Presentation is loading. Please wait.

Presentation is loading. Please wait.

Brief Overview of Cryptography. 2 Outline  cryptographic primitives – symmetric key ciphers block ciphers stream ciphers – asymmetric key ciphers – cryptographic.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Brief Overview of Cryptography. 2 Outline  cryptographic primitives – symmetric key ciphers block ciphers stream ciphers – asymmetric key ciphers – cryptographic."— Presentation transcript:

1 Brief Overview of Cryptography

2 2 Outline  cryptographic primitives – symmetric key ciphers block ciphers stream ciphers – asymmetric key ciphers – cryptographic hash functions  protocol primitives – block cipher operation modes – “enveloping” – message authentication codes – digital signatures  key management protocols – session key establishment with symmetric and asymmetric key techniques – Diffie-Hellman key exchange and the man-in-the-middle attack – public key certification

3 3 Cryptographic primitives E E D D x plaintext k encryption key k’ decryption key E k (x) ciphertext D k’ (E k (x)) = x attacker Operational model of encryption  Kerckhoff’s assumption: – attacker knows E and D – attacker doesn’t know the (decryption) key  attacker’s goal: – to systematically recover plaintext from ciphertext – to deduce the (decryption) key  attack models: – ciphertext-only – known-plaintext – (adaptive) chosen-plaintext – (adaptive) chosen-ciphertext

4 4 block ciphers block cipher block cipher plaintextciphertext key padding Symmetric key encryption  it is easy to compute k from k’ (and vice versa)  often k = k’  two main types: stream ciphers and block ciphers pseudo-random bit stream generator pseudo-random bit stream generator +... plaintextciphertext stream ciphers seed Cryptographic primitives

5 5 One-time pad – theoretical vs. practical security  one-time pad – a stream cipher where the key stream is a true random bit stream – unconditionally secure (Shannon, 1949) – however, the key must be as long as the plaintext to be encrypted  practical ciphers – use much shorter keys – are not unconditionally secure, but computationally infeasible to break – however, proving that a cipher is computationally secure is not easy not enough to consider brute force attacks (key size) only a cipher may be broken due to weaknesses in its (algebraic) structure – no proofs of security exist for many ciphers used in practice – if a proof exists, it usually relies on assumptions that are widely believed to be true (such as P  NP) Cryptographic primitives

6 6 DES – Data Encryption Standard  input size: 64, output size: 64, key size: 56  16 rounds  Feistel structure – F need not be invertible – decryption is the same as encryption with reversed key schedule (hardware implementation!) Initial Permutation F F + F F + F F + F F + … Initial Permutation -1 (64) (32) (48) Key Scheduler (56) K K1K1 K2K2 K 16 K3K3 X Y Cryptographic primitives

7 7 DES round function F ++++++++++++++++++++++++++++++++++++++++++++++++ S1 S2 S3 S4 S5 S6 S7 S8 P P  S i – substitution box (S-box) (look-up table)  P – permutation box (P-box) Cryptographic primitives

8 8 DES key scheduler Permuted Choice 1 Permuted Choice 2 Left shift(s) Permuted Choice 2 Left shift(s) … (28) (56) K (28) (48) K1K1 K2K2  each key bit is used in around 14 out of 16 rounds Cryptographic primitives

9 9 AES – Advanced Encryption Standard  NIST selected Rijndael (designed by Joan Daemen and Vincent Rijmen) as a successor of DES (3DES) in November 2001  Rijndael parameters – key size128192256 – input/output size128128128 – number of rounds 10 12 14 – round key size128128128  not Feistel structure  decryption algorithm is different from encryption algorithm (optimized for encryption)  single 8 bit to 8 bit S-box  key injection (bitwise XOR) Cryptographic primitives

10 10 General structure of Rijndael encryption/decryption Cryptographic primitives add round key substitute bytes shift rows mix columns add round key substitute bytes shift rows mix columns add round key substitute bytes shift rows add round key plaintext ciphertext add round key inverse subs bytes inverse shift rows inverse mix columns add round key inverse subs bytes inverse shift rows inverse mix columns add round key inverse subs bytes inverse shift rows add round key plaintext ciphertext w[0..3] w[4..7] w[36..39] w[40..43] expanded key round 1 round 9 round 10 round 1 round 9 round 10

