount of information and its.
To the ETS – Accounts Setup and Preferences Online Training Course
Succinct Data Structures
Dimension reduction for finite trees in L1
Sampling of min-entropy relative to quantum knowledge Robert König in collaboration with Renato Renner TexPoint fonts used in EMF. Read the TexPoint.
Basic Encryption Methods
Context-based Data Compression
CS 154, Lecture 6: Communication Complexity
Cryptography Lecture 19.
Using Secret Key to Foil an Eavesdropper
CSE 321 Discrete Structures
To the ETS – Accounts Setup and Preferences Online Training Course
Entropy is Your Friend.
Presentation transcript:

Universal Guessing with Applications to Cipher Systems A Report on Progress DRDO-IISc PME Rajesh Sundaresan ECE Department 14 March 2008 TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AA A

A Cipher System Eve guesses K in decreasing order of its probabilities K of length n, from an i.i.d. source with letter PMF P –Requires ~ 2 nH 1/2 (P) guesses –H 1/2 (P) : Rényi entropy, an analogue to Shannon entropy K MM C Eve

Let’s hide the parameters of the source we use to generate our key stream … Our bag of sources is not perfect. What shall we do? If your bag is made of i.i.d. sources, hiding won’t help! A bigger bag of sources with memory doesn’t help either …

Measures of performance Growth rate of moments Tail probabilities behaviour Compare with that when source parameters known

Hiding source information If the set of sources is i.i.d.: –Eve has an asymptotically optimal guessing strategy [Arikan-Merhav 1998, S2007] If the set is made of a fixed fraction of tosses from one coin and remaining from another coin –Hiding the sequence of coin pickings helps [S2007] If the set of sources is unifilar? Or finite-state Markov? Stationary and ergodic? –k th order Markov is a unifilar source

Methodology In [S2007] established connections in the expectations sense between source compression and guessing LZ source compression is universal –Guess in the increasing order of compression lengths Plan: –First year: key rate = 1 –Second year: key rate < 1 UnifilarFinite-state Markov Explicit answersBounds Explicit answersBounds

Refinements Compression and guessing are tightly related –For any class of sources, if there is an asymptotically optimal compression strategy to minimise, there is an asymptotically optimal guessing strategy and vice versa. –For R < 1, analogous results with a saturated cost of encoding. –Performance explicitly characterised for unifilar sources for guessing moment criterion and large deviations criterion –Attacks based on increasing Lempel-Ziv lengths of messages yields an asymptotically optimal attack strategy for FSM sources with a redundancy of O(log log n / log n) –Attacks based on increasing MDL of messages yields an asymptically optimal attack for unifilar sources with a redundancy of O(log n / n) –Both attack strategies are competitively optimal

Ongoing work Imperfect key bits (SAG input) Guessing subject to distortion? –Connections to rate-distortion theory –Applications to searches in large data bases –A little more theory Sources with arbitrary alphabet spaces Deeper connections with large deviations theory Statistical analysis of password protected systems

Publications and interactions Journal –R.Sundaresan, “Guessing under source uncertainty”, IEEE Trans. on Inform. Th., Jan –R.Sundaresan, “Guessing based on length functions for a Shannon cipher system”, to be submitted to Sadhana Conferences –R.Sundaresan, “Guessing based on length functions”, ISIT 2007, June 2007 –R.Sundaresan, “Guessing based on length functions for a Shannon cipher system”, MCDES 2008, May 2008 Technical Report –R.Sundaresan, “Guessing based on length functions”, Feb 2007, revised Nov 2007 Invited articles –R.Sundaresan, “An introduction to guessing”, Chakravyuh, expository article, to be published, mid-2008 Under preparation: Guessing and compression : Under preparation – to include rate-distortion Visits with SAG –Talk: January 2007 –Discussion: September 2007 Manpower training: –One Project Assistant: October 2006 – June 2007 –One Project Assistant: September 2007 – present (Manjesh Kumar, formerly employed by CAIR)

Password-Protected Systems N users, lock-password after 3 failed attempts –H(X 1 ) = 4, H(X i | X i-1 ) = 2, i > 1 NIST Electronic Authentication Guideline Why? Easy to remember –Weak passwords: “password”, 1/1000 picks one of two most frequent passwords Access to system in 700 tries, w.p. ½ –Promptings to use special characters results in simple choices Models for password choices? Asymptotics as N grows? Relationship with entropies? Impact: Quantitative evaluation of security levels

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.