sheng zhong yuan zhang -...
Post on 21-May-2018
228 Views
Preview:
TRANSCRIPT
Introduction
Sheng Zhong Yuan Zhang
Computer Science and Technology DepartmentNanjing University
2017 Fall
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 1 / 35
Outline
1 Course Info
2 Why do we need to study Cryptography?Crypto is around youUnderstanding Crypto can help us
3 What can Cryptography do?Two major usagesThere’s more
4 What will we learn in this course?An OverviewOur focus
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 2 / 35
Course Info
Lecture time:Tues, 8:00-9:50 (ONLY EVEN WEEKS);Fri, 10:10-12:00 (EVERY WEEK).
Classroom:Rm. 201 in Xian I Bldg (仙 1-201).
Instructors:Sheng Zhong (仲盛), zhongsheng@nju.edu.cnYuan Zhang (张渊), zhangyuan@nju.edu.cn, Tel: 89681395, Rm.1019 in CS Bldg.
TA:Bingbing Jiang (蒋兵兵), bingbingjiangnju@163.com
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 3 / 35
Course Info
Course website (announcements, slides, homework, etc. here!):http://cosec.nju.edu.cn/crypto/index.html
Textbook:Introduction to Modern Cryptography (2nd edition) by J. Katz andY. Lindell;
Reference books:Modern Cryptography: Theory and Practice by W.Mao,Cryptography Theory and Practice by D. Stinson.
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 4 / 35
Course Info
Course prerequisites:Being familiar with the following courses will be a plus for this course.(If not, it is also OK. We will explain the required knowledge beforeusing it.)
Discrete MathsProbability TheoryAlgorithm
Gradings:Homework (4 to 5 times) 40% + Midterm Exam 20% + Final Exam40% + bonus 10%
Course Policy:Zero tolerance to plagiarism!!! Always give credits to other people ifyou use their results or works.
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 5 / 35
Have you met Crypto TODAY?
Q: Have you met Crypto TODAY ?A: I believe you have.
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 7 / 35
Cryptography is around us
From the moment you login into your cellphone:
图: iphone login screenshot
“Every iOS device has a dedicate AES 256 crypto engine built ... Every time a file
on the data partition is created, ... the hardware AES engine, which uses the key
to encrypt the file” Quoted from iOS Security [5]
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 8 / 35
Cryptography is around us
To the moment your cellphone logins itself to the mobile networks:
图: SIM cards
4G Sim Card is a mini-computer that stores a master key and runs AES-based
MILENAGE algorithm and AKA protocol to perform mutual authentication and
key agreement with the cellular tower.
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 9 / 35
Cryptography is around us
To the moment you made an online purchase.
图: Page Info of www.taobao.com
“Website Identity Verified by GlobalSign nv-sa; Connection Encrypted
(TLS ECDHA RSA WITH AES 128 GCM SHA256, 128 bit keys, TLS 1.2)”
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 10 / 35
Cryptography is around us
To the moments you use these:
(a) NJU Campus Card (b) Online Gaming Login
(c) Banking (d) ID card
图: More cryptography usages
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 11 / 35
Understanding Crypto can help us to find a job
On May 5th, 2014, US National Security Agency (NSA) sent amysterious, garbled tweet:
图: A mysterious tweet from NSA
It is a substitution cipher. After decryption, it says “Want toknow what it takes to work at NSA? Check back each Monday inMay as we explore careers essential to protecting our nation.”
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 13 / 35
Understanding Crypto can help us to create money
Crypto can be used to create money:
(a) 51 kinds of cryptocur-rencies in 2014
(b) Value of a Bitcoin till 08/25/2017
图: Pics from Poloniex - Bitcoin/Digital Asset Exchange’s mainpage in 2014,and coindesk’s website
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 14 / 35
Understanding Crypto can help us to protect ourselves
We often see a lot of warning messages like:
图: Warning messages
Should we “Proceed anyway” or “Back to safety”?
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 15 / 35
Understanding Crypto can help us to build a safer world
According to a CCS research paper, “11,748 android apps usecryptography (encryption), and 10,327 get it wrong [Egele13]”
图: An empirical study of cryptographic misuse in android applications
Without understanding Crypto, more and more unsafe Apps will come.