11 11 Rijndael – Shift row and mix column Cryptographic primitives s 00 s 10 s 20 s 30 s 01 s 11 s 21 s 31 s 02 s 12 s 22 s 32 s 03 s 13 s 23 s 33 s 00 s 11 s 22 s 33 s 01 s 12 s 23 s 30 s 02 s 13 s 20 s 31 s 03 s 10 s 21 s 32 LROT1 LROT2 LROT3 shift row s 00 s 10 s 20 s 30 s 01 s 11 s 21 s 31 s 02 s 12 s 22 s 32 s 03 s 13 s 23 s 33 s’ 00 s’ 10 s’ 20 s’ 30 s’ 01 s’ 11 s’ 21 s’ 31 s’ 02 s’ 12 s’ 22 s’ 32 s’ 03 s’ 13 s’ 23 s’ 33 mix column 2 3 1 1 1 2 3 1 1 1 2 3 3 1 1 2 x= multiplications and additions are performed over GF(2 8 )

12 12 Rijndael – Key expansion Cryptographic primitives k0k0 k1k1 k2k2 k3k3 k4k4 k5k5 k6k6 k7k7 k8k8 k9k9 k 10 k 11 k 12 k 13 k 14 k 15 w0w0 w1w1 w2w2 w3w3 w4w4 w5w5 w6w6 w7w7 + g g +++ w8w8 w9w9 w 10 w 11 + g g +++ … function g - rotate word - substitute bytes - XOR with round constant

13 13 RC4 stream cipher  initialization (input: a seed K of keylen bytes) for i = 0 to 255 do S[i] = i; T[i] = K[i mod keylen];  initial permutation j = 0; for i = 0 to 255 do j = (j + S[i] + T[i]) mod 256; swap(S[i], S[j]);  stream generation (output: a stream of pseudo-random bytes) i, j = 0; while true i = (i + 1) mod 256; j = (j + S[i]) mod 256; swap(S[i], S[j]); t = (S[i] + S[j]) mod 256; output S[t]; Cryptographic primitives

14 14 Asymmetric key encryption  breakthrough of Diffie and Hellman, 1976  it is hard (computationally infeasible) to compute k’ from k  k can be made public (public-key cryptography) E E D D x plaintext k encryption key k’ decryption key E k (x) ciphertext D k’ (E k (x)) = x attacker Cryptographic primitives

15 15 RSA (Rivest, Shamir, Adleman, 1978)  basis – computing x e mod n is easy but x 1/e mod n is hard (n is composite) – intractability of integer factoring  key generation – select p, q large primes (about 500 bits each) – n = pq,  (n) = (p-1)(q-1) – select e such that 1 < e <  (n) and gcd(e,  (n)) = 1 – compute d such that ed mod  (n) = 1 (this is easy if p and q are known) – public key is (e, n) – private key is d  encryption c = m e mod n where m < n is the message  decryption c d mod n = m Cryptographic primitives

16 16 Proof of RSA decryption  Fermat’s theorem Let r be a prime. If gcd(a, r) = 1, then a r-1 mod r = 1.  Euler’s generalization For every a and n where gcd(a, n) = 1, a  (n) mod n = 1.  RSA decryption c d mod n = (m e mod n) d mod n = m ed mod n = m k  (n)+1 mod n = m*(m  (n) ) k mod n = m*(m  (n) mod n) k mod n  if gcd(m, n) = 1 = m mod n = m Cryptographic primitives

17 17 Proof of RSA decryption cont’d  RSA decryption if gcd(m, n) > 1 – either p|m or q|m – assume without loss of generality that p|m – note that in this case, q|m cannot hold since otherwise m  pq = n – this means that gcd(m, q) = 1 c d mod p = m ed mod p = 0 c d mod q = m ed mod q = m k(p-1)(q-1)+1 mod q = m*(m (q-1) ) k(p-1) mod q = m*(m (q-1) mod q) k(p-1) mod q = m mod q  p,q|(c d – m)  c d – m = spq = sn  c d = sn + m  c d mod n = m mod n = m

18 18 Cryptographic hash functions  requirements – one-way: given a hash value y, it is computationally infeasible to find a message x such that h(x) = y – weak collision resistance: given a message x, it is computationally infeasible to find another message x’ such that h(x) = h(x’) – (strong) collision resistance: it is computationally infeasible to find two messages x and x’ such that h(x) = h(x’) message of arbitrary length fix length message digest / hash value / fingerprint Cryptographic primitives hash function

