Selected Pages On Cryptography

&RQWHQWV
7UDQVSRUW /D\HU 6HFXULW\
6\PPHWULFNH\ DOJRULWKP

6KDUHG VHFUHW

0HVVDJH DXWKHQWLFDWLRQ FRGH

)RUZDUG VHFUHF\

'DWD (QFU\SWLRQ 6WDQGDUG

7ULSOH '(6

)HLVWHO FLSKHU

$GYDQFHG (QFU\SWLRQ 6WDQGDUG

5&

5&

%ORZVK FLSKHU

0' FU\SWRJUDSK\

0'

0'

6+$

6+$

3XEOLFNH\ FU\SWRJUDSK\

56$ FU\SWRV\VWHP

'LH+HOOPDQ NH\ H[FKDQJH

(OOLSWLF FXUYH FU\SWRJUDSK\

(OOLSWLF FXUYH 'LH+HOOPDQ

(OOLSWLF &XUYH 'LJLWDO 6LJQDWXUH $OJRULWKP

&KDSWHU

7UDQVSRUW /D\HU 6HFXULW\ 7/6
6HFXUH 6RFNHWV /D\HU 66/
SULYDWH
VHFXUH
'HVFULSWLRQ
DXWKHQWLFDWHG
LQWHJULW\
+LVWRU\ DQG GHYHORSPHQW

6HFXUH 1HWZRUN 3URJUDPPLQJ
66/ DQG
7/6
7/6
7/6
7/6 GUDIW
'LJLWDO FHUWLFDWHV
&HUWLFDWH DXWKRULWLHV
&LSKHU
1RWHV
$OJRULWKP
.H\ H[FKDQJH RU NH\ DJUHHPHQW
'DWD LQWHJULW\
$SSOLFDWLRQV DQG DGRSWLRQ
:HEVLWHV
1RWHV
:HE EURZVHUV
1RWHV
/LEUDULHV
6HFXULW\
A
66/
2WKHU XVHV
66/
7/6
3URWRFRO GRZQJUDGH DWWDFNV
)DOVH 6WDUW
6QDS 6WDUW
&URVVSURWRFRO DWWDFNV '52:1
$WWDFNV DJDLQVW 7/666/
5HQHJRWLDWLRQ DWWDFN
%($67 DWWDFN
%($67 %URZVHU ([SORLW $JDLQVW 66/7/6
7LPLQJ DWWDFNV RQ SDGGLQJ
&5,0( DQG %5($&+ DWWDFNV
322'/( DWWDFN
322
'/( 3DGGLQJ 2UDFOH 2Q 'RZQJUDGHG /HJDF\ (Q
FU\SWLRQ
7UXQFDWLRQ DWWDFN
5& DWWDFNV
'RZQJUDGH DWWDFNV )5($. DWWDFN DQG /RJMDP DW

WDFN
20
8QKRO\ 3$& DWWDFN
6ZHHW DWWDFN
6XUYH\ RI ZHEVLWHV YXOQHUDEOH WR DWWDFNV
,PSOHPHQWDWLRQ HUURUV +HDUWEOHHG EXJ %(5VHUN

DWWDFN DQG RWKHUV
)RUZDUG VHFUHF\
3HUVSHFWLYHV 3URMHFW
'16&KDLQ
'HDOLQJ ZLWK PDQLQWKHPLGGOH DW

WDFNV
3URWRFRO GHWDLOV
&HUWLFDWH SLQQLQJ
7/6 KDQGVKDNH
%DVLF 7/6 KDQGVKDNH
&OLHQW+HOOR
)LQLVKHG
&KDQJH&LSKHU6SHF
6HUYHU+HOOR
)LQLVKHG
&HUWLFDWH
6HUYHU.H\([FKDQJH
&OLHQWDXWKHQWLFDWHG 7/6 KDQGVKDNH
6HUYHU+HOOR'RQH
FKDQJH
&OLHQW+HOOR
&OLHQW.H\([
6HUYHU+HOOR
&KDQJH&LSKHU6SHF
&HUWLFDWH
6HUYHU.H\([FKDQJH

&HUWLFDWH5HTXHVW
6HUYHU+HOOR'RQH
&HUWLFDWH
&OLHQW.H\([FKDQJH
&HUWLFDWH9HULI\
5HVXPHG 7/6 KDQGVKDNH
6HVVLRQ ,'V
&KDQJH&LSKHU6SHF
LVKHG
&OLHQW+HOOR
&KDQJH&LSKHU6SHF
6HUYHU+HOOR
)LQ
6HUYHU+HOOR
)LQLVKHG
&OLHQW+HOOR
6HUYHU+HOOR
7/6 UHFRUG
&KDQJH&LSKHU6SHF
&RQWHQW W\SH
LVKHG
)LQ
9HUVLRQ
/HQJWK
&KDQJH&LSKHU6SHF
14
3URWRFRO PHVVDJHV
)LQLVKHG
0$& DQG 3DGGLQJ
6HVVLRQ WLFNHWV
+DQGVKDNH SURWRFRO
0HVVDJH W\SH
+DQGVKDNH PHVVDJH GDWD OHQJWK
$OHUW SURWRFRO
6XSSRUW IRU QDPHEDVHG YLU

WXDO VHUYHUV
/HYHO
'HVFULSWLRQ
&KDQJH&LSKHU6SHF SURWRFRO
&&6 SURWRFRO W\SH
$SSOLFDWLRQ SURWRFRO
/HQJWK
0$&
6WDQGDUGV
3ULPDU\ VWDQGDUGV
7KH FXUUHQW DSSURYHG YHUVLRQ RI 7/6 LV YHUVLRQ
ZKLFK LV VSHFLHG LQ
7KH FXUUHQW VWDQGDUG UHSODFHV WKHVH IRUPHU YHUVLRQV

