Presentation is loading. Please wait.

Presentation is loading. Please wait.

MAT 302: Algebraic Cryptography LECTURE 1 Jan 2, 2012.

Published byScott Clarke Modified over 8 years ago

Similar presentations

Presentation on theme: "MAT 302: Algebraic Cryptography LECTURE 1 Jan 2, 2012."— Presentation transcript:

1 MAT 302: Algebraic Cryptography LECTURE 1 Jan 2, 2012

2 MAT 302: Cryptography from Euclid to Zero-Knowledge Proofs LECTURE 1 Jan 2, 2012

3 Administrivia (see course info sheet) InstructorVinod Vaikuntanathan Location & Hours M 1-2pm, IB 370 W 1-3pm, IB 379 (Tut: F 10-11am, IB 360) Teaching Asst 3073 CCT Building first.last@utoronto.ca (Office hours: W 3-4pm) Ali Mousavidehshikh

4 Administrivia (see course info sheet) Website: http://www.cs.toronto.edu/~vinodv/COURSES/MAT302-S12 Recommended: Christof Paar and Jan Pelzl, Understanding Cryptography: A Textbook for Students and Practitioners, Springer-Verlag. available online from UofT libraries Pre-Requisites (Check often!) Textbook MAT 223 Linear Algebra I MAT 224 Linear Algebra II MAT 301 Groups and Symmetries

5 Administrivia (see course info sheet) Grading: 5 Problem Sets + Midterm + Final Problem Sets35% Typically, due in two weeks Due in the beginning of class on Mondays! Late submission (Wed): -25% Late submission (Fri): -50% Midterm20% Tentative: Wed, Feb 29 (right after the reading week) Final40% TBD Class Participation 5% Ask (many!) questions during class and attend tutorials

6 … now, on to the course …

7 I) Historical Ciphers

8 Euclid (~ 300 BC) Wrote the “Elements” Euclidean algorithm to find the greatest common divisor of two numbers – one of the earliest non-trivial algorithms!

9 A Classical Cryptographic Goal: Secure Communication DWWDFN DW GDZQ ATTACK AT DAWN Solution: Encrypt the message!Decrypt the ciphertext!

10 A Classical Cryptographic Goal: Secure Communication DWWDFN DW GDZQ ATTACK AT DAWN Three Characters: 1) A sender, 2) A receiver and 3) An eavesdropper (adversary)

11 Lesson 1: Asymmetry of Information The sender and receiver must know something that the adversary doesn’t. This is called a cryptographic key

12 The Scytale Device Secret key: Circumference of the cylinder Ciphertext: KMIOILMDLONKRIIRGNOHGWT

13 The Scytale Device EASY TO BREAK! Can you recover the message in TSCRHNITIOPESTHXIAET

14 The Caesar Cipher Julius Ceasar (100-44 BC) Message: ATTACK AT DAWN

15 The Caesar Cipher Julius Ceasar (100-44 BC) Message: ATTACK AT DAWN Secret key: A random number from {1,…,26}, say 3

16 The Caesar Cipher Julius Ceasar (100-44 BC) Message: ATTACK AT DAWN Key: + 3 Ciphertext: ↓↓↓↓↓↓ ↓↓ ↓↓↓↓ DWWDFN DW GDZQ Encryption Secret key: A random number from {1,…,26}, say 3

17 The Caesar Cipher Julius Ceasar (100-44 BC) Ciphertext: DWWDFN DW GDZQ Key: - 3 Message: ↓↓↓↓↓↓ ↓↓ ↓↓↓↓ ATTACK AT DAWN DWWDFN DW GDZQ Decryption Secret key: A random number from {1,…,26}, say 3

18 The Caesar Cipher ALSO EASY TO BREAK! Can you recover the message in IXEVZUMXGVNE

19 Symmetric Encryption Scheme All these are examples of symmetric (also called secret-key) encryption Sender and Receiver use the same key Problem: How did they come up with the shared key to begin with?!

20 Other Symmetric Encryption Schemes VigenereEnigma (1900-1950) (Polyalphabetic Substitution) (Unknown Method)

21 Lesson 2: Kerckhoff’s Principle Security of a Cryptographic Algorithm should rely ONLY on the secrecy of the KEYS, and NOT on the secrecy of the METHOD used. “Do not rely on security through obscurity”

22 A Mathematical Theory of Secrecy Perfect Secrecy and the One-time Pad Claude Shannon (late 1940s) THE GOOD : Unbreakable regardless of the power of the adv. THE BAD : Impractical! Needs very, very long shared keys. THE UGLY: length of key ≥ total length of all messages you ever want to send

23 Lesson 3: Perfect Secrecy is not necessary “Computational Secrecy”: It is enough to achieve secrecy against adversaries running in “reasonable” time! Horst Feistel (early 1970s) Data Encryption Standard (DES) Now superceded by the Advanced Encryption Standard (AES)

24 II) Modern Cryptography

25 Public-Key (Asymmetric) Cryptography Symmetric Encryption needs prior setup! Let’s agree on a key: 110011001 OK

26 Public-Key (Asymmetric) Cryptography Symmetric Encryption just doesn’t scale! (A slice of) the internet graph

27 Public-Key (Asymmetric) Cryptography Bob encrypts to Alice using her Public Key… Alice’s Public Key Alice’s Secret Key *&%&(!%^(! Hello!

