Presentation is loading. Please wait.

Presentation is loading. Please wait.

H14.1 15-Mar-01 Clark Thomborson Software Security CompSci 725 Handout 14: Academic Writing; Introduction to Cryptography Clark Thomborson University of.

Similar presentations

Presentation on theme: "H14.1 15-Mar-01 Clark Thomborson Software Security CompSci 725 Handout 14: Academic Writing; Introduction to Cryptography Clark Thomborson University of."— Presentation transcript:

1 h14.1 15-Mar-01 Clark Thomborson Software Security CompSci 725 Handout 14: Academic Writing; Introduction to Cryptography Clark Thomborson University of Auckland

2 h14.2 15-Mar-01 Clark Thomborson Moral Rights of an Author In many (but not all!) legal codes, an author has –The right of integrity. An authors words must not be mutilated or distorted (especially if this would damage the authors honor or reputation). –The right of attribution. The true author has the right to have his/her name on the work, and non-authors may not make false claims of authorship. These rights are commonly observed in academic ethics, and may be enforced by contracts. As a student at the University of Auckland, you must honour other authors rights of integrity and attribution, especially avoiding false claims of authorship.

3 h14.3 15-Mar-01 Clark Thomborson Effectively Using Direct Quotations U of Richmond Writers Web This is a guide to academic style, showing you how to –Make clear attributions to the true author, –Avoid making false claims of authorship for yourself, and –Adjust the authors words, to suit the context of your writing. A direct quotation is an exact copy of another authors words. –You must cite the true author. –You may omit words before, after, or in the middle of the quoted passage. All changes must be clearly marked. –You may alter words, by using square brackets: [Nero] was the maddest of them all. (Smith 32) –You must avoid misrepresenting the … authors opinion.

4 h14.4 15-Mar-01 Clark Thomborson When to Use Direct Quotes The U of Richmond Writers Web recommends you Use a Quotation: –to emphasize a point youve made. –to provide an example. –to show an authors intention. –to show how historical figures spoke or thought. Which (if any) of these reasons support my decision to directly quote the Writers Web on this slide? My advice for technical writing: –You may use a direct quotation for definitions and lists. –Dont quote someone elses explanation unless you analyze it in your text. –Use paraphrase and summary much more often than direct quotation.

5 h14.5 15-Mar-01 Clark Thomborson Academic Honesty Our department recently published guidelines for honesty in our Undergraduate Guide online at These guidelines will appear in next years hardcopy. Are the following guidelines for honesty an assertion of a right to integrity or a right to attribution? [In] assignments and research, you gain credit for your own work. …[so] it is dishonest to present other peoples work as though it were your own. Getting help in understanding from staff and tutors. Plagiarism is the inclusion in your assignment of material copied or closely paraphrased from someone elses writings … without an explicit indication of the source of the material. It is … cheating.

6 h14.6 15-Mar-01 Clark Thomborson Paraphrasing A direct quotation: Simply put, PARAPHRASING is putting an authors work into your own words. … While not plagiarism if done right, it would show little or no creativity and receive an appropriate grade. [M Spears, on 14 March 2001] A paraphrase: You may show a little creativity by rewording (without plagiarizing) part or all of another paper. You can create an appropriate paraphrase, by considering –what your reader is likely to know already and –what your reader needs to know, in order to understand your argument, or point of view. (So … you must have a point of view!) You can show quite a bit of creativity by appropriately paraphrasing several authors, to support a novel point of view.

7 h14.7 15-Mar-01 Clark Thomborson Summarization A summary is a brief statement giving the main points [Thorndike-Barnhard Dictionary, 1955]. One technique for summarization is to write one sentence for each paragraph (or section) in an article. An extended form of the right to integrity protects the artistic impression of a work. So … –You might seek the original authors consent before publishing a new artistic work that includes a summary, paraphrase or other adaptation of another poem, picture, or other work of art. –Academic writings are not considered to be artistic: you dont need an academic authors consent to summarise or paraphrase their work!

