Presentation is loading. Please wait.

Presentation is loading. Please wait.

CRYPTOGRAPHY: STATE OF THE SCIENCE ASIACRYPT 2003 invited talk Adi Shamir Computer Science Dept The Weizmann Institute Israel.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CRYPTOGRAPHY: STATE OF THE SCIENCE ASIACRYPT 2003 invited talk Adi Shamir Computer Science Dept The Weizmann Institute Israel."— Presentation transcript:

1 CRYPTOGRAPHY: STATE OF THE SCIENCE ASIACRYPT 2003 invited talk Adi Shamir Computer Science Dept The Weizmann Institute Israel

2 Cryptography: major trends

3 u From secret to public

4 Cryptography is central crypto Math& stat Computers and chips Com&info theory Comp science Hi-tech industry Policy issues

5 Cryptography is fun u Gets lots of media attention u Attracts hackers u Is full of delightful ideas u Serves as an excellent educational tool

6 Cryptography: major trends u From secret to public u From national to international

7 The geography of cryptography u Publicly started in the US

8 The geography of cryptography u Publicly started in the US u Followed by Europe

9 The geography of cryptography u Publicly started in the US u Followed by Europe u Is rapidly expanding in Asia

10 Cryptography: major trends u From secret to public u From national to international u From art to science

11 Cryptography as a scientific discipline Is thriving as a scientific area of research: u Taught at most major universities u Attracts many excellent students u Discussed at many conferences (>25 in the next 6 months!) u Published in hundreds of papers (e.g., EPRINT) u Major conferences have >500 attendees (Major trade shows have >10,000 attendees) Received the ultimate seal of approval from the general CS community (the Turing award…)

12 Should we rename the field? u Cryptography means “secret writing” u The official naming of the field: Cryptology = Cryptography + cryptanalysis

13 Should we rename the field? u Cryptography means “secret writing” u The official naming of the field: Cryptology = Cryptography + cryptanalysis u These terms have problematic conotations u Many research subfields do not deal with the encryption or decryption of secret information

14 Should we rename the field? u Cryptography means “secret writing” u The official naming of the field: Cryptology = Cryptography + cryptanalysis u These terms have problematic conotations u Many research subfields do not deal with the encryption or decryption of secret information u I propose to call the broader field Adversity Theory = cryptology + other areas

15 Cryptography: major trends u From secret to public u From national to international u From art to science u From math to physics

16 Related scientific fields: u OLD COMBINATIONS: u Probability and statistics u Algebra u Number Theory

17 Related scientific fields: u OLD COMBINATIONS: u Probability and statistics u Algebra u Number Theory u NEW COMBINATIONS: u Signal processing (in steg, fingerprinting) u Electronics (in side channel attacks) u Physics (in quantum computers and crypto)

18 Cryptography: major trends u From secret to public u From national to international u From art to science u From math to physics u From theory to practice

19 Cryptography unites Theory & practice u Practical theory: - using abstract math tools in cryptanalysis - proving the security of real protocols -developing new cryptographic schemes u Theoretical practice: - developing new notions of security, complexity, logics, and randomness - turning cryptography from art to science

20 New challenges in cryptography u Payment systems u Cellular telephony u Wi-Fi networks u RFID tags u DRM systems

21 Cryptography: major trends u From secret to public u From national to international u From art to science u From math to physics u From theory to practice u From political to legal issues

22 Cryptographic misconceptions u By policy makers: crypto is dangerous, but: - weak crypto is not a solution - controls can’t stop the inevitable u By researchers: A provably secure system is secure, but: - proven false by indirect attacks - can be based on false assumptions - requires careful choice of parameters u By implementers: Cryptography solves everything, but: - only basic ideas are successfully deployed - only simple attacks are avoided - bad crypto can provide a false sense of security

23 The three laws of security: u Absolutely secure systems do not exist u To halve your vulnerability, you have to double your expenditure u Cryptography is typically bypassed, not penetrated

24 Cryptography: A rapidly moving field

25 u 75-80: Public key cryptography, basic schemes

26 Cryptography: A rapidly moving field u 75-80: Public key cryptography, basic schemes u 80-85: Theoretical foundations, new protocols

27 Cryptography: A rapidly moving field u 75-80: Public key cryptography, basic schemes u 80-85: Theoretical foundations, new protocols u 85-90: Zero Knowledge, secure computation

28 Cryptography: A rapidly moving field u 75-80: Public key cryptography, basic schemes u 80-85: Theoretical foundations, new protocols u 85-90: Zero Knowledge, secure computation u 90-95: Diff&lin cryptanalysis, quantum comp

29 Cryptography: A rapidly moving field u 75-80: Public key cryptography, basic schemes u 80-85: Theoretical foundations, new protocols u 85-90: Zero Knowledge, secure computation u 90-95: Diff&lin cryptanalysis, quantum comp u 95-00: Side channel attacks, elliptic curves

30 Cryptography: A rapidly moving field u 75-80: Public key cryptography, basic schemes u 80-85: Theoretical foundations, new protocols u 85-90: Zero Knowledge, secure computation u 90-95: Diff&lin cryptanalysis, quantum comp u 95-00: Side channel attacks, elliptic curves u 00-05: ???

