Crypto U3, Theoretical vs. Practical Security

jjanesko
Mind Map by , created over 6 years ago

IYM002 (Unit 3 - Further basics of Crypto Design) Mind Map on Crypto U3, Theoretical vs. Practical Security, created by jjanesko on 03/31/2013.

95
12
0
jjanesko
Created by jjanesko over 6 years ago
Crypto U4, Block Cipher, Cipher Block Chaining Mode (CBC)
jjanesko
Crypto U2, Crypto design principles
jjanesko
Crypto U8, example dynamic password scheme
jjanesko
Chemical Symbols
Keera
1PR101 2.test - Část 11.
Nikola Truong
Crypto U4, Block Cipher, Cipher Feedback Mode (CFB)
jjanesko
Crypto U1, Basic Principles
jjanesko
Crypto U4, Block Cipher, Electronic Codebook Mode (ECB)
jjanesko
Crypto U4, Block Cipher, Counter Mode
jjanesko
Crypto U4, Stream Cipher
jjanesko
Crypto U3, Theoretical vs. Practical Security
1 perfect secrecy
1.1 Attacker gets no info about the plaintext by observing the ciphertext, other than what was was known before the ciphertext was cobserved.
1.2 Gordon's "flash math" version of perfect secrecy

Annotations:

  • [Image: https://lh5.googleusercontent.com/-bm3mNTn_vpY/UVf2zUjHt8I/AAAAAAAAAbM/2PH9xvxP4QQ/s582/flashymathdefinitionofperfectsecrecy.png]
2 in theory, there exists unbreakable cryptosystems
2.1 perfectly secret
2.2 one time pad
2.2.1 each letter of a plaintext is transformed with a randomly generated key that is the same length as the plaintext
2.2.2 practical problems
2.2.2.1 key establishment expensive (creating random sequences)
2.2.2.2 key distribution a challenge (key changes each time)
2.2.2.3 key length potentially very large
2.2.3 OTP
3 practical security
3.1 COVERAGE what is the covertimeneeded for the plaintext?
3.1.1 design system to protect against known attacks that would result in plaintext compromise in shorter than covertime
3.2 computational complexity
3.2.1 algorithm complexity
3.2.1.1 for each possible input to the algorithm, the amount of time it takes to run
3.2.1.1.1 length of input measured in bits
3.2.2 mathematical complexity - algorithms can be run in
3.2.2.1 polynomial time
3.2.2.1.1 a algorithm that can usually be run in real time with any sized input
3.2.2.1.2 "time taken to execute process for an input of size n is not greater than n^r for some number r"
3.2.2.1.3 example: multiplication, addition
3.2.2.2 expontential time
3.2.2.2.1 an algorithm that cannot be run in "real" time with most inputs
3.2.2.2.2 "if the time taken to execute the process for an input of size n is approximately a^n for some number a"
3.2.2.2.3 example: factorization
3.2.2.2.4 Just because an algorithm is exponentially hard, it does not mean that it is impossible to solve for all values.
3.3 computing exhaustive key search time
3.3.1 need
3.3.1.1 algorithm complexity
3.3.1.2 computer speed
3.3.2 example
3.3.2.1 general algorithm complexity forkey search is 2^n
3.3.2.1.1 our example key length is 30, so the complexity for this example is n^30
3.3.2.1.1.1 our example computer does 1,000,000 operations per second
3.3.2.1.1.1.1 So, 2^30 / 10^6 = roughly 1000 seconds
3.4 EVOLUTION when designing algorithms, take into consideration current and emerging state of processing power in computers
3.5 when designing cryptosystems, make sure that the implementation does not undermine the power of the algorithms used
3.6 practice good key management

Media attachments