28 Public-Key (Asymmetric) Cryptography Alice decrypts using her Secret Key… Alice’s Public Key Alice’s Secret Key *&%&(!%^(! Hello!

29 Two Potent Ingredients Complexity Theory (the hardness of computational problems) Number Theory +

30 Complexity Theory + Number Theory 1) Multiply two 10-digit numbers 2) Factor a 20-digit number (which is a product of two 10-digit primes) 1048909867 X 6475990033 ???? 60427556959701033511 One of these is easy and the other hard. Which is which?

31 Public-key Crypto from Number Theory Merkle, Hellman and Diffie (1976)Shamir, Rivest and Adleman (1978) Discrete Logarithms Factoring Diffie-Hellman Key Exchange RSA Encryption Scheme

32 RSA Encryption RSA: The first and the most popular public-key encryption (Let n be a product of two large primes, e is a public key and d is the secret key)

33 Number Theory Fermat’s Little Theorem Chinese Remainder Theorem Quadratic Reciprocity

34 Number Theoretic Algorithms Euclid’s GCD algorithm: Efficient Algorithms for Exponentiation: Algorithms to Compute Discrete Logarithms:

35 Number Theoretic Algorithms Primality Testing: How to tell if a number is prime? Turns out to be “polynomial time” (i.e., easy) Solovay-Strassen and Miller-Rabin algorithms Factoring: How to factor a number into its prime factors? Dixon’s Algorithm and the “Quadratic Sieve” Conjectured to be hard Euclid’s GCD algorithm: Efficient Algorithms for Exponentiation: Algorithms to Compute Discrete Logarithms:

36 Number Theoretic Algorithms Euclid’s GCD algorithm: Efficient Algorithms for Exponentiation: Algorithms to Compute Discrete Logarithms: efficient Primality Testing: How to tell if a number is prime? Factoring: How to factor a number into its prime factors? Not so efficient

37 Lesson 4: The Importance of being Precise What does it mean for a crypto-system to be “secure”?

38 New Cryptographic Goals: Zero Knowledge I know the proof of the Reimann hypothesis That’s nonsense! Prove it to me I don’t want to, because you’ll plagiarize it!!! Can Bob convince Alice that RH is true, without giving Alice the slightest hint of how he proved RH? Applications: Secure Identification Protocols (e.g., in an ATM)

39 New Cryptographic Goals: Homomorphic Encryption Can you compute on encrypted data? Many applications: Electronic Voting (how to add encrypted votes) Secure “Cloud Computing”

40 New Math: Elliptic Curves Weierstrass Equation: y 2 = x 3 + ax + b

41 Exercise for this week: Watch Prof. Ronald Rivest’s lecture on “The Growth of Cryptography” (see the course webpage for the link)

42 Welcome to MAT 302! Looking forward to an exciting semester!

Download ppt "MAT 302: Algebraic Cryptography LECTURE 1 Jan 2, 2012."

Similar presentations

Cryptography and Network Security Chapter 9

Cryptography and Network Security Chapter 9
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
22C:19 Discrete Structures Integers and Modular Arithmetic

22C:19 Discrete Structures Integers and Modular Arithmetic
MAT 302: Algebraic Cryptography LECTURE 1 Jan 7, 2013.

MAT 302: Algebraic Cryptography LECTURE 1 Jan 7, 2013.
22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.

22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
Introduction to Modern Cryptography Lecture 5 Number Theory: 1. Quadratic residues. 2. The discrete log problem. Intro to Public Key Cryptography Diffie.

Introduction to Modern Cryptography Lecture 5 Number Theory: 1. Quadratic residues. 2. The discrete log problem. Intro to Public Key Cryptography Diffie.
Cryptography Lecture 11: Oct 12. Cryptography AliceBob Cryptography is the study of methods for sending and receiving secret messages. adversary Goal:

Cryptography Lecture 11: Oct 12. Cryptography AliceBob Cryptography is the study of methods for sending and receiving secret messages. adversary Goal:
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Introduction to Modern Cryptography Instructor: Amos Fiat Strongly based on presentation and class by Benny Chor School of Computer Science Tel- Aviv Univ.

Introduction to Modern Cryptography Instructor: Amos Fiat Strongly based on presentation and class by Benny Chor School of Computer Science Tel- Aviv Univ.
CS470, A.SelcukPublic Key Cryptography1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukPublic Key Cryptography1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
CRYPTOGRAPHY WHAT IS IT GOOD FOR? Andrej Bogdanov Chinese University of Hong Kong CMSC 5719 | 6 Feb 2012.

CRYPTOGRAPHY WHAT IS IT GOOD FOR? Andrej Bogdanov Chinese University of Hong Kong CMSC 5719 | 6 Feb 2012.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Theory I Algorithm Design and Analysis (9 – Randomized algorithms) Prof. Dr. Th. Ottmann.

Theory I Algorithm Design and Analysis (9 – Randomized algorithms) Prof. Dr. Th. Ottmann.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Similar presentations

Ads by Google