Presentation is loading. Please wait.

Presentation is loading. Please wait.

CRYPTOGRAPHY COT 6410 AWRAD MOHAMMED ALI NESLISAH TOROSDAGLI JOSIAH WONG.

Published byBryan Walters Modified over 8 years ago

Similar presentations

Presentation on theme: "CRYPTOGRAPHY COT 6410 AWRAD MOHAMMED ALI NESLISAH TOROSDAGLI JOSIAH WONG."— Presentation transcript:

1 CRYPTOGRAPHY COT 6410 AWRAD MOHAMMED ALI NESLISAH TOROSDAGLI JOSIAH WONG

2 INTRODUCTION Cryptography: the field of study that is related to encoded information. The name comes from combining two Greek words that mean “hidden word”. Encryption: the process of converting plaintext into ciphertext. Decryption: the process of converting ciphertext back into plaintext

3

4 PERFECT SECRECY It is not only important to protect the whole message but also any partial information. The minimal requirement from an encryption is that an eavesdropper should not be able to tell which message from two random messages is encrypted with probability much better than ½. The assumption that have been made here is that P ≠ NP.

5 ONE-TIME PAD One-time pad is a simple idea of encryption that provides perfect security. Every bit of a one-time pad key is used only once to encrypt a bit of the message and later this bit is discarded. The sender encrypts x by simply sending x ⊕ k. The receiver can recover the message x from y = x ⊕ k by XORing y once again with k The ciphertext is distributed uniformly regardless of the plaintext message encrypted. One-time pad is not a practical solution when we need to securely exchange information of a big size.

6 ONE-WAY FUNCTIONS One-way functions are used to design secure encryption formulas with keys shorter than the message’s length. They are defined as functions that are easy to compute but hard to invert using polynomial-time algorithms. These functions do not give any partial information about the text to a polynomial time eavesdropper. Example: Multiplication functions –The input is treated as two n/2 bit numbers –Inverting this function is an integer factorization problem

7 PSEUDORANDOM GENERATORS 01001010111011101001 10011 G |x| = n |f(x)| = n c f(x) = 01001010111011101001 K = 10011 E(K,M) = E(f(x), M) = C

8 PSEUDORANDOM GENERATORS Unpredictability implies pseudorandomness PRGs: n-bit input >> (n+1)-bit stretch PRGs: n-bit input >> (n c )-bit stretch

9 UNPREDICTABILITY IMPLIES PSEUDORANDOMNESS 01101 0 … i-1 bitsith bitG is unpredictable G is pseudorandom G(x) = (l(n) bits)

10 UNPREDICTABILITY IMPLIES PSEUDORANDOMNESS 01101 0 … G is unpredictable G is pseudorandom G(x) = A(G(U n )) = 1 A(G(U n )) = 0 A(G(U n )) = 1 A(U l(n) ) = 0 A(U l(n) ) = 1 A(U l(n) ) = 0 B (01101) = 0

11 GOLDREICH-LEVIN THEOREM x r = ∑ x i r i n i=1 0 0 1 1 0 1x &1 0 1 0 1 1r x “sum-and” r 0 0 1

12 GOLDREICH-LEVIN THEOREM x r = ∑ x i r i n i=1 0 0 1 1 0 1x &1 0 1 0 1 1r 0+0+1+0+0+1 =2 x r = 2 x “sum-and” r e i =0 0 1 0 … 0 ith bit 0 0 1 1 0 1x &0 0 1 0 0 0r = e i 0 0 1 0 0 0=1 x r = x i

13 Suppose A could guess x r with more than P% success. Then, an algorithm B can get x from f(x). Assert: Pr[A(f(x), r) = x r] ≤ 50% + € GOLDREICH-LEVIN THEOREM Given: Function f is a one-way permutation –|x| = |f(x)| –f is one-to-one

14 GOLDREICH-LEVIN THEOREM Suppose A could guess x r with 100% success. Then, an algorithm B can get x from f(x). A(f(x), e 1 ) = xe 1 = x 1 A(f(x), e 2 ) = xe 2 = x 2 … A(f(x), e n ) = xe n = x n x = x 1 x 2 … x n

15 f(f(x)) r = 1 ARBITRARILY LONG STRETCHES x, r G x = 1001, r = 0011 f(x)r = f(1010) 0011 = 1101 0011 = 1 … f l(n) (x) r = 0 r, 0… 1 1

16 ZERO-KNOWLEDGE PROOFS “I can’t tell you my secret, but I can prove to you that I know the secret.”

17 ZERO-KNOWLEDGE PROOFS Question: Can you prove to me that you know where Waldo is without saying anything about where he is?

