Introduction to Cryptography

Jiyou Li lijiyou at sjtu.edu.cn

Department of Mathematics, Shanghai Jiao Tong University

Sep. 17th, 2013

Cryptography

Cryptography: the art and science of keeping message secure.

Confidentiality; Authentication; Integrity; Nonrepudiation; Electronic payment; Anonymity; Electronic votes; Zero-knowledge...

Cryptography

Cryptography: the art and science of keeping message secure. Confidentiality;

Authentication; Integrity; Nonrepudiation; Electronic payment; Anonymity; Electronic votes; Zero-knowledge...

Cryptography

Cryptography: the art and science of keeping message secure. Confidentiality; Authentication;

Integrity; Nonrepudiation; Electronic payment; Anonymity; Electronic votes; Zero-knowledge...

Cryptography

Cryptography: the art and science of keeping message secure. Confidentiality; Authentication; Integrity;

Nonrepudiation; Electronic payment; Anonymity; Electronic votes; Zero-knowledge...

Cryptography

Cryptography: the art and science of keeping message secure. Confidentiality; Authentication; Integrity; Nonrepudiation; Electronic payment; Anonymity; Electronic votes; Zero-knowledge...

The Origins of Cryptography

Diplomacy: Zimmerman telegram;

War: Enigma machine, Purple; Individual or corporate privacy; Electronic Commerce...

The Origins of Cryptography

Diplomacy: Zimmerman telegram; War: Enigma machine, Purple;

Individual or corporate privacy; Electronic Commerce...

The Origins of Cryptography

Diplomacy: Zimmerman telegram; War: Enigma machine, Purple; Individual or corporate privacy;

Electronic Commerce...

The Origins of Cryptography

Diplomacy: Zimmerman telegram; War: Enigma machine, Purple; Individual or corporate privacy; Electronic Commerce...

Enigma

Cryptanalysis

Cryptanalysis: the art and science of breaking cipher systems, recovering the plaintext of a message without access to the key. Attack: a attempted cryptanalysis is called an attack.

The n2 Problem; The Kerckhoffs Principle; The Moore Law; The Murphy Law.

Cryptanalysis

Cryptanalysis: the art and science of breaking cipher systems, recovering the plaintext of a message without access to the key. Attack: a attempted cryptanalysis is called an attack.

The n2 Problem;

The Kerckhoffs Principle; The Moore Law; The Murphy Law.

Cryptanalysis

Cryptanalysis: the art and science of breaking cipher systems, recovering the plaintext of a message without access to the key. Attack: a attempted cryptanalysis is called an attack.

The n2 Problem; The Kerckhoffs Principle;

The Moore Law; The Murphy Law.

Cryptanalysis

Cryptanalysis: the art and science of breaking cipher systems, recovering the plaintext of a message without access to the key. Attack: a attempted cryptanalysis is called an attack.

The n2 Problem; The Kerckhoffs Principle; The Moore Law;

The Murphy Law.

Cryptanalysis

Cryptanalysis: the art and science of breaking cipher systems, recovering the plaintext of a message without access to the key. Attack: a attempted cryptanalysis is called an attack.

The n2 Problem; The Kerckhoffs Principle; The Moore Law; The Murphy Law.

Cryptanalytic Attacks

Ciphertext-only attack;

Known plaintext attack ; Chosen plaintext attack; Chosen ciphertext attack.

Cryptanalytic Attacks

Ciphertext-only attack; Known plaintext attack ;

Chosen plaintext attack; Chosen ciphertext attack.

Cryptanalytic Attacks

Ciphertext-only attack; Known plaintext attack ; Chosen plaintext attack;

Chosen ciphertext attack.

Cryptanalytic Attacks

Ciphertext-only attack; Known plaintext attack ; Chosen plaintext attack; Chosen ciphertext attack.

Some Cryptographic Protocols

Bits Commitment;

Key Exchange; Secret Sharing Scheme; Digital Signatures; Cloud Computing Security...

Some Cryptographic Protocols

Bits Commitment; Key Exchange;

Secret Sharing Scheme; Digital Signatures; Cloud Computing Security...

Some Cryptographic Protocols

Bits Commitment; Key Exchange; Secret Sharing Scheme;

Digital Signatures; Cloud Computing Security...

Some Cryptographic Protocols

Bits Commitment; Key Exchange; Secret Sharing Scheme; Digital Signatures;

Cloud Computing Security...

Some Cryptographic Protocols

Bits Commitment; Key Exchange; Secret Sharing Scheme; Digital Signatures; Cloud Computing Security...

