Presentation is loading. Please wait.

Presentation is loading. Please wait.

Where Complexity Finally Comes In Handy…

Published by서진 준 Modified over 5 years ago

Similar presentations

Presentation on theme: "Where Complexity Finally Comes In Handy…"— Presentation transcript:

1 Where Complexity Finally Comes In Handy…
Cryptography Where Complexity Finally Comes In Handy… Complexity ©D.Moshkovitz

2 The Amazing Adventures of Alice and Bob
extremely secret message Alice Bob eavesdropper Complexity ©D.Moshkovitz

3 Introduction Objectives: Overview:
PAP Introduction Objectives: To introduce the subject of cryptography and its tight connection to complexity Overview: Public key cryptography One-Way Functions and Trapdoor functions RSA Complexity ©D.Moshkovitz

4 E(e, ) D(d, ) Intuitive Approach Alice Bob encoding key decoding key
extremely secret message Alice Bob eavesdropper Complexity ©D.Moshkovitz

5 Simple Implementation: Just XOR!
Problem! Agree first on some random string e. e  e  ( ) extremely secret message Alice Bob eavesdropper Complexity ©D.Moshkovitz

6 Solution: Public-Key Cryptosystems
Bob generates a pair of keys Publishes E Keeps D private Bob E(x) D(y) Complexity ©D.Moshkovitz

7 Encryption: Requirements
“Easy” (so everyone can send Bob encrypted messages) “Hard to invert” (so no one can break the encryption) Complexity ©D.Moshkovitz

8 One-Way Functions: Formally
SIP 375 One-Way Functions: Formally Definition: A length preserving function f is a one-way function if: f is computable in polynomial time. f-1 cannot be computed in probabilistic polynomial time, i.e some textbooks demand f is one-to-one Complexity ©D.Moshkovitz

9 One-Way M inverts f correctly on at most n-k of the inputs
For sufficiently large natural n M inverts f correctly on at most n-k of the inputs For any Turing Machine M For any natural constant k Probability taken over: choices made by M random selection of w Complexity ©D.Moshkovitz

10 Applications: Authentication
Many users may login to a network Each user has a password The database can be read by everyone Problem: secure authentication Complexity ©D.Moshkovitz

11 How to Authenticate Using OWF?
One-Way Function Encrypt each password with a OWF. Store only the encrypted password. When this user tries to login… Encrypt the password she entered Compare to the stored password MyPass1234 2iB>S\]1%^o MyPass1234 2iB>S\]1%^o Complexity ©D.Moshkovitz

12 Do One-Way Functions Exist?
Believed to… OWF  P≠NP. Complexity ©D.Moshkovitz

13 Do One-Way Functions Suffice?
Problem: How would Bob generate D(y)? D is so hard, I don’t know how to compute it myself… Bob Complexity ©D.Moshkovitz

14 Trapdoor Functions … probabilistic polynomial-time TM f1 f2 index f3 G
family of functions which are hard to invert probabilistic polynomial-time TM f1 f2 index G f3 the key to invert that function Complexity ©D.Moshkovitz

15 Trapdoor Functions : Formally
SIP Trapdoor Functions : Formally Definition: A length preserving indexing function f:** * is a trapdoor function, if there exist a poly-time TM G a function h:** * which satisfy: f(i,w)=fi(w) <index, key> generator decoder Complexity ©D.Moshkovitz

16 Trapdoor Functions : Formally
SIP Trapdoor Functions : Formally f and h are computable in polynomial time. “fi is hard to invert in the absence of t” “fi is easy to invert when t is known” <i,t> is output by G Complexity ©D.Moshkovitz

17 RSA A public-key cryptosystem developed by Rivest, Shamir and Adleman.
Based on the (conjectured) hardness of factoring. Complexity ©D.Moshkovitz

18 Plan Prime numbers: basic facts and recent results. Euler’s function.
Description of the RSA cryptosystem. Complexity ©D.Moshkovitz

19 PRIMES Instance: A number in binary representation.
Problem: To decide if this number is prime. Yes instance: 10111 No instance: 10110 Complexity ©D.Moshkovitz

20 Is PRIMES in P ?! What’s the problem with the following trivial algorithm? Input: a number N Output: is N prime? for i in 2..N do for j in 2..N do if i*j=N, return FALSE return TRUE Complexity ©D.Moshkovitz

21 Prime Numbers Fact 1: There are many prime numbers
(k/log k in the range [k]={1,…,k}) Fact 2: ([AKS02]) Primality testing can be done in time polynomial in log k. Question: How to choose a random prime in [k] in time poly-log k? Complexity ©D.Moshkovitz

22 Expected time: O(polylogk)
Picking a Random Prime [k] while didn’t-find-one choose x R [k] if x  PRIMES return x uniformly at random primes Expected time: O(polylogk) Complexity ©D.Moshkovitz