ZKLFK DUH QRZ FRQVLGHUHG REVROHWH
3DGGLQJ
$V ZHOO DV WKH QHYHU VWDQGDUGL]HG 66/ DQG

ZKLFK DUH FRQVLGHUHG REVROHWH
([WHQVLRQV
([WHQVLRQV WR 7/6 LQFOXGH
,QIRUPDWLRQDO 5)&V
6HH DOVR
5HIHUHQFHV
(QFDSVXODWLRQV RI 7/6 LQFOXGH

)XUWKHU UHDGLQJ

([WHUQDO OLQNV
6SHFLFDWLRQV
2WKHU
&KDSWHU
6\PPHWULFNH\ DOJRULWKPV
&U\SWRJUDSKLF
SULPLWLYHV
EDVHG RQ V\PPHWULF FLSKHUV
7\SHV RI V\PPHWULFNH\ DOJR

ULWKPV
&RQVWUXFWLRQ RI V\PPHWULF FL

SKHUV
,PSOHPHQWDWLRQV
6HFXULW\ RI V\PPHWULF FLSKHUV
.H\ JHQHUDWLRQ
5HFLSURFDO FLSKHU
1RWHV
5HIHUHQFHV
VLQJOHNH\ VKDUHGNH\ RQHNH\
VHFUHWNH\
SULYDWHNH\
&KDSWHU
6KDUHG VHFUHW
5HIHUHQFHV
VKDUHG VHFUHW
6HH DOVR
1RWHV
&KDSWHU
0$&
PHVVDJH DXWKHQWLFDWLRQ FRGH
FU\SWRJUDSKLF KDVK IXQFWLRQ
NH\HG
XQIRUJHDEOH
'HQLWLRQV
6HFXULW\
0HVVDJH $XWKHQWLFDWLRQ &RGH 0$&
6WDQGDUGV
0HVVDJH LQWHJULW\ FRGHV

PHVVDJH LQWHJULW\ FRGH 0,&
$Q ([DPSOH RI 0HVVDJH $X

WKHQWLFDWLRQ &RGH $OJRULWKP
Key (K)
,PSOHPHQWDWLRQ
SENDER
RECEIVER
MESSAGE
MESSAGE
MAC
Algorithm
MAC
MAC:
Message Authentication Code
MESSAGE
MAC
MAC
Algorithm
Key (K)
MAC
=?
MAC
If the same MAC is found: then

the message is authentic and
integrity checked
Else: something is not right.
2QHWLPH 0$&
k
k
6HH DOVR
5HIHUHQFHV
1RWHV
([WHUQDO OLQNV
&KDSWHU
)RUZDUG VHFUHF\
IRUZDUG VHFUHF\ )6
SHUIHFW IRUZDUG VHFUHF\
$WWDFNV
+LVWRU\
:HDN SHUIHFW IRUZDUG VHFUHF\

RQHSDUW\
WZRSDUW\ IRUZDUG VHFUHF\
IRUZDUG VHFUHF\
WZRSDUW\
)RUZDUG VHFUHF\

IRUZDUG VHFUHF\
3URWRFROV
5HIHUHQFHV

8VH

6HH DOVR
([WHUQDO OLQNV
&KDSWHU

'DWD (QFU\SWLRQ 6WDQGDUG '(6
+LVWRU\ RI '(6
16$V LQYROYHPHQW LQ WKH GHVLJQ
'($ 'DWD (QFU\SWLRQ $OJRULWKP
7KH DOJRULWKP DV D VWDQGDUG
2YHUDOO VWUXFWXUH
&KURQRORJ\
'HVFULSWLRQ
7KH )HLVWHO ) IXQFWLRQ
.H\ VFKHGXOH
6HFXULW\ DQG FU\SWDQDO\VLV
%UXWH IRUFH DWWDFN
39
41
50
50
$WWDFNV IDVWHU WKDQ EUXWHIRUFH

0LQRU FU\SWDQDO\WLF SURSHUWLHV
EK (P ) = C EK (P ) = C
x
x. EK
K. P
49
43
EK (EK (P )) = P
DK .
EK =
K1
K2
41
43
EK1 (EK2 (P )) = P
DK1 .
EK2 =
{EK }
6HH DOVR
6LPSOLHG '(6
1RWHV
5HSODFHPHQW DOJRULWKPV
A

5HIHUHQFHV

([WHUQDO OLQNV

&KDSWHU
7ULSOH '(6
7'($
7ULSOH '(6 '(6

7ULSOH 'DWD (QFU\SWLRQ $OJRULWKP
7ULSOH '($
'HQLWLYH VWDQGDUGV
$OJRULWKP
1DPH RI WKH DOJRULWKP

3
1
.H\LQJ RSWLRQV

.H\LQJ RSWLRQ
.H\LQJ RSWLRQ
.H\LQJ RSWLRQ
2
6HFXULW\
1
32
113
90
88
2WKHU WHUPV
28
84
8VDJH
(QFU\SWLRQ RI PRUH WKDQ RQH

EORFN
6HH DOVR
5HIHUHQFHV DQG QRWHV

28

&KDSWHU
)HLVWHO FLSKHU
)HLVWHO FLSKHU
QHWZRUN
)HLVWHO
&RQVWUXFWLRQ GHWDLOV
+LVWRULFDO
7KHRUHWLFDO ZRUN
K0 , K 1 , . . . , K n
0, 1, . . . , n
L0 R 0
i = 0, 1, . . . , n
Li+1 = Ri
Ri+1 = Li (Ri , Ki )
(Rn+1 , Ln+1 )
/LVW RI )HLVWHO FLSKHUV
(Rn+1 , Ln+1 )
i = n, n 1, . . . , 0
Ri = Li+1
Li = Ri+1 (Li+1 , Ki )
(L0 , R0 )
6HH DOVR
8QEDODQFHG )HLVWHO FLSKHU

