New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here


by: Nick Rowe

Cryptography CS 55500

Nick Rowe
GPA 3.68


Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Class Notes
25 ?




Popular in Course

Popular in ComputerScienence

This 36 page Class Notes was uploaded by Nick Rowe on Saturday September 19, 2015. The Class Notes belongs to CS 55500 at Purdue University taught by Staff in Fall. Since its upload, it has received 81 views. For similar materials see /class/208087/cs-55500-purdue-university in ComputerScienence at Purdue University.

Similar to CS 55500 at Purdue

Popular in ComputerScienence


Reviews for Cryptography


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 09/19/15
Cryptography CS 5 5 5 Lecture 1 Department of Computer Sciences Purdue University Cristina Nita Rotaru Fall 2003Lecture1 1 Course Information Meetings TuampTh 300415 PM Aug 25 Dec 14 Professor contact info Office REC 217CS174 Email crisncspurdueedu Office hours TuTh 430 600 PM in CS174 TA Ramkumar Natarajan 0 Class webpage httpwwwcspurdueeduhomescrisncoursescs555 Cristina NitaRotaru D Fall 2003Lecture 1 Grading Policy Final Project Final Exam Cristina NitaRotaru D Written Assignments Midterm Exam Fall 2003Lecture 1 20 30 20 30 Homework Homework must by TYPED Every student has 3 extra days for all the written assignments that he can use Email me and the TA with name and number of extra days used for an assignment After using your 3 extra days no late homework will be accepted You must work alone on the assignments Cristina NitaRotaru D Fall 2003Lecture 1 4 Exams and Project Midterm about mid October Final check university web page Project Teams of 2 preferred Proposal due one week before midterm Can be theoretical or practical depending on your interests There will be a meeting with the professor to discuss the results of the project PLEASE COME AND TALK TO ME IF YOU HAVE PROBLEMS WITH YOUR PROJECT Cristina NitaRotaru D Fall 2003Lecture 1 5 Course Overview 1 Concepts and principles of cryptography security services attacks and mechanisms Classical cryptographic systems shift cipher Vigenere and Vernam ciphers Jefferson wheel cipher and the Enigma machine Block ciphers DES Blowfish RC5 IDEA AES Stream ciphers SEAL RC4 65555 Cristina NitaRotaru D Fall 2003Lecture 1 Course Overview 2 Publickey encryption RSA ElGamal Rabin CS555 Probabilistic cryptosystems GoldwasserMicali Data integrity hash functions MD5 SHA1 HMAC Digital signatures RSA ElGamal DSA Schnorr Authentication protocols data and entity authentication One time passwords Lamport39s scheme challengeresponse schemes Kerberos Cristina NitaRotaru D Fall 2003Lecture 1 Course Overview 3 0 Key management twoparty key exchange and group key management protocols Verifiable encryption and applications Digital rights Zeroknowledge proofs Identitybased cryptosystems C 55 55 Notions of threshold cryptography Proactive security Cristina NitaRotaru D Fall 2003Lecture 1 8 Reference Material 0 Textbooks D R Stinson Cryptography CRYPTERXPH7Y Theory and Pract1ce Second Ed1t1on Tit39f39f CRC Press 2002 W Stallings Cryptography and V V Network Security Principles and Practice Third Edition Prentice Hall 2002 Hill ll R l U Recommended reading J Handbook of Applied Cryptography HAC 39i LIii39il lxl39i Menezes Oorschot Vanstone CRC Press httpwwwcacrrnathuwaterloocahac Cryptanalysis of Number Theoretic Ciphers S S Wagstaff Jr CRC Press Cristina NitaRotaru D Fall 2003Lecture 1 Academic Integrity Purdue University Academic Integrity httpwwwpurdueeduODOSadministra tionintegrityhtm Class policy httpwwwceriaspurdueeduhomesspa fCpolicyhtm Cristina NitaRotaru D Fall 2003Lecture 1 Lecture Outline Security services Security attacks Security mechanisms 1 Terminology Attacks of ciphers and cryptographic protocols Cristina NitaRotaruD Fall 2003Lecture 1 11 Recommended Reading Stallings Chapter 1 HAC Chapter1 Wagstaff Chapter1 Cristina NitaRotaru D Fall 2003Lecture 1 12 Let s Make the Introductions Alice Carl Cristina NitaRotaru D Fall zoosLecture 1 13 Information Security NETWORK SECURITY NFOR A SECURITY Cristina NitaRotaru D Fall 2003Lecture 1 14 Information Security Security attacks Any action that compromises the security of information Security mechanism A mechanism that is designed to detect prevent or recover from a security attack Security service A service that enhances the security of data processing systems and information transfers A security service makes use of