Presentation is loading. Please wait.

Presentation is loading. Please wait.

Announcements: Computer exam next class Computer exam next classQuestions? DTTF/NB479: DszquphsbqizDay 10.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Announcements: Computer exam next class Computer exam next classQuestions? DTTF/NB479: DszquphsbqizDay 10."— Presentation transcript:

1 Announcements: Computer exam next class Computer exam next classQuestions? DTTF/NB479: DszquphsbqizDay 10

2 Tomorrow’s exam For each problem, I’ll specify the algorithm: Shift Affine Vigenere Hill and the attack: Ciphertext only known plaintext You may use code that you wrote or that you got from the textbook. May require you to modify your code some on the fly Have your algorithms ready to run…

3 Can we generalize Fermat’s little theorem to composite moduli?

4 How can Alice get a secret message to Bob without an established key? Can do it with locks. First 2 volunteers get to do a live demo The three-pass protocol is an application of Fermat’s little theorem to key exchange

5 Situation: Alice wants to get a short message to Bob, but they don’t have an established key to transmit it. Can do with locks: The three-pass protocol is an application of Fermat’s little theorem to key exchange

6 Situation: Alice wants to get a short message to Bob, but they don’t have an established key to transmit it. Can do with locks: The three-pass protocol is an application of Fermat’s little theorem to key exchange

7 Situation: Alice wants to get a short message to Bob, but they don’t have an established key to transmit it. Can do with locks: The three-pass protocol is an application of Fermat’s little theorem to key exchange

8 Situation: Alice wants to get a short message to Bob, but they don’t have an established key to transmit it. Can do with locks: Note: it’s always secured by one of their locks The three-pass protocol is an application of Fermat’s little theorem to key exchange

9 K: the secret message p: a large public prime number > K The two locks: a: Alice’s random #, gcd(a,p-1)=1 a: Alice’s random #, gcd(a,p-1)=1 b: Bob’s random #, gcd(b,p-1)=1 b: Bob’s random #, gcd(b,p-1)=1 To unlock their locks: a -1 mod (p-1) a -1 mod (p-1) b -1 mod (p-1) b -1 mod (p-1) In the three-pass protocol, the “locks” are random numbers that satisfy specific properties

10 K: the secret message p: a public prime number > K The two locks: a: Alice’s random #, gcd(a,p-1)=1 a: Alice’s random #, gcd(a,p-1)=1 b: Bob’s random #, gcd(b,p-1)=1 b: Bob’s random #, gcd(b,p-1)=1 To unlock their locks: a -1 mod (p-1) a -1 mod (p-1) b -1 mod (p-1) b -1 mod (p-1) Three-pass protocol: Alice computes K a (mod p) and sends to Bob Bob computes (K a ) b (mod p) and sends it back Alice computes ((K a ) b ) a -1 (mod p) and sends it back Bob computes (((K a ) b ) a -1 ) b -1 (mod p) and reads K In the three-pass protocol, the “locks” are random numbers that satisfy specific properties

11 K: the secret message p: a public prime number > K The two locks: a: Alice’s random #, gcd(a,p-1)=1 a: Alice’s random #, gcd(a,p-1)=1 b: Bob’s random #, gcd(b,p-1)=1 b: Bob’s random #, gcd(b,p-1)=1 To unlock their locks: a -1 mod (p-1) a -1 mod (p-1) b -1 mod (p-1) b -1 mod (p-1) Three-pass protocol: Alice computes K a (mod p) and sends to Bob Bob computes (K a ) b (mod p) and sends it back Alice computes ((K a ) b ) a -1 (mod p) and sends it back Bob computes (((K a ) b ) a -1 ) b -1 (mod p) and reads K Toy example: 36 17 (mod 59) = 12 12 21 (mod 59) = 45 45 41 (mod 59) = 48 48 47 (mod 59) = 36 36 59 17 21 41 47 Why does it work? In the three-pass protocol, the “locks” are random numbers that satisfy specific properties

12 When dealing with numbers mod n, we can deal with their exponents mod _____ So… Given integers a and b, Given integers a and b, Since aa -1 =bb -1 =1(mod p-1) Since aa -1 =bb -1 =1(mod p-1) …what’s K (aba -1 b -1 ) (mod p)? …what’s K (aba -1 b -1 ) (mod p)? The basic principle relates the moduli of the expressions to the moduli in the exponents

13 Why isn’t this used in key exchange today? Trappe and Washington say that it’s vulnerable to an “intruder-in-the-middle” attack. Think about this…

14 We’ll revisit 3.7 (primitive roots) and 3.11 (fields) later The rest is more number theory fun. Tomorrow we start DES You are now prepared to read as much of the rest of chapter 3 as you like

15 Maybe Alice and Bob’s exchange wasn’t as secure as they thought… http://xkcd.com/c177.html Yet one more reason I’m barred from speaking at crypto conferences.

