1 / 17

CMSC 456 Introduction to Cryptography

CMSC 456 Introduction to Cryptography. Jonathan Katz. Overview of exam. The exam is cumulative More emphasis on material covered in the second half of the semester Focus on understanding and application, less on being clever

dortch
Download Presentation

CMSC 456 Introduction to Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CMSC 456Introduction to Cryptography Jonathan Katz

  2. Overview of exam • The exam is cumulative • More emphasis on material covered in the second half of the semester • Focus on understanding and application, less on being clever • Please read instructions, and describe attacks or constructions clearly and unambiguously

  3. Chapter 1 • Historical private-key encryption schemes • Why did we talk about these? • Modern cryptography • Definitions • Assumptions • Proofs

  4. Chapter 2 • Perfect secrecy • The one-time pad • Limitations of perfect secrecy • Key as long as the message • Key can only be used once • No security against chosen-plaintext attacks • Need pre-shared key!

  5. Chapter 3a • Computational security • Private-key encryption • Definitions: • Indistinguishability in the presence of an eavesdropper • Multiple-message indistinguishability • CPA-security • CCA-security

  6. Chapter 3b • Primitives • Pseudorandom generators • Pseudorandom functions (block ciphers) • AES, 3DES, (DES) • Encryption schemes • “Pseudo one-time pad” • Deterministic encryption? • Basic CPA-secure encryption scheme • Modes of encryption

  7. Chapter 4a • Message authentication codes, defining security • Collision-resistant hash functions • SHA-1 • Birthday attacks (other applications?) • Constructions • Basic construction for short messages • HMAC • CBC-MAC

  8. Chapter 4b • Privacy + message authentication, CCA-security • Encrypt-then-authenticate • Why are the other alternatives problematic?

  9. Chapter 5 • Definition of pseudorandomness… • Concrete security requirements • Substitution-permutation networks • Attacks on reduced-round SPNs • AES • Feistel networks • Attacks on reduced-round Feistel networks • DES • Increasing key length • 3DES • Meet-in-the-middle attacks

  10. Chapter 7 • Modular arithmetic, group theory, cyclic groups, generators • ZN, Z*N, (N) • Generating random primes • Factoring assumption, RSA assumption, discrete logarithm assumption, Diffie-Hellman assumptions • One-way functions, examples

  11. Chapter 9 • What are the limitations of private-key crypto? • Why did we bother studying private-key crypto at all? • Key exchange • Definition of security • Diffie-Hellman key exchange

  12. Chapter 10a • Public-key encryption • Definitions • Indistinguishability = CPA-security • Deterministic encryption? • CCA-security • Why important • Hybrid encryption

  13. Chapter 10b • RSA encryption • Textbook RSA • Why is it insecure? • Padded RSA • El Gamal encryption • What assumption is it based on?

  14. Chapter 12a • Digital signatures • Advantages relative to MACs? • Definition of security • RSA signatures • Textbook RSA • Why is it insecure? • Hashed RSA

  15. Chapter 12b • Hash-and-sign • 1-time signatures, Lamport’s scheme • PKI, certificates

  16. The real world • Pseudorandom functions (block ciphers) • AES, 3DES • Collision-resistant hash function • SHA-1, others (NIST competition) • Private-key encryption • E.g., CBC mode, others for CPA-security • Encrypt-then-authenticate for CCA-security • Message authentication codes • HMAC, CBC-MAC, others

  17. The real world • Key exchange • (Authenticated) Diffie-Hellman • Public-key encryption • (Variants of) padded RSA • El Gamal encryption • CCA-secure schemes • Signature schemes • (Variants of) hashed RSA • DSS (we did not cover)

More Related