L0
R0
5HIHUHQFHV

2WKHU XVHV

)HLVWHO QHWZRUNV DV D GHVLJQ FRPSR

QHQW
&KDSWHU

5LMQGDHO
$(6
'HQLWLYH VWDQGDUGV
'HVFULSWLRQ RI WKH FLSKHU
b0 , b1 , ..., b15
b0
b1
b2
b3
b4
b5
b6
b7
b8
b9
b10
b11
b12
b13
b14
b15
a0,0 a0,1 a0,2 a0,3
a1,0 a1,1 a1,2 a1,3
a2,0 a2,1 a2,2 a2,3
b2,0 b2,1 b2,2 b2,3
a3,0 a3,1 a3,2 a3,3
b3,0 b3,1 b3,2 b3,3
b0,0 b0,1 b0,2 b0,3

SubBytes
b1,0 b1,1 b1,2 b1,3
+LJKOHYHO GHVFULSWLRQ RI WKH DOJR

ULWKP
S(ai,j ) ai,j 6=
7KH 6KLIW5RZV VWHS

No
change
a0,0 a0,1 a0,2 a0,3
a0,0 a0,1 a0,2 a0,3

ShiftRows
a1,0 a1,1 a1,2 a1,3
Shift 2
a2,0 a2,1 a2,2 a2,3
a2,2 a2,3 a2,0 a2,1
Shift 3
a3,0 a3,1 a3,2 a3,3
a3,3 a3,0 a3,1 a3,2
7KH 6XE%\WHV VWHS

ai,j
S(ai,j )
*)
7KH 0L[&ROXPQV VWHS

S(ai,j ) 6= ai,j
a1,1 a1,2 a1,3 a1,0
Shift 1
a0,1
a0,0
a1,0
b0,0
a0,2 a0,3
a1,1
MixColumns
a1,2 a1,3
a3,1
b1,1
a0,0 a0,1 a0,2 a0,3

b0,2 b0,3
b1,2 b1,3
b2,0 b2,1 b2,2 b2,3
a2,0 a2,1 a2,2 a2,3

a3,0
b1,0
b0,1
b3,0
a3,2 a3,3
b3,1
a1,0 a1,1 a1,2 a1,3
b0,0 b0,1 b0,2 b0,3

AddRoundKey
b1,0 b1,1 b1,2 b1,3
a2,0 a2,1 a2,2 a2,3
b2,0 b2,1 b2,2 b2,3
a3,0 a3,1 a3,2 a3,3
b3,0 b3,1 b3,2 b3,3
b3,2 b3,3
k0,0 k0,1 k0,2 k0,3
k1,0 k1,1 k1,2 k1,3
k2,0 k2,1 k2,2 k2,3
c(x)
k3,0 k3,1 k3,2 k3,3
2SWLPL]DWLRQ RI WKH FLSKHU
2
1
1
3
3
2
1
1
1
3
2
1
1
1
3
2
x7
x8 + x4 + x 3 + x + 1
*)(28 )
*)(28 )
x4 +1
c(x) =
x3 +x2 +x+
*)(2)[x]
*)(28 )
7KH $GG5RXQG.H\ VWHS
6HFXULW\
39
45
.QRZQ DWWDFNV
70
48
32
88
56
119
96
35
6LGHFKDQQHO DWWDFNV
32
1,67&6(& YDOLGDWLRQ
7HVW YHFWRUV
3HUIRUPDQFH
,PSOHPHQWDWLRQV
6HH DOVR
1RWHV
5HIHUHQFHV
([WHUQDO OLQNV
&KDSWHU
5&
$5&
5&
$5&)285
'HVFULSWLRQ

+LVWRU\
.H\VFKHGXOLQJ DOJRULWKP .6$
IRU IURP WR
HQGIRU
IRU IURP WR
,PSOHPHQWDWLRQ
HQGIRU
3VHXGRUDQGRP JHQHUDWLRQ DOJR

ULWKP 35*$
j
S[i]+S[j]
253 254 255
S
S[i]
K
S[j]
S[i]+S[j]
ZKLOH
HQGZKLOH
5&EDVHG UDQGRP QXPEHU JHQHU

DWRUV
6HFXULW\
5RRVV ELDVHV DQG NH\ UHFRQVWUXF

WLRQ IURP SHUPXWDWLRQ
%LDVHG RXWSXWV RI WKH 5&
)OXKUHU 0DQWLQ DQG 6KDPLU DWWDFN
.OHLQV DWWDFN
25
&RPELQDWRULDO SUREOHP
5R\DO +ROORZD\ DWWDFN
5&$
24
26
ZKLOH
%DUPLW]YDK DWWDFN
12025( DWWDFN

RXWSXW
RXWSXW
HQGZKLOH
903&
ZKLOH
RXWSXW
5& YDULDQWV
HQGZKLOH
38
5&
ZKLOH
RXWSXW
HQGZKLOH
6SULW]
ZKLOH
HQGZKLOH
RXWSXW
6HH DOVR
5HIHUHQFHV

5&EDVHG SURWRFROV

)XUWKHU UHDGLQJ

([WHUQDO OLQNV

5& LQ :(3
&KDSWHU
5&
.H\ H[SDQVLRQ
5&

'HVFULSWLRQ
Odd((e
2) 2w )