19 19 How long should a hash value be?  birthday paradox – P(n, k) = Pr{ there exists at least one duplicate among k items where each item can take on one of n equally likely values} – P(n, k) > 1 – exp( -k*(k-1)/2n ) – Q: What value of k is needed such that P(n, k) > 0.5 ? – A: k should approximately be n 0.5 – e.g., P(365, 23) > 0.5  birthday paradox applied to hash function h – n is the number of possible hash values – one can find a collision among n 0.5 messages with probability greater than 0.5 – if output size of h is 64 bits, then n 0.5 is 2 32  too small – output size should be at least 128 but 160 is even better Cryptographic primitives

20 20 General structure of hash functions  if the compression function f is collision resistant, then so is the iterated hash function (Merkle and Damgard, 1989)  if necessary, the final block is padded to b bits  the final block also includes the total length of the input (this makes the job of an attacker more difficult) f f X1X1 CV 0 (b) (n) CV 1 f f X2X2 (b) (n) CV 2 f f X3X3 (b) (n) CV 3 CV L-1 f f XLXL (b) (n) h(X) … Cryptographic primitives

21 21 SHA1 – Secure Hash Algorithm  output size (n): 160 bits  input block size (b): 512 bits  padding is always used  CV 0 A = 67 45 23 01 B = EF CD AB 89 C = 98 BA DC FE D = 10 32 54 76 E = C3 D2 E1 F0 Cryptographic primitives 10000000 … 00000 length 512 bits 64 bits last input block

22 22 SHA1 compression function f Cryptographic primitives f[0..19], K[0..19], W[0..19] 20 steps f[0..19], K[0..19], W[0..19] 20 steps f[20..39], K[20..39], W[20..39] 20 steps f[20..39], K[20..39], W[20..39] 20 steps f[40..59], K[40..59], W[40..59] 20 steps f[40..59], K[40..59], W[40..59] 20 steps f[60..79], K[60..79], W[60..79] 20 steps f[60..79], K[60..79], W[60..79] 20 steps +++++ A C B E D A C B E D A C B E D CV i - 1 CV i (5 x 32 = 160) XiXi (512) mod 2 32 additions

23 23 SHA1 compression function f cont’d Cryptographic primitives LROT5 + LROT30 f[t] + + + ABCDE ABCDE W[t] K[t] mod 2 32 additions

24 24 SHA1 compression function f cont’d  f[t](B, C, D) t = 0..19f[t](B, C, D) = (B  C)  (  B  D) t = 20..39f[t](B, C, D) = B  C  D t = 40..59 f[t](B, C, D) = (B  C)  (B  D)  (C  D) t = 60..79f[t](B, C, D) = B  C  D  W[t] W[0..15] = X i t = 16..79 W[t] = LROT1(W[t-16]  W[t-14]  W[t-8]  W[t-3])  K[t] t = 0..19 K[t] = 5A 82 79 99 [2 30 x 2 1/2 ] t = 20..39 K[t] = 6E D9 EB A1 [2 30 x 3 1/2 ] t = 40..59 K[t] = 8F 1B BC DC [2 30 x 5 1/2 ] t = 60..79 K[t] = CA 62 C1 D6 [2 30 x 10 1/2 ] Cryptographic primitives

25 25 Block cipher operation modes – ECB  Electronic Codebook (ECB) – encrypt – decrypt Protocol primitives E E P1P1 C1C1 K E E P2P2 C2C2 K E E PNPN CNCN K … D D C1C1 P1P1 K D D C2C2 P2P2 K D D CNCN PNPN K …

26 26 Block cipher operation modes – CBC  Cipher Block Chaining (CBC) – encrypt – decrypt E E P1P1 C1C1 K + E E P2P2 C2C2 K + E E P3P3 C3C3 K + E E PNPN C N-1 K + IV C N-1 … D D C1C1 P1P1 K + IV D D C2C2 P2P2 K + D D C3C3 P3P3 K + D D CNCN PNPN K + C N-1 Protocol primitives

