Presentation is loading. Please wait.

Presentation is loading. Please wait.

Universal Guessing with Applications to Cipher Systems A Report on Progress DRDO-IISc PME Rajesh Sundaresan ECE Department 14 March 2008 TexPoint fonts.

Published byBertha Henry Modified over 9 years ago

Similar presentations

Presentation on theme: "Universal Guessing with Applications to Cipher Systems A Report on Progress DRDO-IISc PME Rajesh Sundaresan ECE Department 14 March 2008 TexPoint fonts."— Presentation transcript:

1 Universal Guessing with Applications to Cipher Systems A Report on Progress DRDO-IISc PME Rajesh Sundaresan ECE Department 14 March 2008 TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AA A

2 A Cipher System Eve guesses K in decreasing order of its probabilities K of length n, from an i.i.d. source with letter PMF P –Requires ~ 2 nH 1/2 (P) guesses –H 1/2 (P) : Rényi entropy, an analogue to Shannon entropy K MM C Eve

3 Let’s hide the parameters of the source we use to generate our key stream … Our bag of sources is not perfect. What shall we do? If your bag is made of i.i.d. sources, hiding won’t help! A bigger bag of sources with memory doesn’t help either …

4 Measures of performance Growth rate of moments Tail probabilities behaviour Compare with that when source parameters known

5 Hiding source information If the set of sources is i.i.d.: –Eve has an asymptotically optimal guessing strategy [Arikan-Merhav 1998, S2007] If the set is made of a fixed fraction of tosses from one coin and remaining from another coin –Hiding the sequence of coin pickings helps [S2007] If the set of sources is unifilar? Or finite-state Markov? Stationary and ergodic? –k th order Markov is a unifilar source

6 Methodology In [S2007] established connections in the expectations sense between source compression and guessing LZ source compression is universal –Guess in the increasing order of compression lengths Plan: –First year: key rate = 1 –Second year: key rate < 1 UnifilarFinite-state Markov Explicit answersBounds Explicit answersBounds

7 Refinements Compression and guessing are tightly related –For any class of sources, if there is an asymptotically optimal compression strategy to minimise, there is an asymptotically optimal guessing strategy and vice versa. –For R < 1, analogous results with a saturated cost of encoding. –Performance explicitly characterised for unifilar sources for guessing moment criterion and large deviations criterion –Attacks based on increasing Lempel-Ziv lengths of messages yields an asymptotically optimal attack strategy for FSM sources with a redundancy of O(log log n / log n) –Attacks based on increasing MDL of messages yields an asymptically optimal attack for unifilar sources with a redundancy of O(log n / n) –Both attack strategies are competitively optimal

8 Ongoing work Imperfect key bits (SAG input) Guessing subject to distortion? –Connections to rate-distortion theory –Applications to searches in large data bases –A little more theory Sources with arbitrary alphabet spaces Deeper connections with large deviations theory Statistical analysis of password protected systems

9 Publications and interactions Journal –R.Sundaresan, “Guessing under source uncertainty”, IEEE Trans. on Inform. Th., Jan. 2007 –R.Sundaresan, “Guessing based on length functions for a Shannon cipher system”, to be submitted to Sadhana Conferences –R.Sundaresan, “Guessing based on length functions”, ISIT 2007, June 2007 –R.Sundaresan, “Guessing based on length functions for a Shannon cipher system”, MCDES 2008, May 2008 Technical Report –R.Sundaresan, “Guessing based on length functions”, Feb 2007, revised Nov 2007 Invited articles –R.Sundaresan, “An introduction to guessing”, Chakravyuh, expository article, to be published, mid-2008 Under preparation: Guessing and compression : Under preparation – to include rate-distortion Visits with SAG –Talk: January 2007 –Discussion: September 2007 Manpower training: –One Project Assistant: October 2006 – June 2007 –One Project Assistant: September 2007 – present (Manjesh Kumar, formerly employed by CAIR)

10 Password-Protected Systems N users, lock-password after 3 failed attempts –H(X 1 ) = 4, H(X i | X i-1 ) = 2, i > 1 NIST Electronic Authentication Guideline Why? Easy to remember –Weak passwords: “password”, 1/1000 picks one of two most frequent passwords Access to system in 700 tries, w.p. ½ –Promptings to use special characters results in simple choices Models for password choices? Asymptotics as N grows? Relationship with entropies? Impact: Quantitative evaluation of security levels

Download ppt "Universal Guessing with Applications to Cipher Systems A Report on Progress DRDO-IISc PME Rajesh Sundaresan ECE Department 14 March 2008 TexPoint fonts."