Download ppt "Announcements: Computer exam next class Computer exam next classQuestions? DTTF/NB479: DszquphsbqizDay 10."

Similar presentations

Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.

Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.
Announcements: 1. Congrats on reaching the halfway point once again! 2. DES graded soon 3. Short “pop” quiz on Ch 3. (Thursday at earliest) 4. Reminder:

Announcements: 1. Congrats on reaching the halfway point once again! 2. DES graded soon 3. Short “pop” quiz on Ch 3. (Thursday at earliest) 4. Reminder:
22C:19 Discrete Structures Integers and Modular Arithmetic

22C:19 Discrete Structures Integers and Modular Arithmetic
BY : Darshana Chaturvedi.  INTRODUCTION  RSA ALGORITHM  EXAMPLES  RSA IS EFFECTIVE  FERMAT’S LITTLE THEOREM  EUCLID’S ALGORITHM  REFERENCES.

BY : Darshana Chaturvedi.  INTRODUCTION  RSA ALGORITHM  EXAMPLES  RSA IS EFFECTIVE  FERMAT’S LITTLE THEOREM  EUCLID’S ALGORITHM  REFERENCES.
22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.

22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.
Lecture 3.3: Public Key Cryptography III CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 3.3: Public Key Cryptography III CS 436/636/736 Spring 2012 Nitesh Saxena.
7. Asymmetric encryption-

7. Asymmetric encryption-
Announcements: Programming exam next Thursday on breaking codes from chapter 2 Programming exam next Thursday on breaking codes from chapter 2 Written.

Announcements: Programming exam next Thursday on breaking codes from chapter 2 Programming exam next Thursday on breaking codes from chapter 2 Written.
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
Announcements: Subscribe to Angel forums Subscribe to Angel forumsQuestions? Roll Call Today: affine ciphers DTTF/NB479: DszquphsbqizDay 2.

Announcements: Subscribe to Angel forums Subscribe to Angel forumsQuestions? Roll Call Today: affine ciphers DTTF/NB479: DszquphsbqizDay 2.
Announcements: See schedule for weeks 8 and 9 See schedule for weeks 8 and 9 Project workdays, due dates, exam Project workdays, due dates, exam Projects:

Announcements: See schedule for weeks 8 and 9 See schedule for weeks 8 and 9 Project workdays, due dates, exam Project workdays, due dates, exam Projects:
Announcements: Matlab: tutorial available at Matlab: tutorial available at

Announcements: Matlab: tutorial available at Matlab: tutorial available at
CNS2010handout 8 :: introduction to number theory1 computer and network security matt barrie.

CNS2010handout 8 :: introduction to number theory1 computer and network security matt barrie.
Announcements: 1. Term project groups and topics due tomorrow midnight Waiting for posts from most of you. Questions? This week: Primality testing, factoring.

Announcements: 1. Term project groups and topics due tomorrow midnight Waiting for posts from most of you. Questions? This week: Primality testing, factoring.
Attacks on Digital Signature Algorithm: RSA

Attacks on Digital Signature Algorithm: RSA
HW6 due tomorrow Teams T will get to pick their presentation day in the order Teams T will get to pick their presentation day in the orderQuestions? Review.

HW6 due tomorrow Teams T will get to pick their presentation day in the order Teams T will get to pick their presentation day in the orderQuestions? Review.
Announcements: HW4 – DES due midnight HW4 – DES due midnight So far the record is less than 15 sec on 1 million iters Quiz on ch 3 postponed until after.

Announcements: HW4 – DES due midnight HW4 – DES due midnight So far the record is less than 15 sec on 1 million iters Quiz on ch 3 postponed until after.
Announcements: Get your ch 1-2 quiz if you haven’t. Get your ch 1-2 quiz if you haven’t. Grading change: Grading change: Homeworks are mixed programming.

Announcements: Get your ch 1-2 quiz if you haven’t. Get your ch 1-2 quiz if you haven’t. Grading change: Grading change: Homeworks are mixed programming.
Announcements: Class is cancelled Thurs+Fri while I’m at the SIGCSE conference Class is cancelled Thurs+Fri while I’m at the SIGCSE conference Assignment.

Announcements: Class is cancelled Thurs+Fri while I’m at the SIGCSE conference Class is cancelled Thurs+Fri while I’m at the SIGCSE conference Assignment.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Similar presentations

Ads by Google