$OJRULWKP
Odd(( 1) 2w )
&U\SWDQDO\VLV
44
(QFU\SWLRQ
6HH DOVR
5HIHUHQFHV
'HFU\SWLRQ

([WHUQDO OLQNV
&KDSWHU
%ORZVK FLSKHU
%ORZVK

7KH DOJRULWKP
32
1
3
2
4
:HDNQHVV DQG VXFFHVVRUV

%ORZVK LQ SVHXGRFRGH
6HH DOVR

%ORZVK LQ SUDFWLFH
5HIHUHQFHV

([WHUQDO OLQNV
&KDSWHU
0' FU\SWRJUDSK\
0'

0HVVDJH'LJHVW
$OJRULWKP
'HVFULSWLRQ
0' KDVKHV
6HFXULW\
104
73
73
52
([WHUQDO OLQNV

6HH DOVR

5HIHUHQFHV
&KDSWHU
0'
0'
0HVVDJH'LJHVW
6HFXULW\
$OJRULWKP
F
Mi
102
KLVWRULF
Ki
<<<
s
0' KDVKHV
0' WHVW YHFWRUV

0' FROOLVLRQ H[DPSOH
([WHUQDO OLQNV

6HH DOVR
&ROOLVLRQ DWWDFNV

5HIHUHQFHV
&KDSWHU
0'
0' DOJRULWKP

+LVWRU\ DQG FU\SWDQDO\VLV
6HFXULW\
39
2YHUYLHZ RI VHFXULW\ LVVXHV
&ROOLVLRQ YXOQHUDELOLWLHV
Distributor
File to transmit
100101001000111001001001
000100100100100100100100
100010101010101001000100
010111100111011010010100
File transmitted to user
Hashing
Algorithm
#MOD#
Downloader
hd23dd23
Hash Value transmitted to user
File received correctly

Hash values match
100101001000111001001001
000100100100100100100100
100010101010101001000100
010111100111011010010100
Hashing
Value
#MOD#
hd23dd23
Received
Hashing
Value
hd23dd23
Calculated
Hashing
Value
Hashing
Algorithm
100101001000111001001001
000100100100100000100100
100010101010101001000100
010111100111011010010100
#MOD#
File received with ERROR

Hash Value mis-match
re-transmit data
Calculated
Hashing
Value
Received
hd23dd23 Hashing
Value
54tg164hr
3UHLPDJH YXOQHUDELOLW\

$SSOLFDWLRQV
$OJRULWKP
A
F
Mi
Ki
<<<s
32
YDU
64
YDU
DSSHQG
SRZ
F (B, C, D) = (B C) (B D)
G(B, C, D) = (B D) (C D)
H(B, C, D) = B C D
I(B, C, D) = C (B D)
, , ,
WR
WR
DSSHQG
DSSHQG
XQWLO
IRU HDFK
PRG
RI
YDU
YDU
YDU
YDU
IRU IURP WR
LI
WKHQ
DQG
RU
QRW
DQG
HOVH LI
DQG
RU QRW
DQG
PRG
HOVH LI
[RU [RU
PRG
HOVH
LI
[RU RU QRW
PRG
OHIWURWDWH
HQG IRU
DSSHQG
3VHXGRFRGH
YDU
YDU
UHWXUQ
DSSHQG
HQG IRU YDU

DSSHQG
ELQDU\ RU
OHIWURWDWH
YDU
[RU
IRU IURP
HQG IRU
WR
32
[RU
DQG
DQG [RU
[RU
0' KDVKHV

6HH DOVR

5HIHUHQFHV
)XUWKHU UHDGLQJ

32
([WHUQDO OLQNV
&KDSWHU
6+$
6+$ 6HFXUH +DVK $OJRULWKP
F
<<<5
Wt
<<<30
Kt

'HYHORSPHQW
32
&U\SWRJUDSK\

$SSOLFDWLRQV
&U\SWDQDO\VLV DQG YDOLGDWLRQ

TIPVME
'DWD LQWHJULW\
80
$WWDFNV
51
57
80
52
69
52
80
33
61
7KH 6+$SSHQLQJ
63
57
35
35
6+$
61
([DPSOHV DQG SVHXGRFRGH
80
([DPSOH KDVKHV
51
40
39
6+$ SVHXGRFRGH
32
2FLDO YDOLGDWLRQ
IRU
[RU
IRU IURP
[RU
OHIWURWDWH
[RU
DQG
IRU IURP WR
LI
WKHQ
RU QRW DQG
HOVH LI
[RU [RU
HOVH LI
DQG RU DQG RU DQG
HOVH LI
[RU [RU
OHIWURWDWH
OHIWURWDWH
OHIWVKLIW
RU
OHIWVKLIW
OHIWVKLIW
RU
RU
OHIWVKLIW
RU
6HH DOVR
30
[RU DQG [RU

DQG [RU QRW DQG
DQG
QRW DQG
DQG
RU
DQG
[RU
DQG [RU
DQG [RU DQG
OHIWURWDWH
OHIWURWDWH

[RU
[RU
RU DQG
DQG RU
DQG
DQG
[RU
[RU
[RU
1RWHV
[RU
[RU
[RU
&RPSDULVRQ RI 6+$ IXQFWLRQV
63

5HIHUHQFHV

([WHUQDO OLQNV
&KDSWHU
6+$
6+$
6HFXUH +DVK $OJRULWKP
+DVK VWDQGDUG

A
H
Wt
Ch
Kt
1
Ma
6+$ 6+$ 6+$ 6+$ 6+$

6+$
0
(E, F, G) = (E F ) (E G)
(A, B, C) = (A
B) (A C) (B C) 0 (A) = (A 2) (A
13)(A 22) 1 (E) = (E 6)(E 11)(E 25)
32
TIPVME
&U\SWRDQDO\VLV DQG YDOLGDWLRQ

