Download presentation

1
**CMSC 456 Introduction to Cryptography**

Jonathan Katz

2
**Overview of exam The exam is cumulative**

More emphasis on material covered in the second half of the semester Focus on understanding and application, less on being clever Please read instructions, and describe attacks or constructions clearly and unambiguously

3
**Chapter 1 Historical private-key encryption schemes**

Why did we talk about these? Modern cryptography Definitions Assumptions Proofs

4
**Chapter 2 Perfect secrecy The one-time pad**

Limitations of perfect secrecy Key as long as the message Key can only be used once No security against chosen-plaintext attacks Need pre-shared key!

5
**Chapter 3a Computational security Private-key encryption Definitions:**

Indistinguishability in the presence of an eavesdropper Multiple-message indistinguishability CPA-security CCA-security

6
**Chapter 3b Primitives Encryption schemes Pseudorandom generators**

Pseudorandom functions (block ciphers) AES, 3DES, (DES) Encryption schemes “Pseudo one-time pad” Deterministic encryption? Basic CPA-secure encryption scheme Modes of encryption

7
**Chapter 4a Message authentication codes, defining security**

Collision-resistant hash functions SHA-1 Birthday attacks (other applications?) Constructions Basic construction for short messages HMAC CBC-MAC

8
**Chapter 4b Privacy + message authentication, CCA-security**

Encrypt-then-authenticate Why are the other alternatives problematic?

9
**Chapter 5 Definition of pseudorandomness…**

Concrete security requirements Substitution-permutation networks Attacks on reduced-round SPNs AES Feistel networks Attacks on reduced-round Feistel networks DES Increasing key length 3DES Meet-in-the-middle attacks

10
**Chapter 7 Modular arithmetic, group theory, cyclic groups, generators**

ZN, Z*N, (N) Generating random primes Factoring assumption, RSA assumption, discrete logarithm assumption, Diffie-Hellman assumptions One-way functions, examples

11
**Chapter 9 What are the limitations of private-key crypto?**

Why did we bother studying private-key crypto at all? Key exchange Definition of security Diffie-Hellman key exchange

12
**Chapter 10a Public-key encryption Definitions Hybrid encryption**

Indistinguishability = CPA-security Deterministic encryption? CCA-security Why important Hybrid encryption

13
**Chapter 10b RSA encryption El Gamal encryption Textbook RSA Padded RSA**

Why is it insecure? Padded RSA El Gamal encryption What assumption is it based on?

14
**Chapter 12a Digital signatures Definition of security RSA signatures**

Advantages relative to MACs? Definition of security RSA signatures Textbook RSA Why is it insecure? Hashed RSA

15
**Chapter 12b Hash-and-sign 1-time signatures, Lamport’s scheme**

PKI, certificates

16
**The real world Pseudorandom functions (block ciphers)**

AES, 3DES Collision-resistant hash function SHA-1, others (NIST competition) Private-key encryption E.g., CBC mode, others for CPA-security Encrypt-then-authenticate for CCA-security Message authentication codes HMAC, CBC-MAC, others

17
**The real world Key exchange Public-key encryption Signature schemes**

(Authenticated) Diffie-Hellman Public-key encryption (Variants of) padded RSA El Gamal encryption CCA-secure schemes Signature schemes (Variants of) hashed RSA DSS (we did not cover)

Similar presentations

© 2020 SlidePlayer.com Inc.

All rights reserved.

To make this website work, we log user data and share it with processors. To use this website, you must agree to our Privacy Policy, including cookie policy.

Ads by Google