one or more security mechanisms Cristina NitaRotaru D Fall 2003Lecture 1 15 Security Services 1 Confidentiality information is available for reading only to authorized parties Example Alice sends a message to Bob only Alice and Bob can understand the content of the message 2 Authentication Data source authentication the data is coming from an authorized party Example Alice receives a message from Bob This service ensures that the message is from Bob and not from Carl Entity authentication the entity is who it says it is Example When Alice tries to obtain access to her bank account an authentication operation is performed to ensure that Alice asks for the information Cristina NitaRotaru D Fall 2003Lecture 1 16 Security Services 2 3 Integrity detect if data was modified from the source to the destination Example Alice sends an email to Bob Carl intercepts the message and modifies it Data integrity allows for Bob to detect that the message was modified on the way from Alice to him 4 Nonrepudiation neitherthe sender northe receiver of a message are able to deny the transmission Example Alice sends Bob a contract signed The non repudiation service ensures that Alice can not claim that the signature was produced by somebody else Cristina NitaRotaru D Fall 2003Leoture 1 17 Security Services 3 5 Access control only authorized parties can use specific resources Example Alice wants to print a document she must be authorized to get that document and to use the printer 6 Availability resources available to authorized parties Example A web site might become unavailable if the server crashes or is bombarded with requests Cristina NitaRotaru D Fall 2003Lecture 1 18 Security Attacks Passive the attacker does not modify the data only monitors the communication It threatens confidentiality Example listen to the communication between Alice and Bob and if it s encrypted try to decrypt it Active the attacker is actively involved in deleting adding or modifying data It threatens data integrity authentication and confidentiality Example Alice sends Bob a message meet me today at 5 Carl intercepts the message and modifies it meet me tomorrow at 5 and then sends it to Bob Cristina NitaRotaru D Fall 2003Leoture 1 19 Security Attacks Examples Interruption Interception Cristina NitaRotaru D Fall 2003Lecture 1 2O Security Attacks Examples Modification Fabrication injection V5 Cristina Nita Rotaru D Fall 2003Leoture 1 21 Security Mechanisms Cryptography for example encrypt data 0 Software access limitations in a database in operating system protect each user from other users networking firewall Hardware use smartcard for authentication Policies define who has access to what resources frequent changes of passwords etc Cristina NitaRotaru D Fall 2003Lecture 1 22 What Is Cryptography Cryptography the study of mathematical techniques related to aspects of information security 0 Cryptanalysis the study of mathematical techniques for attempting to defeat information security services Cryptology the study of cryptography and cryptanalysis Cristina NitaRotaru D Fall 2003Lecture 1 23 Cryptographic Primitives Encryption Key management Hash functions Digital signatures Certificates and CAs Cristina NitaRotaru D Fall 2003Lecture 1 24 Symmetric and Public Cryptography Symmetric cryptography Used mainly to encipherdecipher data Examples DES Blowfish AES RC4 How obtain the secret key in the first place Public cryptography Each party has a PAIR P S of keys P is the public key and S is the secret key Used mainly to distribute keys and create digital signatures Examples RSA EIGamaI P Cristina NitaRotaru D Fall 2003Lecture 1 25 What is a Cryptosystem Plaintext data to be hidden Ciphertext notmeaningful data t39 160 tion plaintext EEEgPgl Ciphertext quotquot1139 Ciphertext Definition A cryptosystem is a fivetuple P C K E D s t P is a finite set of possible plaintexts C is a finite set of possible ciphertexts K the keyspace is the set of possible keys For each kEK there are encryption rule ek ekzP a C decryption rule dk dsz a P st dkekx x epoive Cristina NitaRotaru D Fall 2003Lecture 1 26 Going Back to Cryptanalysis c There are different methods of breaking a cipher depending on the type of information available to the attacker the interaction with the cipher machine Cristina NitaRotaru D Fall 2003Lecture 1 27 Breaking Ciphers Cipher rex ronly attack The cryptanalyst knows only the ciphertext Sometimes the language of the plaintext and the cipher are