$SSOLFDWLRQV
3VHXGRFRGH
32
2FLDO YDOLGDWLRQ

7HVW YHFWRUV
IRU
[RU
[RU

IRU IURP
ULJKWURWDWH
ULJKWURWDWH
ULJKWVKLIW
[RU
[RU
ULJKWURWDWH
ULJKWVKLIW
ULJKWURWDWH

IRU IURP
[RU ULJKWURWDWH
[RU
ULJKWURWDWH
DQG [RU QRW DQG

ULJKWURWDWH [RU
ULJKWURWDWH
[RU ULJKWURWDWH
DQG
[RU DQG [RU DQG

DSSHQG DSSHQG DSSHQG DSSHQG
DSSHQG DSSHQG DSSHQG
ULJKWURWDWH
ULJKWURWDWH
ULJKWURWDWH
ULJKWURWDWH
[RU
ULJKWURWDWH [RU
ULJKWVKLIW
ULJKWURWDWH
[RU
[RU
ULJKWURWDWH
[RU
ULJKWURWDWH
[RU
ULJKWURWDWH
ULJKWURWDWH [RU
ULJKWURWDWH
[RU
ULJKWVKLIW
& ,PSOHPHQWDWLRQ
&RPSDULVRQ RI 6+$ IXQFWLRQV

6HH DOVR

5HIHUHQFHV
([WHUQDO OLQNV

$GGLWLRQDO UHDGLQJ

&KDSWHU
Bob
Alice
Hello
Alice!
Large
0110101010
Random
1101110100
Number
0011011010
SK\
Alice's
public key
6EB69570
08E03CE4
Key
Generation
Program
Public
Encrypt
Alice
Private
DV\PPHWULF FU\SWRJUD
Hello
Alice!
Decrypt
Alice's
private key
Alice
Bob's
public key
Combine
keys
751A696C
24D97009
Alice and Bob's
shared secret
Alice's
private key
'HVFULSWLRQ
Bob
Alice's
public key
Bob's
private key
Combine
keys
751A696C
24D97009
Alice and Bob's
shared secret

+LVWRU\
3XEOLF GLVFRYHU\
&ODVVLHG GLVFRYHU\
7\SLFDO XVH
3UDFWLFDO FRQVLGHUDWLRQV

(QYHORSHG 3XEOLF .H\ (QFU\SWLRQ

6HFXULW\
'LJLWDO VLJQDWXUHV
&HUWLFDWLRQ DXWKRULW\
3RVWDO DQDORJLHV

3XEOLF .H\ (QFU\SWLRQ
$FWXDO DOJRULWKPV WZR OLQNHG NH\V
:HDNQHVVHV
2
2
1
2
&RPSXWDWLRQDO FRVW
$VVRFLDWLQJ SXEOLF NH\V ZLWK LGHQWL

WLHV
5HODWLRQ WR UHDO ZRUOG HYHQWV
3ULYLOHJH RI NH\ UHYRFDWLRQ
6SUHDGLQJ WKH UHYRFDWLRQ
ERWK
'LVWULEXWLRQ RI D QHZ NH\
UHYRNHG
5HFRYHU\ IURP D OHDNHG NH\
([DPSOHV RI DV\PPHWULF NH\ DOJRULWKPV QRW ZLGHO\

DGRSWHG LQFOXGH
([DPSOHV RI QRWDEOH \HW LQVHFXUH DV\PPHWULF NH\

DOJRULWKPV LQFOXGH
([DPSOHV RI SURWRFROV XVLQJ DV\PPHWULF NH\ DOJR

ULWKPV LQFOXGH

([DPSOHV
([DPSOHV RI ZHOOUHJDUGHG DV\PPHWULF NH\ WHFK

QLTXHV IRU YDULHG SXUSRVHV LQFOXGH
6HH DOVR
5HIHUHQFHV

1RWHV
([WHUQDO OLQNV

&KDSWHU
56$ FU\SWRV\VWHP
56$

+LVWRU\

3DWHQW
(me )d m (
n)
(md )e m (
n)
.H\ GLVWULEXWLRQ
(QFU\SWLRQ
c me
n)
'HFU\SWLRQ

2SHUDWLRQ
cd (me )d m (
n)
.H\ JHQHUDWLRQ
([DPSOH
p = 61
q = 53
n = 61 53 = 3233
(3233) = (61 1)(53 1) = 3120
16
e = 17
d = 2753
de
(n) = 1
2753 17
3120 = 1
SXEOLF NH\
c(m) = m17
3233
SULYDWH NH\
m(c) = c2753
3233
c = 6517
3233 = 2790
m = 27902753
dp = d
dq = d
q
=q
(q
3233 = 65
(p 1) = 2753
(q 1) = 2753
1
(53 1) = 49
p = 53
61 = 38
q)
p = 38 53
61 = 1
m1 = c d p
p = 279053
dq
49
m2 = c
(61 1) = 53
q = 2790
61 = 4
53 = 12
h = (q (m1 m2 ))
p = (38 8)
m = m2 + h q = 12 + 1 53 = 65
&RGH
61
=1
6LJQLQJ PHVVDJHV
3URRI XVLQJ (XOHUV WKHRUHP

