Software Security Seminar - 1 Chapter 4. Intermediate Protocols 2002. 7. 25. 발표자 : 이장원 Applied Cryptography.

Slides:



Advertisements
Similar presentations
RSA.
Advertisements

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Chapter 10 Real world security protocols
Secure Multiparty Computations on Bitcoin
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.
Intro to Quantum Cryptography Algorithms Andrew Hamel EECS 598 Quantum Computing FALL 2001.
Computer Security Set of slides 5 Dr Alexei Vernitski.
Rational Oblivious Transfer KARTIK NAYAK, XIONG FAN.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
Security Definitions in Computational Cryptography
Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Quantum Cryptography Qingqing Yuan. Outline No-Cloning Theorem BB84 Cryptography Protocol Quantum Digital Signature.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
1 Lecture #10 Public Key Algorithms HAIT Summer 2005 Shimrit Tzur-David.
WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
Public Key Model 8. Cryptography part 2.
Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
MT311 Java Application Development and Programming Languages Li Tak Sing ( 李德成 )
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
Protocols to do seemingly impossible 1 CHAPTER 11: Protocols to do seemingly impossible A protocol is an algorithm two (or more) parties have to follow.
RSA Implementation. What is Encryption ? Encryption is the transformation of data into a form that is as close to impossible as possible to read without.
Chapter 4: Intermediate Protocols
Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
Public-Key Cryptography CS110 Fall Conventional Encryption.
Lecture 10: Mental Poker Wayne Patterson SYCS 654 Spring 2010.
6. Esoteric Protocols secure elections and multi-party computation Kim Hyoung-Shick.
Chapter 3: Basic Protocols Dulal C. Kar. Key Exchange with Symmetric Cryptography Session key –A separate key for one particular communication session.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Privacy Enhancing Technologies Spring What is Privacy? “The right to be let alone” Confidentiality Anonymity Access Control Most privacy technologies.
Based on Schneier Chapter 5: Advanced Protocols Dulal C. Kar.
Using Cryptography for Network Security Common problems: –Authentication - A and B want to prove their identities to one another –Key-distribution - A.
Software Security Seminar - 1 Chapter 5. Advanced Protocols 조미성 Applied Cryptography.
Chapter 6:Esoteric Protocols Dulal C Kar. Secure Elections Ideal voting protocol has at least following six properties 1.Only authorized voters can vote.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Based on Bruce Schneier Chapter 8: Key Management Dulal C Kar.
Introduction to Quantum Key Distribution
Flipping coins over the telephone and other games.
Protocols Chapter 2 Protocol: A series of steps, involving two or more parties, designed to accomplish a task. All parties involved must know the protocol.
15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.
A A E E D D C C B B # Symmetric Keys = n*(n-1)/2 F F
Lecture 13 Secret Sharing Schemes and Game. Secret sharing schemes are multi-party protocols related to key establishment. The original motivation for.
14-1 Last time Internet Application Security and Privacy Basics of cryptography Symmetric-key encryption.
Private key
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
 5.1 Zero-Knowledge Proofs  5.2 Zero-Knowledge Proofs of Identity  5.3 Identity-Based Public-Key Cryptography  5.4 Oblivious Transfer  5.5 Oblivious.
Security. Cryptography (1) Intruders and eavesdroppers in communication.
Bit Commitment, Fair Coin Flips, and One-Way Accumulators Matt Ashoff 11/9/2004 Cryptographic Protocols.
Cryptographic methods. Outline  Preliminary Assumptions Public-key encryption  Oblivious Transfer (OT)  Random share based methods  Homomorphic Encryption.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Software Security Seminar - 1 Chapter 2. Protocol Building Blocks 발표자 : 최두호 Applied Cryptography.
Computer Communication & Networks
ITIS 6200/8200 Chap 5 Dr. Weichao Wang.
Presentation transcript:

Software Security Seminar - 1 Chapter 4. Intermediate Protocols 발표자 : 이장원 Applied Cryptography

Software Security Seminar - 2 Contents 4.9 Bit Commitment 4.10 Fair Coin Flips 4.11 Mental Poker 4.12 One-Way Accumulators 4.13 All-or-Nothing Disclosure Of Secrets 4.14 Key Escrow

Software Security Seminar - 3 Bit Commitment (1)Bob generates a random-bit string, and send it to Alice (2)Alice creates a message consisting of the bit she wishes to commit to, and. She encrypts it with some random key and sends the result back to Bob. (3)Alice sends the key. (4)Bob decrypts the message to reveal the bit. He checks his random string to verify the bit’s validity. Bit Commitment Using Symmetric Cryptography

Software Security Seminar - 4 Bit Commitment (conti.) (1)Alice generates two random-bit strings. (2)Alice creates a message. (3)Alice computes the one-way function on the message and sends the result, as well as one of the random strings, to Bob. (4)Alice sends Bob the original message. (5)Bob computes the one-way function on the message and compares it and, with the value and random string he received in (3). If they match, the bit is valid. Bit Commitment Using One-Way Function

