Créateur de présentation | Survey | Quiz | Lead-form Accédez à 1,00,000+ modèles PowerPoint (pour les utilisateurs de SlideServe) - Parcourir maintenant
Download
provable security some caveats n.
Skip this Video
Loading SlideShow in 5 Seconds..
Provable Security: Some Caveats PowerPoint Presentation
Download Presentation
Provable Security: Some Caveats

share
play prev play next
play fullscreen
1 / 16

Provable Security: Some Caveats

87 Vues Download Presentation
Télécharger la présentation

Provable Security: Some Caveats

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Provable Security: Some Caveats Ari Juels RSA Laboratories 3 November 1999

  2. What is provable security?

  3. Is this provable security? Ivan Damgård: Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals. 328-335 -- CRYPTO ‘88

  4. Or this follow-on? Birgit Pfitzmann, Michael Waidner: How to Break and Repair a "Provably Secure" Untraceable Payment System. 338-350 , CRYPTO ‘91

  5. Is this provable security? M. Ajtai and C. Dwork. A public-key cryptosystem with worst-case/ average-case equivalence. In Proc. 29th ACM STOC, pp. 284-293, 1997

  6. A follow-on P. Nguyen and J. Stern. Cryptanalysis of the Ajtai-Dwork Cryptosystem Proc. Of Crypto 98, pp. 223-242

  7. Problems with provable security • Who shall guard the guardians? Who’s to say that a proof is correct? • Worst case security  Average case security • Asymptotic security  Real world security

  8. But even with a more precise notion of ‘‘provable security’’...

  9. Amdahl’s Law Part 1 Part 2 Part 3 Part 4

  10. Amdahl’s Law Part 1 Part 2 Part 3 Part 4 …Accelerating a small piece doesn’t help much

  11. “Amdahl’s Law of Security” Crypto Part 1 Part 2 Part 3 Part 4

  12. “Amdahl’s Law of Security” Part 1 Part 2 Part 3 Part 4 …Strengthening secure part doesn’t help much

  13. Provable Security Strengthens Most Secure Part As far as we know, cryptography is rarely weakest point in system. Instead, it’s: • Bad password selection • Social engineering • Bad software implementation

  14. Where do you wnt to go today?re W A major security problem... Where do you want to go today?

  15. Provable security • May distract from more critical vulnerabilities • Hackers just go around the crypto • May yield more complex algorithms, and therefore make correct implementation less likely • Slow down implementations and encourage avoidance of crypto

  16. What lessons to be learned? • Emphasis on extensive expert and empirical testing as a basis for security as with, e.g., RSA • Can be in addition to proofs • Emphasis on simple proofs and algorithms and on ‘exact security’