3URRIV RI FRUUHFWQHVV
3URRI XVLQJ )HUPDWV OLWWOH WKHRUHP
ap1 1
ed 1 (

h
med = m1+h(n) = m m(n) m(1)h m (
p)
(pq)).
(pq) = (p 1)(q 1)
ed 1 = h(p 1)(q 1)
3DGGLQJ
$WWDFNV DJDLQVW SODLQ 56$
h(q1)
!
med = m(ed1) m = mh(p1)(q1) m = mp1
m 1h(q1) m m (
p)
!
h(p1)
med = m(ed1) m = mh(p1)(q1) m = mq1
m 1h(p1) m m (
ed 1 (
d
(me ) m (
pq)
(pq))
q)
n)
6HFXULW\ DQG SUDFWLFDO FRQVLG

HUDWLRQV
8VLQJ WKH &KLQHVH UHPDLQGHU DOJR
ULWKP
3DGGLQJ VFKHPHV
dP = d
p1
dQ = d
q1
= q 1
m1 = cdP
m2 = cdQ
h = q (m1 m2 )
m2 h
l m
i
q
m1 + pq p m2
m1
<
m = m2 + hq
,QWHJHU IDFWRUL]DWLRQ DQG 56$

SUREOHP
)DXOW\ NH\ JHQHUDWLRQ
77
7LPLQJ DWWDFNV
,PSRUWDQFH RI VWURQJ UDQGRP QXP

EHU JHQHUDWLRQ
$GDSWLYH FKRVHQ FLSKHUWH[W DWWDFNV
6LGHFKDQQHO DQDO\VLV DWWDFNV

6HH DOVR

1RWHV

5HIHUHQFHV

)XUWKHU UHDGLQJ

([WHUQDO OLQNV
86
3DWHQW
34"
&KDSWHU
'LH+HOOPDQ NH\ H[FKDQJH '+
1DPH
'LH+HOOPDQ0HUNOH NH\ H[FKDQJH
'HVFULSWLRQ
*HQHUDO RYHUYLHZ
Alice
Bob
&U\SWRJUDSKLF H[SODQDWLRQ
Common paint
+
+
Secret colours
UHG
Public transport
(assume
that mixture separation
is expensive)
C
+
C
Secret colours
=

Common secret

C
T
T

Ab
p = g ab
(g a
p)b
p = g ba
p = (g b
p = Ba
p)a
6HFUHF\ FKDUW

UHG

*HQHUDOL]DWLRQ
JURXSV
WR
QLWH
F\FOLF
2SHUDWLRQ ZLWK PRUH WKDQ WZR

SDUWLHV
6HFXULW\
3UDFWLFDO DWWDFNV RQ ,QWHUQHW WUDF )RUZDUG VHFUHF\
3DVVZRUGDXWKHQWLFDWHG NH\ DJUHH

PHQW
3XEOLF NH\
(g a
p, g, p)
gb
(g a )b

2WKHU XVHV
(QFU\SWLRQ
1RWHV

5HIHUHQFHV
*HQHUDO UHIHUHQFHV

([WHUQDO OLQNV

&KDSWHU

(OOLSWLF FXUYH FU\SWRJUDSK\ (&&

5DWLRQDOH
+LVWRU\
7KHRU\
y 2 = x3 + ax + b,
(E)
(E) E,

&U\SWRJUDSKLF VFKHPHV
(Zp )
h=
h 4
(p, a, b, G, n, h)
(m, f, a, b, G, n, h)

,PSOHPHQWDWLRQ
'RPDLQ SDUDPHWHUV
nG =
E(Fp )
1
n |E(Fp )|
F 2m
h = 1
pB 1
(X, Y, Z)
y=
Y
Z
x=
x =
X
Z
(X, Y, Z)
y = ZY3
Y
x= X
Z y = Z2
X
Z2
Fp
(X, Y, Z, aZ 4 )
FpB
(X, Y, Z, Z 2 , Z 3 )
E(Fq )
|E(Fq )| = q
Fq
)DVW UHGXFWLRQ 1,67 FXUYHV
.H\ VL]HV
p=2
O( n)
Fq
521
p=2
256
p 2d
2 2 28 27 26 24 1.
32
q 2256
Fp
$SSOLFDWLRQV
3URMHFWLYH FRRUGLQDWHV
Fp
F 2m
Fq
xy = 1
x Fq
y Fq

6HFXULW\
6LGHFKDQQHO DWWDFNV
P = Q
P 6= Q
3DWHQWV
%DFNGRRUV
$OWHUQDWLYH UHSUHVHQWDWLRQV
4XDQWXP FRPSXWLQJ DWWDFNV

6HH DOVR

1RWHV

([WHUQDO OLQNV

5HIHUHQFHV
&KDSWHU

(&'+(
(OOLSWLF FXUYH 'LH+HOOPDQ (&'+

.H\ HVWDEOLVKPHQW SURWRFRO
(p, a, b, G, n, h)
(m, f (x), a, b, G, n, h)
6RIWZDUH
d
[1, n 1]
Q = dG
Q
G
(dA , QA )
(xk , yk ) = dA QB
(xk , yk ) = dB QA
(dB , QB )
xk
xk
dA QB = dA dB G = dB dA G = dB QA
5HIHUHQFHV
&KDSWHU

$OJRULWKP (&'6$
(OOLSWLF &XUYH 'LJLWDO 6LJQDWXUH
FU\SWRJUDSKLFDOO\ VHFXUH UDQGRP

[1, n 1]
(x1 , y1 ) = k G
r = x1

.H\ DQG VLJQDWXUHVL]H FRP

SDULVRQ WR '6$
r=0
s = k 1 (z + rdA )
s=0
(r, s)
s
2
(m)
80
n
k
4t
t
(r, s)
z

6LJQDWXUH JHQHUDWLRQ DOJR

ULWKP
, G, n)
dA
(r, s )
z
k=
zz
ss
k
m
m
s s = k 1 (z z )
n
s = k 1 (z + rdA )
dA = skz
r
k
G
n
G
[1, n 1]
QA = dA G
dA
m
e =
6LJQDWXUH YHULFDWLRQ DOJR