27 27 Block cipher operation modes – CFB  Cipher Feedback (CFB) – encrypt– decrypt E E PiPi CiCi K + shift register (n) (n) select s bits (n) (s) initialized with IV E E CiCi PiPi K + shift register (n) (n) select s bits (n) (s) initialized with IV Protocol primitives

28 28 Block cipher operation modes – OFB  Output Feedback (OFB) – encrypt– decrypt E E PiPi CiCi K + shift register (n) (n) select s bits (n) (s) initialized with IV E E CiCi PiPi K + shift register (n) (n) select s bits (n) (s) initialized with IV Protocol primitives

29 29 Block cipher operation modes – CTR  Counter (CTR) – encrypt– decrypt – advantages efficiency (parallelizable) random access (the i-th block can be decrypted independently of the others) preprocessing (the values to be XORed with the plaintext can be pre-computed) security (at least as secure as the other modes) simplicity (does not need the decryption algorithm) E E PiPi CiCi K + (n) counter + i (n) E E CiCi PiPi K + counter + i (n) Protocol primitives

30 30 Enveloping  public-key encryption is slow (~1000 times slower than symmetric key encryption)  it is mainly used to encrypt symmetric bulk encryption keys Protocol primitives generate random symmetric key generate random symmetric key symmetric-key cipher (in CBC mode) symmetric-key cipher (in CBC mode) plaintext message public key of the receiver asymmetric-key cipher asymmetric-key cipher digital envelop bulk encryption key

31 31 Message Authentication Codes (MAC)  used to protect the integrity of messages  also called cryptographic checksums  computation of a MAC involves a secret (shared key)  can be based on an encryption function E Y 1 = E K (X 1 ) Y i = E K (X i + Y i -1 ) MAC K (X) = Y last  or a hash function h MAC K (X) = h(X|K)  or both MAC K (X) = E K (h(X)) Protocol primitives

32 32 HMAC  definition HMAC K (X) = h( (K + + opad) | h( (K + + ipad) | X ) ) where – h is a hash function with input block size b and output size n – K + is K padded with 0s on the left to obtain a length of b bits – ipad is 00110110 repeated b/8 times – opad is 01011100 repeated b/8 times – + is XOR and | is concatenation  design objectives – to use available hash functions – easy replacement of the embedded hash function – preserve performance of the original hash function – handle keys in a simple way – allow mathematical analysis Protocol primitives

33 33 Digital signatures  similar to MACs but – unforgeable by the receiver – verifiable by a third party  used for message authentication and non-repudiation (of message origin)  based on public-key cryptography – signature generation is based on the private key of the sender – signature verification is based on the public key of the sender  example: RSA based digital signature – public key: (e, n); private key: (d, n) – signature generation (input: m; output:  )  (m) = m d mod n – signature verification (input: , m; output: yes/no)  e mod n = m? Protocol primitives

34 34 “Hash and sign” paradigm  motivation: public/private key operations are slow  approach: hash the message first and apply public/private key operations to the hash only Protocol primitives h h enc private key of sender message hash signature h h message hash dec public key of sender signature compare yes/no generation verification

35 35 ElGamal signature scheme  key generation – generate a large random prime p and select a generator g of Z p * – select a random integer 0 < a < p-1 – compute A = g a mod p – public key: ( p, g, A ) private key: a  signature generation for message m – select a random secret integer 0 < k < p – 1 such that gcd(k, p – 1) = 1 – compute k -1 mod (p – 1) – compute r = g k mod p – compute s = k -1 ( h(m) – ar ) mod (p – 1) – signature on m is (s, r) Protocol primitives

36 36 ElGamal signature scheme cont’d  signature verification – obtain the public key (p, g, A) of the signer – verify that 0 < r < p; if not then reject the signature – compute v 1 = A r r s mod p – compute v 2 = g h(m) mod p – accept the signature iff v 1 = v 2  proof that signature verification works s  k -1 ( h(m) – ar ) (mod p – 1) ks  h(m) – ar (mod p – 1) h(m)  ks + ar (mod p – 1) g h(m)  g ar+ks  (g a ) r (g k ) s  A r r s (mod p) thus, v 1 = v 2 is required Protocol primitives

