1 / 15

CIS 5371 Cryptography

CIS 5371 Cryptography. 3. Private-Key Encryption and Pseudorandomness B ased on: Jonathan Katz and Yehuda Lindel , Introduction to Modern Cryptography. A Computational Approach to Cryptography. Computational secrecy is a weaker notion of secrecy that is based on the assumption that

penney
Télécharger la présentation

CIS 5371 Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CIS 5371 Cryptography 3. Private-Key Encryption and Pseudorandomness Based on: Jonathan Katz and Yehuda Lindel, Introduction to Modern Cryptography

  2. A Computational Approach to Cryptography • Computational secrecyis a weaker notion of secrecy that is based on the assumption that • the success probability of breaking the system by any adversary with bounded computational resources is negligible. For example, less than using the fastest available supercomputer running for 200 years.

  3. A Computational Approach • Security is only preserved against efficient adversaries • Adversaries can potentially succeed with some very small probability (small enough so that we are not concerned that this will ever really happen)

  4. A concrete approach

  5. The asymptotic approach

  6. The asymptotic approach

  7. The asymptotic approach

  8. The asymptotic approach –an example The effect that availability of faster computers might have on security in practice • Say we have a cryptographic scheme where honest parties are required to run for cycles and for which an adversary is running for cycles can succeed in breaking the scheme with probability .

  9. The asymptotic approach –an example

  10. The asymptotic approach –an example

  11. The asymptotic approach –an example • The asymptotic approach has the advantage of not depending on any specific assumptions regarding, e.g., the type of computer an adversary will use.

  12. Efficient Algorithms

  13. Efficient Algorithms Generating randomness There are a number of ways random bits are obtained in practice. • One solution is to use a hardware random number generator that generates random bit-streams based on certain physical phenomena like thermal/electrical noise or radioactive decay. • Another possibility is to use software random number generators which generate random bit-streams based on unpredictable behavior such as the time between key-strokes, movement of the mouse, hard disk access times, and so on.

  14. Efficient Algorithms Generating randomness • Some modern operating systems provide functions of this sort. Note that, in either of these cases, the underlying unpredictable event is unlikely to directly yield uniformly-distributed bits, and so further processing of the initial bit-stream is needed. • Techniques for doing this are complex and poorly understood.

  15. Efficient Algorithms Generating randomness • One must be careful in how random bits are chosen, and the use of badly designedor inappropriate random number generators can often leave a good cryptosystem vulnerable to attack. • Particular care must be taken to use a random number generator that is designed for cryptographic use, rather than a general-purpose random number generator which may be fine for some applications but not cryptographic ones

More Related