also kown Goal find the plaintext and the key NOTE any encryption scheme vulnerable to this type of attack is considered to be completely insecure Knownplaintext attack The cryptanalyst knows several pairs of ciphertext and corresponding plaintext The goal is to find the key used to encrypt these messages or a way to decrypt any new messages that use that key Cristina NitaRotaru D Fall 2003Lecture 1 28 Breaking Ciphers 2 Chosenplaintext attack The cryptanalyst knows a number of encrypted messages and he can also encrypt any message he chooses The goal is to deduce the key used in the other encrypted messages or decrypt any new messages using that key o It can be adaptive the choice of plaintext depends on the ciphertext received from previous requests Cristina NitaRotaru D Fall 2003Lecture 1 29 Breaking Ciphers 3 Chosenciphertext attack Similar to the chosenplaintext attack but the cryptanalyst can choose the ciphertext not the plaintext The goal is to obtain the key It can also be adaptive The choice of ciphertext may depend on the plaintext received from previou requests Cristina NitaRotaru D Fall 2003Lecture 1 30 Protocols Definition A network protocol defines rules for sendingreceiving packets the format and type of the packets actions in response of receiving a certain type of packets A cryptographic protocol also specifies what cryptographic mechanisms are used Cristina NitaRotaru D Fall 2003Lecture 1 31 Attacks on Protocols Knownkey attack This attack uses previously used keys to determine new keys used for encryption Replay attack In this type of attack an attacker records a communication session and later on replays that session Impersonation attack This attack deceives the identity of one of the legitimate parties Cristina NitaRotaru D Fall 2003Lecture 1 32 Attacks on Protocols Dictionary attack This attacks usually targets passwords The attacker uses a dictionary of plaintextciphertext encrypted with all possible keys Forward search attack This attack is similar with the dictionary attack and is used if the message space is small or predictable with the goal of decrypting messages Interleaving attack Impersonation or other deception involving selective combination of information from parallel sessions it is an attack against authentication Cristina NitaRotaru D Fall 2003Lecture 1 33 Models for Evaluating Security Unconditional security The adversary has unlimited computational resources Analysis is made by using probability theory Perfect secrecy observation of the ciphertext provides no information to an adversary Complexitytheoretic security The adversary is assumed to have polynomial computational power The analysis uses complexity theory Polynomial attacks although feasible in practice can be computationally infeasible Cristina NitaRotaru D Fall 2003Lecture 1 34 Models for Evaluating Security Provable security Proof of security relies on the difficulty of solving a wellknown and supposedly difficult problem example computation of discrete logarithms Computational security practical security Measures the amount of computational effort required to defeat a system Sometimes related to the hard problems but no proof of equivalence is known Ad hoc security heuristic security Variety of convincing arguments that every successful attack requires more resources than the ones available to an attacker Unforeseen attacks remain a threat Cristina NitaRotaru D Fall 2003Lecture 1 Summary Cryptography is an important mechanism used to defend against attacks on computers and networks Encryption schemes and protocols can be attacked in several ways classified depending on the power of the attacker and the amount of information available to the attacker Cristina NitaRotaru D Fall 2003Lecture 1 36


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"

Jennifer McGill UCSF Med School

"Selling my MCAT study guides and notes has been a great source of side revenue while I'm in school. Some months I'm making over $500! Plus, it makes me happy knowing that I'm helping future med students with their MCAT."

Jim McGreen Ohio University

"Knowing I can count on the Elite Notetaker in my class allows me to focus on what the professor is saying instead of just scribbling notes the whole time and falling behind."


"Their 'Elite Notetakers' are making over $1,200/month in sales by creating high quality content that helps their classmates in a time of need."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.