Presentation is loading. Please wait.

Presentation is loading. Please wait.

CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz."— Presentation transcript:

1 CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz

2 One-time pad  The one-time pad achieves perfect secrecy  But, it has a number of drawbacks –Key size equal to message size –Can only be used once –Insecure under chosen-plaintext attack  Unfortunately, these drawbacks are inherent if we want perfect secrecy

3 A weaker security guarantee  Instead of requiring that no adversary can learn anything about the plaintext…  …require that no adversary running in a “reasonable amount of time” can learn anything about the plaintext except with “very small probability” –“Reasonable time” = 10 6 years –“Very small probability” = 2 -64 –Computational security

4 A simpler characterization  Equivalent to the following, simpler definition: –Given a ciphertext C which is known to be an encryption of either M 0 or M 1, no adversary running in a reasonable amount of time can guess correctly which message was encrypted with probability significantly better than ½.

5 The take-home message  Weakening the definition slightly allows us to construct much more efficient schemes!  Strictly speaking, no longer 100% absolutely guaranteed to be secure –Security of encryption now depends on security of building blocks (which are analyzed extensively, and are assumed to be secure) –Given enough time, the scheme can be broken

6 Attacks  As always, we can couple our security notion with a variety of attacks –Ciphertext only –Known plaintext –Chosen plaintext –Chosen ciphertext (includes chosen plaintext attacks)

7 Attacks…  The default standard is security against chosen-plaintext attacks  Security against chosen-ciphertext attacks is increasingly required  Note that the one-time pad is insecure even against known-plaintext attack

8 Randomized encryption  To be secure against chosen-plaintext attack, encryption must be randomized –We will see later how this comes into play  Moral: always use randomized encryption!

9 Block ciphers  Keyed permutation; input/output length  Large key space  Modeled as a (family of) random permutations…  Example – “trivial” encryption: –C = F K (m) –This is not randomized…

10 Modes of encryption  ECB –C i = F K (m i )  CBC –C i = F K (m i  C i-1 )  OFB (stream cipher mode) –z i = F K (z i-1 ); C i = z i  m i  CFB (stream cipher mode) –z i = F K (C i-1 ); C i = z i  m i

11 Security?  All previous modes (except ECB) are secure against chosen-plaintext attacks –ECB is deterministic…

Download ppt "CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz."

Similar presentations

“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 4 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 4 Jonathan Katz.
CIS 5371 Cryptography 3b. Pseudorandomness.

CIS 5371 Cryptography 3b. Pseudorandomness.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Web Security for Network and System Administrators1 Chapter 4 Encryption.

Web Security for Network and System Administrators1 Chapter 4 Encryption.
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.

Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea 34901784 443099

Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea
CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
CMSC 456 Introduction to Cryptography

CMSC 456 Introduction to Cryptography
CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.
Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from

Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from
Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.

Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Foundations of Network and Computer Security J J ohn Black Lecture #5 Sep 6 th 2005 CSCI 6268/TLEN 5831, Fall 2005.

Foundations of Network and Computer Security J J ohn Black Lecture #5 Sep 6 th 2005 CSCI 6268/TLEN 5831, Fall 2005.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.

Similar presentations

Ads by Google