8 h14.8 15-Mar-01 Clark Thomborson Other Moral Rights (not mentioned in Berne Convention) The right of disclosure: the author has the final decision on when and where to publish… the right to withdraw or retract: … the author may purchase at wholesale price all of the remaining copies of the authors work, then prevent printing of more copies… the right to reply to criticism: … a right to reply to a critic and have the reply published in the same place as the critics expression. [ Standler, internet essay, 29 May 1998. Available:, March 2001 ] rights to anonymous and pseudonymous publication. [ Cotter, 76 N.C.L. Rev. 1, Nov. 1997. Available: metaschool/Fisher/integrity/Links/Articles/cotter.html, March 2001] metaschool/Fisher/integrity/Links/Articles/cotter.html

9 h14.9 15-Mar-01 Clark Thomborson Applied Cryptography (2 nd Ed.) Bruce Schneier Suppose a sender wants to send a message to a receiver. Moreover, this sender wants to send the message securely: She wants to make sure an eavesdropper cannot read the message. Exercise 1. Draw a picture of this scenario. Exercise 2. Which of Pfleegers four threats is a concern to this sender?

10 h14.10 15-Mar-01 Clark Thomborson Plaintext, ciphertext, encryption, decryption: Cryptography: the art (science) of keeping messages secure. Cryptanalysts seek to break cyphertexts (that is, to discover the plaintext, given the cyphertext). Terminology of Cryptography Encryption Decryption Sender Receiver plaintext cyphertext

11 h14.11 15-Mar-01 Clark Thomborson A Simple Encryption Scheme Rot(k,s) : rotate each character in string s by k: { for( i=0; i<len(s); i++ ) s[i] = ( s[i] + k ) mod 26; return(s); } Exercise: write the corresponding decryption routine. Exercise: how many keys must you try, before you can break a ciphertext Rot(k,s)? This is a (very weak) secret-key encryption scheme, where the secret key is k.

12 h14.12 15-Mar-01 Clark Thomborson Symmetric and Public-Key Encryption If the decryption key k d can be computed from the encryption key k e, then the algorithm is called symmetric. Question: is Rot(k,s) a symmetric cipher? If the decryption key k d cannot be computed (in a reasonable amount of time) from the encryption key k e, then the algorithm is called asymmetric or public- key. The subscripts on k d and k e are usually omitted.

13 h14.13 15-Mar-01 Clark Thomborson Algebraic Notation for Cryptography The encryption function is E( ) or E k ( ). The decryption function is D( ) or D k ( ). The receiver can read the message only if D(E(M)) = M. In public-key cryptography, –We let everyone know our public-key k e. –We let our friends know the corresponding private-key k d. –Only friends can decrypt messages encoded with E ke ( ). –Anyone can encrypt messages using E ke ( ).

14 h14.14 15-Mar-01 Clark Thomborson Authentication in PK Cryptography We can sign messages, using E kd ( ) to encrypt with our secret (private) key k d. Anyone can verify our signature, by looking up our public key k e and computing D ke ( ). We want more than one public/private key pair, otherwise friends could forge our k d signature. –Authority-to-sign k d authority-to-read k d A public key infrastructure (PKI) will help us discover other peoples public keys k e, k e, … Public key cryptography can provide integrity and non- repudiation, in addition to authentication, for messages.

15 h14.15 15-Mar-01 Clark Thomborson Types of Cryptographic Attack A ciphertext may be broken by… –Discovering the restricted algorithm (if the algorithm doesnt require a key). –Discovering the key by non-cryptographic means (bribery, theft, just asking). –Discovering the key by brute-force search (through all possible keys). –Discovering the key by cryptanalysis based on other information, such as known pairs of (plaintext, ciphertext). The weakest point in the system may not be its cryptography! (See Schneiers latest book.)

16 h14.16 15-Mar-01 Clark Thomborson Steganography Steganography serves to hide secret messages in other messages, such that the secrets very existence is concealed. [Schneier] A cryptanalyst is given a ciphertext, and possibly some additional information such as key frequencies, cipher- plaintext pairs, black-box encrypters, etc. They are typically asked to discover the corresponding plaintext. A steganalyst is given a (large) collection of messages. They are typically asked to discover if any of these messages contains a secret message. If the secret message is a ciphertext, cryptanalysis is required to read the secret plaintext.

Download ppt "H14.1 15-Mar-01 Clark Thomborson Software Security CompSci 725 Handout 14: Academic Writing; Introduction to Cryptography Clark Thomborson University of."

Similar presentations

Ads by Google