Software Security Seminar - 5 Bit Commitment (conti.) (1)Bob generates a random-bit strings, and sends it to Alice. (2)Alice generates a random seed for a pseudo-random-bit generator. Then, for every bit in Bob’s random-bit string, she sends Bob either : a. the output of the generator if Bob’s bit is 0, or b. the XOR of output of the generator and her bit, if Bob’s bit is 1. (3)Alice sends Bob her random seed. (4)Bob completes step (2) to confirm that Alice was acting fairly. Bit Commitment Using Pseudo-Random-Sequence Generator

Software Security Seminar - 6 Bit Commitment (conti.) Properties -Alice can commit to blobs. By committing to a blob, she is committing to a bit. -Alice can open any blob she has committed to. When she opens a blob, she can convince Bob of the value of the bit she committed to when she committed to the blob. Thus, she cannot choose to open any blob as either 0 or 1. -Bob cannot learn how Alice is able to open any unopened blob she has committed to. This is true even after Alice has opened other blobs. -Blobs do not carry any information other than the bit Alice committed to. The blobs themselves, as well as the process by which Alice commits to and opens them, are uncorrelated to anything else that Alice might wish to keep secret from Bob. Blobs ; strings that Alice sends to Bob to commit to a bit.

Software Security Seminar - 7 Fair Coin Flips (1)Alice chooses a random number,. She computes, where is the one-way function. (2)Alice sends to Bob. (3)Bob guess whether is even or odd and sends his guess to Alice. (4)If Bob’s guess is correct, the result of the coin flip is heads. If Bob’s guess is incorrect, the result of the coin flip is tails. Alice announces the result of the coin flip and sends to Bob. (5)Bob confirms that. Coin Flipping Using One-Way Function

Software Security Seminar - 8 Fair Coin Flips (conti.) Requirement : -Alice and Bob each generate a public-key/private-key key pair. -Alice generates two messages, one indicating heads and the other indicating tails. Alice encrypts both messages with her public key and sends them to Bob in a random order. -Bob, who cannot read either message, chooses one at random. He encrypts it with his public key and sends it back to Alice. -Alice, who cannot read the message sent back to her, decrypts it with her private key and then sends it back to Bob. Coin Flipping Using Public-Key Cryptography

Software Security Seminar - 9 Fair Coin Flips (conti.) (5)Bob decrypts the message with his private key to reveal the result of the coin flip. He sends the decrypted message to Alice. (6)Alice reads the result of the coin flip and verifies that the random string is correct. (7)Both Alice and Bob reveal their key pairs so that both can verify that the other did not cheat. Coin Flipping Using Public-Key Cryptography

Software Security Seminar - 10 Mental Poker Requirement : the cryptographic algorithm must be commutative. -Alice, Bob, and Carol each generate a public/private-key key pair. -Alice generates 52 messages, one for each card in the deck. Alice encrypts all the messages with her public key and sends them to Bob. -Bob, who cannot read any of the message, chooses five at random. He encrypts them with his public key and sends them back to Alice. -Bob sends the other 47 messages to Carol. -Carol chooses five at random. She encrypts them with her public key and sends them to Alice. Mental Poker with Three Players

Software Security Seminar - 11 Mental Poker (conti.) (6)Alice decrypts them with her private key and then sends them back to Bob or Carol. (7)Bob and Carol decrypt the message with their keys to reveal their hands. (8)Carol chooses five more messages at random from the remaining 42. She sends them to Alice. (9)Alice decrypts the messages with her private key to reveal her hand. (10) At the end of the game they reveal their hands and keys so that everyone can make sure that no one has cheated. Mental Poker with Three Players

Software Security Seminar - 12 Mental Poker (conti.) (1)Alice generate a public/private-key key pair and keeps both keys secret. (2)The KDC generates a continuous stream of keys. (3)The KDC encrypts the keys, one by one, with its own public key. (4)The KDC transmits the encrypted keys, one by one, onto the network. (5)Alice chooses a key at random. (6)Alice encrypts the chosen key with her public key. (7)Alice waits a while and sends the double-encrypted key back to the KDC. (8)The KDC decrypts the double-encrypted key with its private key, leaving a key encrypted with Alice’s public key. (9)The sever sends the encrypted key back to Alice. (10) Alice decrypts the key with her private key. Anonymous Key Distribution

Software Security Seminar - 13 One-Way Accumulators (1)Alice calculates the accumulation of every member’s name other than herself and saves that single value along with her own name. Bob does the same. (2)They trade accumulations and names with each other. (3)Alice confirms that Bob’s name added to his accumulation is equal to Alice’s name added to her accumulation. Bob does the same. Requirement : Commutative

Software Security Seminar - 14 Key Escrow (1)Alice creates her private/public-key key pair. She splits the private key into several public pieces and private pieces. (2)Alice sends a public piece and corresponding private piece to each of the trustees. These messages must be encrypted. She also sends the public key to the KDC. (3)Each trustee, independently, performs a calculation on its public piece and its private piece confirm that they are correct. Each trustee stores the private piece somewhere secure and sends the public piece to the KDC. (4)The KDC performs another calculation on the public pieces and the public key. Assuming that everything is correct, it signs the public key and either sends it back to Alice or posts it in a database somewhere. Fair cryptosystems [Micali]

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.