23 If PrxR[k] [xS] >   XS≠
De-Randomization By Alon et Al and Naor and Naor, there’s a deterministic construction X of O(logk/2) numbers in [k] which is -close to uniform. By using it with  < log-1k, we can obtain O(polylogk) run-time (not just expectedly!) If PrxR[k] [xS] >   XS≠ Complexity ©D.Moshkovitz

24 Observe: For any prime p, (p)={1,...,p-1}
Euler’s Function (n) = { m | 1 m < n AND gcd(m,n)=1 } Euler’s function: (n)=|(n)| Example: (12)={1,2,3,4,5,6,7,8,9,10,11} (12)=4 Observe: For any prime p, (p)={1,...,p-1} Complexity ©D.Moshkovitz

25 Therefore: Dd(EN,e(m))  m (mod N)
RSA To encrypt a message, write it as a number m, and compute EN,e(m) = me (mod N) To decrypt a cipher text c, compute Dd(c) = cd (mod N) Now for (almost) any m, med  m (mod N) And therefore: (me)d  m (mod N) Therefore: Dd(EN,e(m))  m (mod N) Complexity ©D.Moshkovitz

26 The Public and Private Keys
Choose two long random prime numbers p, q set N = pq Randomly choose an odd number e s.t: 1 < e < (N) gcd(e, (N)) = 1 Let d be the inverse of e, namely ed  1 (mod (n)) Public key: <N, e> ; Private key: d Compute d using Euclid’s gcd algorithm Complexity ©D.Moshkovitz

27 Summary We presented the notion of Public Key Cryptosystems and its well-known implementation, RSA. We examined some of the underlying assumptions of cryptography: Existence of one-way functions Existence of trapdoor functions These assumptions are stronger than the standard complexity assumption P≠NP. Complexity ©D.Moshkovitz

Download ppt "Where Complexity Finally Comes In Handy…"

Similar presentations

ONE WAY FUNCTIONS SECURITY PROTOCOLS CLASS PRESENTATION.

ONE WAY FUNCTIONS SECURITY PROTOCOLS CLASS PRESENTATION.
1 Complexity ©D.Moshkovitz Cryptography Where Complexity Finally Comes In Handy…

1 Complexity ©D.Moshkovitz Cryptography Where Complexity Finally Comes In Handy…
RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.

RSA COSC 201 ST. MARY’S COLLEGE OF MARYLAND FALL 2012 RSA.
BY : Darshana Chaturvedi.  INTRODUCTION  RSA ALGORITHM  EXAMPLES  RSA IS EFFECTIVE  FERMAT’S LITTLE THEOREM  EUCLID’S ALGORITHM  REFERENCES.

BY : Darshana Chaturvedi.  INTRODUCTION  RSA ALGORITHM  EXAMPLES  RSA IS EFFECTIVE  FERMAT’S LITTLE THEOREM  EUCLID’S ALGORITHM  REFERENCES.
Public Key Encryption Algorithm

Public Key Encryption Algorithm
Primality Testing By Ho, Ching Hei Cheung, Wai Kwok.

Primality Testing By Ho, Ching Hei Cheung, Wai Kwok.
7. Asymmetric encryption-

7. Asymmetric encryption-
95-712 OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.

OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.
RSA ( Rivest, Shamir, Adleman) Public Key Cryptosystem

RSA ( Rivest, Shamir, Adleman) Public Key Cryptosystem
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Public Encryption: RSA

Public Encryption: RSA
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Introduction to Modern Cryptography Lecture 7 1.RSA Public Key CryptoSystem 2.One way Trapdoor Functions.

Introduction to Modern Cryptography Lecture 7 1.RSA Public Key CryptoSystem 2.One way Trapdoor Functions.
Theory I Algorithm Design and Analysis (9 – Randomized algorithms) Prof. Dr. Th. Ottmann.

Theory I Algorithm Design and Analysis (9 – Randomized algorithms) Prof. Dr. Th. Ottmann.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Public Key Algorithms 4/17/2017 M. Chatterjee.

Public Key Algorithms 4/17/2017 M. Chatterjee.
Codes, Ciphers, and Cryptography-RSA Encryption

Codes, Ciphers, and Cryptography-RSA Encryption
1 CIS 5371 Cryptography 8. Asymmetric encryption-.

1 CIS 5371 Cryptography 8. Asymmetric encryption-.
RSA Public Key Algorithm. RSA Algorithm history  Invented in 1977 at MIT  Named for Ron Rivest, Adi Shamir, and Len Adleman  Based on 2 keys, 1 public.

RSA Public Key Algorithm. RSA Algorithm history  Invented in 1977 at MIT  Named for Ron Rivest, Adi Shamir, and Len Adleman  Based on 2 keys, 1 public.
RSA Implementation. What is Encryption ? Encryption is the transformation of data into a form that is as close to impossible as possible to read without.

RSA Implementation. What is Encryption ? Encryption is the transformation of data into a form that is as close to impossible as possible to read without.

Similar presentations

Ads by Google