Crypto U3, Theoretical vs. Practical Security

Mind Map by , created over 6 years ago

IYM002 (Unit 3 - Further basics of Crypto Design) Mind Map on Crypto U3, Theoretical vs. Practical Security, created by jjanesko on 03/31/2013.

Created by jjanesko over 6 years ago
Crypto U4, Block Cipher, Cipher Block Chaining Mode (CBC)
Crypto U2, Crypto design principles
Crypto U8, example dynamic password scheme
Chemical Symbols
1PR101 2.test - Část 11.
Nikola Truong
Crypto U4, Block Cipher, Cipher Feedback Mode (CFB)
Crypto U1, Basic Principles
Crypto U4, Block Cipher, Electronic Codebook Mode (ECB)
Crypto U4, Block Cipher, Counter Mode
Crypto U4, Stream Cipher
Crypto U3, Theoretical vs. Practical Security
1 perfect secrecy
1.1 Attacker gets no info about the plaintext by observing the ciphertext, other than what was was known before the ciphertext was cobserved.
1.2 Gordon's "flash math" version of perfect secrecy


  • [Image:]
2 in theory, there exists unbreakable cryptosystems
2.1 perfectly secret
2.2 one time pad
2.2.1 each letter of a plaintext is transformed with a randomly generated key that is the same length as the plaintext
2.2.2 practical problems key establishment expensive (creating random sequences) key distribution a challenge (key changes each time) key length potentially very large
2.2.3 OTP
3 practical security
3.1 COVERAGE what is the covertimeneeded for the plaintext?
3.1.1 design system to protect against known attacks that would result in plaintext compromise in shorter than covertime
3.2 computational complexity
3.2.1 algorithm complexity for each possible input to the algorithm, the amount of time it takes to run length of input measured in bits
3.2.2 mathematical complexity - algorithms can be run in polynomial time a algorithm that can usually be run in real time with any sized input "time taken to execute process for an input of size n is not greater than n^r for some number r" example: multiplication, addition expontential time an algorithm that cannot be run in "real" time with most inputs "if the time taken to execute the process for an input of size n is approximately a^n for some number a" example: factorization Just because an algorithm is exponentially hard, it does not mean that it is impossible to solve for all values.
3.3 computing exhaustive key search time
3.3.1 need algorithm complexity computer speed
3.3.2 example general algorithm complexity forkey search is 2^n our example key length is 30, so the complexity for this example is n^30 our example computer does 1,000,000 operations per second So, 2^30 / 10^6 = roughly 1000 seconds
3.4 EVOLUTION when designing algorithms, take into consideration current and emerging state of processing power in computers
3.5 when designing cryptosystems, make sure that the implementation does not undermine the power of the algorithms used
3.6 practice good key management

Media attachments