ULWKP
(m)
Ln
e
n
QA
Ln
QA
QA
O
QA
n QA = O
6HFXULW\
r
[1, n 1]
e=
(m)
k
Ln
w = s1
u1 = zw
dA
u2 = rw
(x1 , y1 ) = u1 G + u2
QA
r x1 (
n)
u 1 G + u2 Q A

&RUUHFWQHVV RI WKH DOJRULWKP

C
C = u1 G + u2 Q A
QA = dA G
C = u1 G + u2 dA G
1RWHV
C = (u1 + u2 dA ) G
u1
C = (zs1 + rdA s1 ) G
u2
s1
C = (z + rdA )s1 G
s
C = (z + rdA )(z + rdA )1 (k 1 )1 G
C =kG
6HH DOVR

5HIHUHQFHV

([WHUQDO OLQNV

7H[W DQG LPDJH VRXUFHV FRQWULEXWRUV DQG OLFHQVHV

7H[W
6KDUHG VHFUHW
)RUZDUG VHFUHF\
7ULSOH '(6
)HLVWHO FLSKHU
5&
5&
%ORZVK FLSKHU
0' FU\SWRJUDSK\
0'
0'
6+$
6+$
56$ FU\SWRV\VWHP

,PDJHV
)LOH$(6$GG5RXQG.H\VYJ
)LOH$(60L[&ROXPQVVYJ
)LOH$(66KLIW5RZVVYJ
)LOH$(66XE%\WHVVYJ
)LOH$GLB6KDPLUBBFURSMSJ
)LOH$PER[BLPSRUWDQWVYJ
)LOH%ORZILVKBGLDJUDPSQJ
)LOH%RDUGMSJ
)LOH%R[SOXVSQJ
)LOH&37+DVKLQJ)LOH7UDQVPLVVLRQVYJ
)LOH&RPPRQVORJRVYJ
)LOH&U\SWRBNH\VYJ
)LOH&U\VWDOB&OHDUBDSSBEURZVHUSQJ
)LOH&U\VWDOB&OHDUBGHYLFHBFGURPBXQPRXQWSQJ
)LOH'DWDB(QFULSWLRQB6WDQGDUGB)ORZB'LDJUDPVYJ
)LOH'LIILH+HOOPDQB.H\B([FKDQJHVYJ
)LOH(GLWFOHDUVYJ
)LOH(QLJPDBNH\OLVWBBURWRUMSJ
)LOH)HLVWHOBFLSKHUBGLDJUDPBHQVYJ
)LOH)ROGHUB+H[DJRQDOB,FRQVYJ
)LOH)UHHWRUHDGBORFNBVYJ
)LOH/OOSQJ
)LOH0$&VYJ
)LOH0'VYJ
)LOH0'VYJ
)LOH1XYRODBDSSVBHGXBPDWKHPDWLFVBEOXHSVYJ
)LOH3HRSOHBLFRQVYJ
)LOH3RUWDOSX]]OHVYJ
)LOH3XEOLFNH\FU\SWRVYJ
)LOH3XEOLFBNH\BHQFU\SWLRQVYJ
)LOH3XEOLFBNH\BVKDUHGBVHFUHWVYJ
)LOH4XHVWLRQBERRNQHZVYJ
)LOH5&VYJ
)LOH5&B,QIR%R[B'LDJUDPVYJ
)LOH6+$VYJ
)LOH6+$VYJ
)LOH7H[WBGRFXPHQWBZLWKBUHGBTXHVWLRQBPDUNVYJ

&RQWHQW OLFHQVH

Selected Pages On Cryptography

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Selected Pages On Cryptography

Încărcat de

Drepturi de autor:

Formate disponibile

&RQWHQWV

 7UDQVSRUW /D\HU 6HFXULW\

 0HVVDJH DXWKHQWLFDWLRQ FRGH

 'DWD (QFU\SWLRQ 6WDQGDUG

 $GYDQFHG (QFU\SWLRQ 6WDQGDUG

 'LH+HOOPDQ NH\ H[FKDQJH

 (OOLSWLF FXUYH FU\SWRJUDSK\

 (OOLSWLF FXUYH 'LH+HOOPDQ

 (OOLSWLF &XUYH 'LJLWDO 6LJQDWXUH $OJRULWKP

7UDQVSRUW /D\HU 6HFXULW\

 +LVWRU\ DQG GHYHORSPHQW

 66/   DQG 

 7/6 

 7/6 

 7/6 

 7/6  GUDIW

 'LJLWDO FHUWLFDWHV

 &HUWLFDWH DXWKRULWLHV

 .H\ H[FKDQJH RU NH\ DJUHHPHQW

 'DWD LQWHJULW\

 $SSOLFDWLRQV DQG DGRSWLRQ

 :HE EURZVHUV

 66/ 

 2WKHU XVHV

 66/ 

&URVVSURWRFRO DWWDFNV '52:1

 $WWDFNV DJDLQVW 7/666/

%($67 %URZVHU ([SORLW $JDLQVW 66/7/6

7LPLQJ DWWDFNV RQ SDGGLQJ

&5,0( DQG %5($&+ DWWDFNV

'RZQJUDGH DWWDFNV )5($. DWWDFN DQG /RJMDP DW

8QKRO\ 3$& DWWDFN

6XUYH\ RI ZHEVLWHV YXOQHUDEOH WR DWWDFNV

,PSOHPHQWDWLRQ HUURUV +HDUWEOHHG EXJ %(5VHUN

 )RUZDUG VHFUHF\

 'HDOLQJ ZLWK PDQLQWKHPLGGOH DW

 3URWRFRO GHWDLOV

 7/6 KDQGVKDNH

%DVLF 7/6 KDQGVKDNH

&OLHQWDXWKHQWLFDWHG 7/6 KDQGVKDNH

5HVXPHG 7/6 KDQGVKDNH

 7/6 UHFRUG

 6XSSRUW IRU QDPHEDVHG YLU

7KH FXUUHQW VWDQGDUG UHSODFHV WKHVH IRUPHU YHUVLRQV

$V ZHOO DV WKH QHYHU VWDQGDUGL]HG 66/  DQG 

([WHQVLRQV WR 7/6  LQFOXGH

([WHQVLRQV WR 7/6  LQFOXGH

 ,QIRUPDWLRQDO 5)&V

 6HH DOVR

(QFDSVXODWLRQV RI 7/6 LQFOXGH

 7\SHV RI V\PPHWULFNH\ DOJR

 &RQVWUXFWLRQ RI V\PPHWULF FL

 6HFXULW\ RI V\PPHWULF FLSKHUV

 .H\ JHQHUDWLRQ

 5HFLSURFDO FLSKHU

 6HH DOVR

0HVVDJH DXWKHQWLFDWLRQ FRGH

PHVVDJH DXWKHQWLFDWLRQ FRGH

FU\SWRJUDSKLF KDVK IXQFWLRQ

0HVVDJH $XWKHQWLFDWLRQ &RGH 0$&

 0HVVDJH LQWHJULW\ FRGHV

 $Q ([DPSOH RI 0HVVDJH $X

If the same MAC is found: then

7UDQVSRUW /D\HU 6HFXULW\

0HVVDJH DXWKHQWLFDWLRQ FRGH

'DWD (QFU\SWLRQ 6WDQGDUG

$GYDQFHG (QFU\SWLRQ 6WDQGDUG

'LH+HOOPDQ NH\ H[FKDQJH

(OOLSWLF FXUYH FU\SWRJUDSK\

(OOLSWLF FXUYH 'LH+HOOPDQ

(OOLSWLF &XUYH 'LJLWDO 6LJQDWXUH $OJRULWKP

+LVWRU\ DQG GHYHORSPHQW

66/ DQG

7/6

7/6

7/6

7/6 GUDIW

'LJLWDO FHUWLFDWHV

&HUWLFDWH DXWKRULWLHV

.H\ H[FKDQJH RU NH\ DJUHHPHQW

'DWD LQWHJULW\

$SSOLFDWLRQV DQG DGRSWLRQ

:HE EURZVHUV

66/

2WKHU XVHV

66/

&URVVSURWRFRO DWWDFNV '52:1

$WWDFNV DJDLQVW 7/666/

%($67 %URZVHU ([SORLW $JDLQVW 66/7/6

'RZQJUDGH DWWDFNV )5($. DWWDFN DQG /RJMDP DW

,PSOHPHQWDWLRQ HUURUV +HDUWEOHHG EXJ %(5VHUN

)RUZDUG VHFUHF\

'HDOLQJ ZLWK PDQLQWKHPLGGOH DW

3URWRFRO GHWDLOV

7/6 KDQGVKDNH

&OLHQWDXWKHQWLFDWHG 7/6 KDQGVKDNH

7/6 UHFRUG

6XSSRUW IRU QDPHEDVHG YLU

7KH FXUUHQW VWDQGDUG UHSODFHV WKHVH IRUPHU YHUVLRQV

$V ZHOO DV WKH QHYHU VWDQGDUGL]HG 66/ DQG

([WHQVLRQV WR 7/6 LQFOXGH

([WHQVLRQV WR 7/6 LQFOXGH

,QIRUPDWLRQDO 5)&V

6HH DOVR

(QFDSVXODWLRQV RI 7/6 LQFOXGH

7\SHV RI V\PPHWULFNH\ DOJR

&RQVWUXFWLRQ RI V\PPHWULF FL

6HFXULW\ RI V\PPHWULF FLSKHUV

.H\ JHQHUDWLRQ

5HFLSURFDO FLSKHU

6HH DOVR

0HVVDJH LQWHJULW\ FRGHV

$Q ([DPSOH RI 0HVVDJH $X

2QHWLPH 0$&

6HH DOVR

([WHUQDO OLQNV

:HDN SHUIHFW IRUZDUG VHFUHF\

WZRSDUW\ IRUZDUG VHFUHF\

)RUZDUG VHFUHF\

6HH DOVR

([WHUQDO OLQNV

+LVWRU\ RI '(6

16$V LQYROYHPHQW LQ WKH GHVLJQ

7KH DOJRULWKP DV D VWDQGDUG

2YHUDOO VWUXFWXUH

7KH )HLVWHO ) IXQFWLRQ

.H\ VFKHGXOH

6HFXULW\ DQG FU\SWDQDO\VLV

%UXWH IRUFH DWWDFN

$WWDFNV IDVWHU WKDQ EUXWHIRUFH

6HH DOVR

6LPSOLHG '(6

5HSODFHPHQW DOJRULWKPV

([WHUQDO OLQNV

7ULSOH '(6 '(6

'HQLWLYH VWDQGDUGV

1DPH RI WKH DOJRULWKP

.H\LQJ RSWLRQV

2WKHU WHUPV

(QFU\SWLRQ RI PRUH WKDQ RQH

6HH DOVR

5HIHUHQFHV DQG QRWHV

&RQVWUXFWLRQ GHWDLOV