18 ZERO-KNOWLEDGE PROOFS Question: Can you prove to me that you know where Waldo is without saying anything about where he is? Solution: Get a copy of the picture, cut out Waldo and show it to me.

19 ZERO-KNOWLEDGE PROOFS Zero-knowledge proofs are proofs that are both convincing and yet yield nothing beyond the validity of the assertion being proved. −→ introduced 31 years ago by Goldwasser, Micali and Rackoff [1985] –Completeness: if the statement is true, the honest verifier will be convinced of this fact by an honest prover. –Soundness: if the statement is false, no cheating prover can convince the honest verifier that it is true. –Zero-knowledge: If the statement is true, no cheating verifier learns anything other than this fact.

20 3-COLORING Given the graph, how can Bob convince Alice that 3-coloring of this graph is possible without telling her the solution? 3-Coloring of a graph is assigning colors {,, } such that no pair of adjacent vertices are assigned to the same color. Google Your Company

21 3-COLORING PROTOCOL (1,4) k1 and k3 {} k1 {} k2 {} k3 Decrypt k1 as Decrypt k3 as accept != Google Your Company

22 3-COLORING PROTOCOL Completeness: If graph is 3-colorable, Verifier will accept the proof with 100%. Soundness: If the graph is not 3-colorable then there exists at least one edge such that two adjacent nodes will have the same color. During any iteration the probability that verifier selects this edge is 1/|E|. Hence, if not 3-colorable, verifier will reject with probability >= 1/|E| Zero-knowledge: If the graph 3-colorable, verifier sees two random distinct colors, does not learn whole coloring information of the graph.

23 ZERO-KNOWLEDGE APPLICATIONS Credit card payment → to prove that you know the secret code without revealing it Prove your identity → Prove that you belong to a group without revealing who you are Vote on an electronic voting system → Prove your identity, hide mapping of your identity to your vote. To enforce honest behavior in mix net (e.g. e-voting protocols) To convince someone that you have solved a Sudoku puzzle without revealing the solution.

24 CONCLUSION Cryptography, before the introduction of internet, has a military and bureaucracy use, Today it is a very important field that is a part of our daily lives. We discussed some of the techniques that have been used in encryption, one-time pad, one-way functions, pseudorandom generators, and zero knowledge systems.

25 ANY QUESTIONS?

26 REFERENCES Zero-knowledge proofs of Knowledge, Stefanie Delaune. Sanjeev Arora and Boaz Barak. 2009. Computational complexity: a modern approach. Cambridge University Press. Joan Daemen and Vincent Rijmen. 2002. The design of Rijndael: AES-the advanced encryption standard. Springer Science & Business Media. Oded Goldreich and Yair Oren. 1994. Definitions and properties of zero-knowledge proof systems. Journal of Cryptology 7, 1 (1994), 1–32. Shafi Goldwasser, Silvio Micali, and Charles Rackoff. 1989. The knowledge complexity of interactive proof systems. SIAM Journal on computing 18, 1 (1989), 186–208. Johan Hastad,RussellImpagliazzo,LeonidALevin,andMichaelLuby.1999.Apseudorandomgenerator from any one-way function. SIAM J. Comput. 28, 4 (1999), 1364–1396. Russell Impagliazzo and Michael Luby. 1989. One-way functions are essential for complexity based cryp- tography. In Foundations of Computer Science, 1989., 30th Annual Symposium on. IEEE, 230–235. Jonathan Katz and Yehuda Lindell. 2014. Introduction to modern cryptography. CRC Press. A. De Santis, G. Di Crescenzo, and G. Persiano. 1994. Secret Sharing and Perfect Zero Knowledge. In PROC. OF CRYPTO 93, SPRINGER VERLAG LNCS SERIES. Springer–Verlag, 73–84. Michael Sipser. 2006. Introduction to the Theory of Computation. Vol. 2. Thomson Course Technology Boston. Martin Tompa. 1988. Zero knowledge interactive proofs of knowledge (a digest). In Proceedings of the 2 nd Conference on Theoretical Aspects of Reasoning about Knowledge. Morgan Kaufmann Publishers Inc., 1–12. Feng Li and Bruce McMillin. 2014. Chapter Two - A Survey on Zero-Knowledge Proofs. Advances in Computers, Vol. 94. Elsevier, 25 – 69. DOI:http://dx.doi.org/10.1016/B978-0-12-800161-5.00002-5

