Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 CIS 5371 Cryptography 3. Private-Key Encryption and Pseudorandomness B ased on: Jonathan Katz and Yehuda Lindel Introduction to Modern Cryptography.

Published byTracy Tucker Modified over 9 years ago

Similar presentations

Presentation on theme: "1 CIS 5371 Cryptography 3. Private-Key Encryption and Pseudorandomness B ased on: Jonathan Katz and Yehuda Lindel Introduction to Modern Cryptography."— Presentation transcript:

1 1 CIS 5371 Cryptography 3. Private-Key Encryption and Pseudorandomness B ased on: Jonathan Katz and Yehuda Lindel Introduction to Modern Cryptography

2 2 A Computational Approach to Cryptography The principal of Kerchoffs essentially says that it is not necessary to use a perfectly-secret encryption scheme, but instead it suffices to use a scheme that cannot be broken in reasonable time with any reasonable probability of success.

3 3 A Computational Approach to Cryptography That is, it suffices to use an encryption scheme that can be broken in theory but that cannot be broken in practice with probability better than 10 30 in 200 years using the fastest available supercomputer.

4 4 A Computational Approach 1.Security is only preserved against efficient adversaries 2.Adversaries can potentially succeed with some very small probability (small enough so that we are not concerned that it will ever really happen)

5 5 A concrete approach

6 6 The asymptotic approach

7 7 The asymptotic approach

8 8

9 9 The asymptotic approach – an example

10 10 The asymptotic approach – an example

11 11 The asymptotic approach – an example

12 12 The asymptotic approach – an example The asymptotic approach has the advantage of not depending on any specific assumptions regarding, e.g., the type of computer an adversary will use.

13 13 Efficient Algorithms

14 14 Efficient Algorithms Generating randomness There are a number of ways random bits are obtained in practice. One solution is to use a hardware random number generator that generates random bit- streams based on certain physical phenomena like thermal/electrical noise or radioactive decay. Another possibility is to use software random number generators which generate random bit- streams based on unpredictable behavior such as the time between key-strokes, movement of the mouse, hard disk access times, and so on.

15 15 Efficient Algorithms Generating randomness Some modern operating systems provide functions of this sort. Note that, in either of these cases, the underlying unpredictable event is unlikely to directly yield uniformly-distributed bits, and so further processing of the initial bit- stream is needed. Techniques for doing this are complex and poorly understood.

16 16 Efficient Algorithms Generating randomness One must careful in how random bits are chosen, and the use of badly designed or inappropriate random number generators can often leave a good cryptosystem vulnerable to attack. Particular care must be taken to use a random number generator that is designed for cryptographic use, rather than a general-purpose random number generator which may be fine for some applications but not cryptographic ones

17 17 Negligible Success

18 18 Negligible Success

19 19 Proofs by Reduction Strategy 1. Assume that some low-level problem is hard to solve. 2. Then prove that the construction in question is secure given this assumption.

20 20 Proofs by Reduction The proof that a given construction is secure as long as some underlying problem is hard generally proceeds by presenting an explicit reduction showing how to convert any efficient adversary A that succeeds in breaking the construction with non-negligible probability into an efficient algorithm A’ succeeds in solving the problem that was assumed to be hard.

21 21 Proofs by Reduction

22 22 Proofs by Reduction Instance  of  BreakSolution to x

23 23 Computationally Secure Encryption

24 24 Computationally Secure Encryption

25 25 Computationally Secure Encryption

26 26 Computationally Secure Encryption

27 27 Computationally Secure Encryption

28 Theorem 28

29 Proof of Theorem We shall reduce the “indistinguishability of the bits of encrypted messages” to the “indistinguishability of the encryptions of the messages” in the presence of an eavesdropper. 29

30 30 Adversary A Protocol , being analyzed

31 31 Proof, in detail

32 32 Proof of theorem– by reduction Adversary A ( bit distinguisher ) Algorithm A’ ( message distinguisher )

33 Semantic Security 33

34 Semantic Security: Definition 34

35 Semantic Security: Theorem A private-key encryption scheme has indistinguishable encryptions in the presence of an eavesdropper if and only if, it is semantically secure in the presence of an eavesdropper. 35

Download ppt "1 CIS 5371 Cryptography 3. Private-Key Encryption and Pseudorandomness B ased on: Jonathan Katz and Yehuda Lindel Introduction to Modern Cryptography."

Similar presentations

Foundations of Cryptography Lecture 10 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 10 Lecturer: Moni Naor.
CMSC 414 Computer (and Network) Security Lecture 4 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 4 Jonathan Katz.
CS555Topic 191 Cryptography CS 555 Topic 19: Formalization of Public Key Encrpytion.

CS555Topic 191 Cryptography CS 555 Topic 19: Formalization of Public Key Encrpytion.
11 Provable Security. 22 Given a ciphertext, find the corresponding plaintext.

11 Provable Security. 22 Given a ciphertext, find the corresponding plaintext.
CIS 5371 Cryptography 3b. Pseudorandomness.

CIS 5371 Cryptography 3b. Pseudorandomness.
Cryptography: The Landscape, Fundamental Primitives, and Security David Brumley Carnegie Mellon University.

Cryptography: The Landscape, Fundamental Primitives, and Security David Brumley Carnegie Mellon University.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Foundations of Cryptography Lecture 13 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 13 Lecturer: Moni Naor.
1 CIS 5371 Cryptography 4. Collision Resistant Hash Functions B ased on: Jonathan Katz and Yehuda Lindell Introduction to Modern Cryptography.

1 CIS 5371 Cryptography 4. Collision Resistant Hash Functions B ased on: Jonathan Katz and Yehuda Lindell Introduction to Modern Cryptography.
Yan Huang, Jonathan Katz, David Evans University of Maryland, University of Virginia Efficient Secure Two-Party Computation Using Symmetric Cut-and-Choose.

Yan Huang, Jonathan Katz, David Evans University of Maryland, University of Virginia Efficient Secure Two-Party Computation Using Symmetric Cut-and-Choose.
Computability and Complexity 20-1 Computability and Complexity Andrei Bulatov Random Sources.

Computability and Complexity 20-1 Computability and Complexity Andrei Bulatov Random Sources.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
CMSC 456 Introduction to Cryptography

CMSC 456 Introduction to Cryptography
CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.
The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.

The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.
CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.
Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from

Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from

Similar presentations

Ads by Google