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 16 / 35
Two major usages of Cryptography
We often use Crypto to achieve a secure communication, i.e. toguarantee1:
Data PrivacyData Integrity and Authenticity
图: Secure communication via public networks
1Sometimes we also want to achieve non-repudiation.Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 18 / 35
Protecting data privacy
图: Secure communication via public networks
The goal is to guarantee that no others (e.g. the adversary) know whatthe message M is except Bob.
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 19 / 35
Protecting data integrity and authenticity
图: Secure communication via public networks
The goal is to guarantee that:
The message M’ that Bob receives has not be tempered, i.e. M’ = M.
The message M is really sent from Alice.Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 20 / 35
A simple example showing why privacy, integrity andauthenticity are important.
A simple attack on the data integrity and authenticity.
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 21 / 35
There’s more
More advanced usages/functionalities are provided as cryptographicprotocols, e.g.
Oblivious Transfer (“不经意传输”)Zero-knowledge Proof (“零知识证明”)Secure Multiparty Computation (“多方安全计算”)Digital Currency (“数字货币”)... ...
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 23 / 35
An overview of this course
Cryptography is actually a growing area thats covers a wide range oftopics.
图: Topics of Cryptography
We will see many “D&A”, several “Math Foundations”, and a few“Implementations”.
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 25 / 35
Our focus of this course
In this course, we will focus on:
Rigorous Definition of SecurityCryptographic PrimitivesCryptographic Protocols
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 27 / 35
Rigorous definition of security: How can we’re sure asystem is secure?
Encryption example 1: “Only I know the encryption algorithm andkeys, so it is safe.”
图: Relying on the secrecy of the encrypting system
It takes 5 seconds using an online cryptogram solver to solve it.
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 28 / 35
Rigorous definition of security: How can we’re sure asystem is secure?
Encryption example 2: “It would takes 100 years to break the systemfor an adversary with a currently most advanced computer using thebest known method. ”Secure or not?NO ! What if the adversary controls 10000 currently the mostadvanced computers?
Solutions:We’re sure it’s secure if we can prove it with rigorous mathematicalsecurity proofs:computationally security,game-based proofs,simulation-based proofs...
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 29 / 35
Cryptographic primitives: basic cryptographic tools
Example 1: “How to generate random numbers?”
图: Pic from http://www.moneycrashers.com
Solutions: Pseudo-random number generator (PRG), Pseudo-randomfunctions (PRFs).
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 30 / 35
Cryptographic primitives: basic cryptographic tools
Example 2: “How to secure your data?”
图: Pic from The Advanced Encryption Standard by Rijndael
Solutions: DES encryption, AES encryption, RSA encryption, RSAsignature,...
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 31 / 35
Cryptographic protocols: tools of advanced usages
Example 1 (“Elsa or Anna?”): You are allowed to get the phone number of
ONLY one girl, but you have to make your choice in front of the two girls. How to
get the correct number without breaking another’s heart?
图: Which girl’s number do you want?
Solutions: Oblivious Transfer!
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 32 / 35
Cryptographic protocols: tools of advanced usages
Example 2 (“Yao’s Millionaire problem”): Two millionaires want to know
who is richer, but refuse to reveal their assets to each other.
图: Who is richer?
Solutions: Secure comparison protocol!
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 33 / 35
Summary
Rigorous Definition of Security
Cryptographic Primitives
Cryptographic Protocols
In this course, together we will witness the wits of cryptographers, and thepowerfulness and miracles of Cryptography!
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 34 / 35
References I
Egele, M., Brumley, D., Fratantonio, Y., Kruegel, C..An empirical study of cryptographic misuse in android applications.Proceedings of the 2013 ACM SIGSAC conference on Computer & communicationssecurity, 2013.
Katz, J. and Lindell, Y..Introduction to modern crytography (2nd ed).Chapman & Hall/CRC, 2014
Bellare, M.Slides for CSE207 Introduction to Modern CryptographyUCSD
RijndaelThe Advanced Encryption Standard (Rijndael)http://www.quadibloc.com/crypto/co040401.htm
Apple Inc.iOS Security (iOS10), March 2017https://www.apple.com/business/docs/iOS_Security_Guide.pdf
Sheng Zhong, Yuan Zhang (CS@NJU) Introduction 2017 Fall 35 / 35
top related