31 The basic schemes: Major trends

32 u Secret key cryptography: DES out, AES in

33 The basic schemes: Major trends u Secret key cryptography: DES out, AES in u Public key cryptography: RSA steady, EC improving, faster schemes increasingly risky and less appealing. Should not be used for long term security.

34 The basic schemes: Major trends u Secret key cryptography: DES out, AES in u Public key cryptography: RSA steady, EC improving, faster schemes increasingly risky and less appealing. Should not be used for long term security. u Quantum schemes: the wild card

35 Some of my controvertial positions:

36 When applied in practice:

37 Some of my controvertial positions: When applied in practice: u Security should not be overdone

38 Some of my controvertial positions: When applied in practice: u Security should not be overdone u Security should not be overexposed

39 Some of my controvertial positions: When applied in practice: u Security should not be overdone u Security should not be overexposed u Security should not be underregulated

40 Some of my controvertial positions: When applied in practice: u Security should not be overdone u Security should not be overexposed u Security should not be underregulated u Security should be guided by an ethical code

41 Some of my controvertial positions: When applied in practice: u Security should not be overdone u Security should not be overexposed u Security should not be underregulated u Security should be guided by an ethical code u Security should be complemented by legal measures

42 Cryptographic status report In each of the six major subareas I’ll summarize: u The major achievements so far u Strong and weak points, major challenges u A 1-10 grade

43 Theory of cryptography u Well defined primitives & definitions of security u Well understood relationships between notions u Deep connections with randomness & complexity u Beautiful mathematical results u Highly developed theory u Excellent design tools u Challenge: reduce dependence on assumptions u Final grade: 9

44 Public key encryption and signature schemes u RSA, DH, DSA u Based on modular arithmetic, EC, other ideas(?) u Vigorous cryptanalytic research u Excellent theory u Expanding applications u Challenges: Break a major scheme, make a new one u Final grade: 8

45 Secret key cryptography – block ciphers u DES, AES, modes of operation u Differential and linear cryptanalysis u Good cryptanalytic tools u Reasonable choice of primitives u Many good schemes u Challenge: Connect strong theory with strong practice u Final grade: 7

46 Secret key cryptography – stream ciphers u Linear feedback shift registers u Fast correlation attacks, algebraic attacks u Limited cryptanalytic tools u Narrow choice of primitives u Many insecure schemes u Challenge: Improve weak theory and weak practice u Final grade: 4

47 Theoretical Cryptographic protocols u Zero knowledge interactive proofs u Secure multiparty computations u Almost anything is doable and provable u Many gems u Theoretical protocols are too slow u Challenge: Make the strong theory practical u Final grade: 8

48 Practical Cryptographic protocols u Many ad-hoc ideas u Proofs in the random oracle model (ROM) u Rapidly expanding body of results u Lots of buggy protocols u Reasonable design primitives u Improving theory u Challenges: incorporate side channel attacks, ROM u Final grade: 5

49 Cryptographic predictions: u AES will remain secure for the forseeable future u Some PK schemes and key sizes will be successfully attacked in the next few years u Crypto will be invisibly everywhere u Vulnerabilities will be visibly everywhere u Crypto research will remain vigorous, but only its simplest ideas will become practically useful u Non-crypto security will remain a mess

50 Summary u It was a thrilling 25 year journey u The best is yet to come u Thanks to everyone!

Download ppt "CRYPTOGRAPHY: STATE OF THE SCIENCE ASIACRYPT 2003 invited talk Adi Shamir Computer Science Dept The Weizmann Institute Israel."

Similar presentations

Course summary COS 433: Crptography -Spring 2010 Boaz Barak.

Course summary COS 433: Crptography -Spring 2010 Boaz Barak.
11 Provable Security. 22 Given a ciphertext, find the corresponding plaintext.

11 Provable Security. 22 Given a ciphertext, find the corresponding plaintext.
Intro 1 Introduction Intro 2 Good Guys and Bad Guys  Alice and Bob are the good guys  Trudy is the bad guy  Trudy is our generic “intruder”

Intro 1 Introduction Intro 2 Good Guys and Bad Guys  Alice and Bob are the good guys  Trudy is the bad guy  Trudy is our generic “intruder”
CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.

CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
Part 4  Software 1 Conclusion Part 4  Software 2 Course Summary  Crypto o Basics, symmetric key, public key, hash functions and other topics, cryptanalysis.

Part 4  Software 1 Conclusion Part 4  Software 2 Course Summary  Crypto o Basics, symmetric key, public key, hash functions and other topics, cryptanalysis.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
Oblivious Transfer based on the McEliece Assumptions

Oblivious Transfer based on the McEliece Assumptions
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Mechanising Cryptography Professor Richard Walton CB.

Mechanising Cryptography Professor Richard Walton CB.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
15-349 Introduction to Computer and Network Security Iliano Cervesato 26 August 2008 – Modern Cryptography.

Introduction to Computer and Network Security Iliano Cervesato 26 August 2008 – Modern Cryptography.
What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.

What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.
CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.

Similar presentations

Ads by Google