A Cryprtographic Communication Model

Encryption: A key

Ciphertext

Plaintext

Channel Ciphertext

Decryption: A key

Plaintext

&% '$ Eve!

� �

� �

B B

B B

The History of Cryptography

1. B.C.?-1949: Classical Cryptography (Substitutions and permutations); 2. 1949-1976: Symmetric Cryptography (Block Dipher and Stream Cipher, based on Shannon’s Theorem); 3. 1976-present: Modern Cryptography (Public-Key and asymmetric...).

Caesar Cipher

ABCDEFGHIJKLMNOPQRSTUVWXYZ Key = 3 DEFGHIJKLMNOPQRSTUVWXYZABC Plaintext: JIAOTONGUNIVERSITY Encryption: Shift by KEY = 3 Ciphertext: MLDRWRQJXQLYHUVLWB Decryption: Shift backwards by KEY = 3

Vigenere Cipher

Plaintext: thi sis adu mmy mes sag e Key: ABC ABC ABC ABC ABC ABC A Ciphertext: TIK SJU AEW MNA MFU SBI E Decryption: "Subtract0the key ABC from ciphertext mod 26.

Vernam Ciphers

Plaintext: MATHISUSEFULANDFUN Key: NGUJKAMOCTLNYBCIAZ Encryption: /Add0key to message mod 26 Ciphertext: BGO,.. Decryption: /Subtract0key from ciphertext mod 26.

Permutation Cipher

Example: Plaintext: JIAOTO NGUNIV ERSITY Encryption: Group action by KEY =(135246) Ciphertext: OTJIAO VINGUN YTERSI Decryption: Inverse action by KEY =(164253)

Hebern machine

Enigma: invented by Arthur Scherbius

Rotors

Reflector

Plugboard

Electrical pathway

Electrical pathway

Mathematics in Enigma

E(xi) = P ◦ Ri1 ◦ Mi2 ◦ Li3 ◦ U ◦ L −1 i3

◦ M−1i2 ◦ R −1 i1

◦ P−1(xi),

where P, R, M, L, U ∈ S26, Ri1 = ρ−i ◦ R ◦ ρi and U is a convolution.

Bomber

A Cipher

1. A plaintext space M, a ciphertext space C and a key space K; 2. A key generation algorithm; 3. An encryption algorithm E; 4. A decryption algorithm D.

Do we have unconditionally secure encryption?

Theorem Perfect secrecy is equivalent to H(M|C) = H(M) and to the statistic independence between M and C.

Theorem (Shannon, 1949) Perfect secrecy implies H(K ) ≥ H(M).

One-Time Pads: Vernam Ciphers

Plaintext: MATHISUSEFULANDFUN Key: NGUJKAMOCTLNYBCIAZ Encryption: /Add0key to message mod 26 Ciphertext: BGO,.. Decryption: /Subtract0key from ciphertext mod 26.

One-Time Pads

One-Time Pads is unconditionally secure;

Problem: Exchanging the key; There are some clever ways to exchange the key; we will study some of them!

One-Time Pads

One-Time Pads is unconditionally secure; Problem: Exchanging the key;

There are some clever ways to exchange the key; we will study some of them!

One-Time Pads

One-Time Pads is unconditionally secure; Problem: Exchanging the key; There are some clever ways to exchange the key; we will study some of them!

Stream Ciphers

1. Making OTP practical; 2. Idea: replace "random" key by "pseudorandom" key; 3. The security depend on specific pseudorandom generators.

Public-Key Cryptography (1976-)

Discovered by Diffie & Hellman (1976) and now known at GCHQ years before; Uses one-way (asymmetric) functions, public keys, and private keys; Mainly based on two hard problems: Factoring large integers and the discrete logarithm problem.

Coding Theory and Cryptography

Cryptography needs reliability

Mathematics in Cryptography

Linear Algebra Abstract Algebra Number Theory Algebraic Geometry Probability Statistics Combinatorics Computing...

References

1. A classical introduction to modern cryptography, S. Vaudenay, Springer, 2005. 2. èÆ�Ú,¾�I�½Í,ÆÑ�, 1999.

Exercises

4. Suppose the one time pad encryption of the message "attackatdawn" is "wxtygcjmxenf". What is the one time pad encryption of the message "attackatdusk" under the same key? 5. Let M = C = K = {0, 1, . . . , 63} and consider the following cipher (M, C, K) defined by:

E(k , x) = x + k mod 64.

Does this cipher have perfect secrecy?