Similar presentations

Lecture 2: Basic Information Theory TSBK01 Image Coding and Data Compression Jörgen Ahlberg Div. of Sensor Technology Swedish Defence Research Agency (FOI)

Lecture 2: Basic Information Theory TSBK01 Image Coding and Data Compression Jörgen Ahlberg Div. of Sensor Technology Swedish Defence Research Agency (FOI)
Michael Alves, Patrick Dugan, Robert Daniels, Carlos Vicuna

Michael Alves, Patrick Dugan, Robert Daniels, Carlos Vicuna
Huffman code and ID3 Prof. Sin-Min Lee Department of Computer Science.

Huffman code and ID3 Prof. Sin-Min Lee Department of Computer Science.
Small Subgraphs in Random Graphs and the Power of Multiple Choices The Online Case Torsten Mütze, ETH Zürich Joint work with Reto Spöhel and Henning Thomas.

Small Subgraphs in Random Graphs and the Power of Multiple Choices The Online Case Torsten Mütze, ETH Zürich Joint work with Reto Spöhel and Henning Thomas.
Paul Cuff THE SOURCE CODING SIDE OF SECRECY TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AA.

Paul Cuff THE SOURCE CODING SIDE OF SECRECY TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AA.
PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY Information Theory for Secrecy and Control.

PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY Information Theory for Secrecy and Control.
SIMS-201 Compressing Information. 2  Overview Chapter 7: Compression Introduction Entropy Huffman coding Universal coding.

SIMS-201 Compressing Information. 2  Overview Chapter 7: Compression Introduction Entropy Huffman coding Universal coding.
NON-MALLEABLE EXTRACTORS AND SYMMETRIC KEY CRYPTOGRAPHY FROM WEAK SECRETS Yevgeniy Dodis and Daniel Wichs (NYU) STOC 2009.

NON-MALLEABLE EXTRACTORS AND SYMMETRIC KEY CRYPTOGRAPHY FROM WEAK SECRETS Yevgeniy Dodis and Daniel Wichs (NYU) STOC 2009.
CWIT 2005 1 Robust Entropy Rate for Uncertain Sources: Applications to Communication and Control Systems Charalambos D. Charalambous Dept. of Electrical.

CWIT Robust Entropy Rate for Uncertain Sources: Applications to Communication and Control Systems Charalambos D. Charalambous Dept. of Electrical.
Entropy Rates of a Stochastic Process

Entropy Rates of a Stochastic Process
Department of Computer Science, University of Maryland, College Park, USA TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.:

Department of Computer Science, University of Maryland, College Park, USA TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.:
Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea 34901784 443099

Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea
PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY A Framework for Partial Secrecy.

PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY A Framework for Partial Secrecy.
Fundamental limits in Information Theory Chapter 10 :

Fundamental limits in Information Theory Chapter 10 :
1 Authentication CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 11, 2004.

1 Authentication CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 11, 2004.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Foundations of Network and Computer Security J J ohn Black Lecture #3 Aug 28 th 2009 CSCI 6268/TLEN 5550, Fall 2009.

Foundations of Network and Computer Security J J ohn Black Lecture #3 Aug 28 th 2009 CSCI 6268/TLEN 5550, Fall 2009.
Lattices for Distributed Source Coding - Reconstruction of a Linear function of Jointly Gaussian Sources -D. Krithivasan and S. Sandeep Pradhan - University.

Lattices for Distributed Source Coding - Reconstruction of a Linear function of Jointly Gaussian Sources -D. Krithivasan and S. Sandeep Pradhan - University.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
Shannon ’ s theory part II Ref. Cryptography: theory and practice Douglas R. Stinson.

Shannon ’ s theory part II Ref. Cryptography: theory and practice Douglas R. Stinson.

Similar presentations

Ads by Google