37 37 How to establish a shared symmetric key?  manually – pairwise symmetric keys are established manually – inflexible and doesn’t scale  with symmetric-key cryptography – long-term symmetric keys are established manually between each user and a Key Distribution Center (KDC) – cryptographic protocols that use these long-term keys are used to setup short-term (session) keys – the KDC must be fully trusted  with asymmetric-key cryptography – the symmetric key is encrypted with the public key of the intended receiver – how to obtain an authentic copy of the public key of the receiver? Key management

38 38 Key management A, { B, K ab, T a } K as { A, K ab, T s } K bs ABS generate K ab SB M (impersonating A and B) B, { A, K ab, T s } K bs { B, K ab, T s ’ } K as A, { B, K ab, T s ’ } K as { A, K ab, T s ’’ } K bs... { A, K ab, T s (n) } K bs The Wide-Mouth-Frog protocol  a vulnerability

39 39 The Needham-Schroeder protocol (1978)  Denning and Sacco attack (1981) – message 3 doesn’t contain anything fresh for B – an attacker can cryptanalyze an old session key K ab and replay message 3 to B – the attacker can finish the protocol – B will think he shares a key K ab with A, but A is not involved at all Key management A, B, N a { N a, B, K ab, {K ab, A} K bs } K as SBA generate K ab { K ab, A } K bs { N b } K ab { N b -1 } K ab

40 40 Public-key Needham-Schroeder (1978)  since N a and N b are known only to A and B, one may suggest that they can generate a key as f(N a, N b )  Lowe’s attack (1995) AB { A, N a } K b { N a, N b } K a { N b } K b AB { A, N a } K m { N a, N b } K a { N b } K m M { A, N a } K b { N a, N b } K a { N b } K b Key management

41 41 generate random number 0 < a < p-1 and calculate A = g a mod p generate random number 0 < a < p-1 and calculate A = g a mod p generate random number 0 < b < p-1 and calculate B = g b mod p generate random number 0 < b < p-1 and calculate B = g b mod p calculate K= B a mod p = g ab mod p calculate K= B a mod p = g ab mod p calculate K= A b mod p = g ab mod p calculate K= A b mod p = g ab mod p Diffie-Hellman key exchange (1976) Initially known: p large prime g generator of Z p * A B AliceBob Key management

42 42 Man-in-the-middle attack  consider the following protocol  the MiM attack A B A, K a { message } K a A, K a { message } K a A M B A, K m { message } K m Key management

43 43 Public-key certificates  a certificate is data structure that contains – the public key – name of the owner of the public key – name of the issuer – date of issuing – expiration date – possibly other data – signature of the issuer  issuers are usually trusted third parties called Certification Authorities (CA) – need not be on-line  certificates are distributed through on-line databases called Certificate Directories – need not be trusted Key management

44 44 Single CA  every public key is certified by a single CA  each user knows the public key of the CA  each user can verify every certificate  note: the CA must be trusted for issuing correct certificates  problem: doesn’t scale CA … CA structures

45 45 Certificate chains  first certificate can be verified with a known public key  each further certificate can be verified with the public key from the previous certificate  last certificate contains the target key (Bob’s public key)  note: every issuer in the chain must be trusted (CA0, CA1, CA2) CA1 K CA1 K CA0 -1 CA2 K CA2 K CA1 -1 Bob K Bob K CA2 -1 K CA0 CA structures

46 46 CA structures CA 0 CA 1 CA 2 CA 3 CA 11 CA 12 CA 23 CA 31 CA 32  each user knows the public key of the root CA 0 AliceBob CA structures

47 47 CA structures cont’d  each user knows the public key of its local CA CA 0 CA 1 CA 2 CA 3 CA 11 CA 12 CA 23 CA 31 CA 32 AliceBob CA structures

48 48 CA structures cont’d  each user knows the public key of her root CA CA 1 CA 3 CA 11 CA 12 CA 2 CA 31 CA 32 Alice Bob CA structures

Download ppt "Brief Overview of Cryptography. 2 Outline  cryptographic primitives – symmetric key ciphers block ciphers stream ciphers – asymmetric key ciphers – cryptographic."

Similar presentations

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)

Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)
Web Security for Network and System Administrators1 Chapter 4 Encryption.

Web Security for Network and System Administrators1 Chapter 4 Encryption.
 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.

 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 4 Data Authentication Part I.

J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 4 Data Authentication Part I.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.

Similar presentations

Ads by Google