Download ppt "CRYPTOGRAPHY COT 6410 AWRAD MOHAMMED ALI NESLISAH TOROSDAGLI JOSIAH WONG."

Similar presentations

Wonders of the Digital Envelope

Wonders of the Digital Envelope
Statistical Zero-Knowledge Arguments for NP from Any One-Way Function Salil Vadhan Minh Nguyen Shien Jin Ong Harvard University.

Statistical Zero-Knowledge Arguments for NP from Any One-Way Function Salil Vadhan Minh Nguyen Shien Jin Ong Harvard University.
Cryptography 2 / Cryptographic Protocols 1 Spring Semester 2014 Berry Schoenmakers Coding & Crypto group Department of Mathematics & Computer Science Where’s.

Cryptography 2 / Cryptographic Protocols 1 Spring Semester 2014 Berry Schoenmakers Coding & Crypto group Department of Mathematics & Computer Science Where’s.
The Complexity of Zero-Knowledge Proofs Salil Vadhan Harvard University.

The Complexity of Zero-Knowledge Proofs Salil Vadhan Harvard University.
Efficient Zero-Knowledge Proof Systems Jens Groth University College London.

Efficient Zero-Knowledge Proof Systems Jens Groth University College London.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Foundations of Cryptography Lecture 13 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 13 Lecturer: Moni Naor.
Slide 1 Vitaly Shmatikov CS 380S Introduction to Zero-Knowledge.

Slide 1 Vitaly Shmatikov CS 380S Introduction to Zero-Knowledge.
Zero-Knowledge Proofs J.W. Pope M.S. – Mathematics May 2004.

Zero-Knowledge Proofs J.W. Pope M.S. – Mathematics May 2004.
PCPs and Inapproximability Introduction. My T. Thai 2 Why Approximation Algorithms  Problems that we cannot find an optimal solution.

PCPs and Inapproximability Introduction. My T. Thai 2 Why Approximation Algorithms  Problems that we cannot find an optimal solution.
CS426Fall 2010/Lecture 351 Computer Security CS 426 Lecture 35 Commitment & Zero Knowledge Proofs.

CS426Fall 2010/Lecture 351 Computer Security CS 426 Lecture 35 Commitment & Zero Knowledge Proofs.
1 Adapted from Oded Goldreich’s course lecture notes.

1 Adapted from Oded Goldreich’s course lecture notes.
Zero Knowledge Proofs By Subha Rajagopalan Jaisheela Kandagal.

Zero Knowledge Proofs By Subha Rajagopalan Jaisheela Kandagal.
Complexity and Cryptography

Complexity and Cryptography
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Lecturer: Moni Naor Foundations of Cryptography Lecture 12: Commitment and Zero-Knowledge.

Lecturer: Moni Naor Foundations of Cryptography Lecture 12: Commitment and Zero-Knowledge.
Electronic Voting Schemes and Other stuff. Requirements Only eligible voters can vote (once only) No one can tell how voter voted Publish who voted (?)

Electronic Voting Schemes and Other stuff. Requirements Only eligible voters can vote (once only) No one can tell how voter voted Publish who voted (?)
Introduction to Modern Cryptography, Lecture 7/6/07 Zero Knowledge and Applications.

Introduction to Modern Cryptography, Lecture 7/6/07 Zero Knowledge and Applications.
233-234233-234 Sedgewick & Wayne (2004); Chazelle (2005) Sedgewick & Wayne (2004); Chazelle (2005)

Sedgewick & Wayne (2004); Chazelle (2005) Sedgewick & Wayne (2004); Chazelle (2005)

Similar presentations

Ads by Google