ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do...
Transcript of ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do...
![Page 1: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/1.jpg)
Sherman Chow Chinese University of Hong Kong
Fall 2017 Lecture 0: Logistics and Motivation
ENGG 5383 Applied Cryptography
6th, September, 2017 ENGG 5383 Applied Cryptography 1
![Page 2: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/2.jpg)
§ Office: Room 808, Ho Sin Hang Engineering Building § Email: [email protected]
§ Prepend subject of the email with [ENGG5383] § Use your institutional email for correspondences § I will not check my junk mail box
§ Course website: http://course.ie.cuhk.edu.hk/~engg5383 § Teaching assistant: TBA
§ Tutorial session: TBA
My Contact
6th, September, 2017 ENGG 5383 Applied Cryptography 2/21
![Page 3: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/3.jpg)
§ From Greek: “kryptos” (secret) and “grapho” (writing) § Originally, the “art” of “secret writing” § You don’t know how to read § You don’t know how to write § Control access (learning & influencing) to “information” § So, only cipher/encryption and (digital) signature? § Much more!
What is Cryptography?
6th, September, 2017 ENGG 5383 Applied Cryptography 3/21
![Page 4: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/4.jpg)
§ Data is always under transmission § Internet/cloud storage § Outsourcing computation/storage § 500 million Facebook users § 2 billion Internet users § Everyone’s data is digitalized!
§ personal info., credit card, health record, etc.
Why study Cryptography?
6th, September, 2017 ENGG 5383 Applied Cryptography 4/21
![Page 5: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/5.jpg)
§ Many massive security breaches § E.g., PlayStations got hacked (April 2011)
§ Sony said that the credit card numbers were encrypted, but the hackers might have made it into the main database [CNN]
§ Weakest link
Data Confidentiality
6th, September, 2017 ENGG 5383 Applied Cryptography 5/21
![Page 6: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/6.jpg)
§ Conflict of interests § R&D, insider info, strategic plan § Government agencies
§ The Law § Medical records (HIPAA)
§ Health Insurance Portability & Accountability Act
§ Financial records (SOX) § Sarbanes–Oxley Act
I have faith. Why can’t I trust in them?
6th, September, 2017 ENGG 5383 Applied Cryptography 6/21
![Page 7: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/7.jpg)
§ Data is stored in more than one server § Trusting all servers / insiders / other tenants
§ Relying on the server for access control § Horizontal or vertical privilege escalation
§ A company have many employees § Careless/Cheating employees
§ Encryption (number-theoretic assumptions?)
What are you trusting?
6th, September, 2017 ENGG 5383 Applied Cryptography 7/21
![Page 8: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/8.jpg)
§ Definitions & Constructions of many “Crypto. Objects” § What are the algorithms involved? § How to define the security properties? § How to design objects that satisfy them? § How to prove that the definitions are satisfied?
What this course is about
6th, September, 2017 ENGG 5383 Applied Cryptography 8/21
![Page 9: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/9.jpg)
§ Graduate class § Self-motivation to learn is important!
§ Mathematically inclined § No advanced Math. background is assumed § However, “mathematical maturity” is expected
§ comfortable with mathematical proof techniques
§ Knowledge of Basic Probability § Knowledge of Basic Concepts about Algorithms § A quick review of Number Theory will be given
§ Covered as many tools as possible for your own problem
Nature of this course
6th, September, 2017 ENGG 5383 Applied Cryptography 9/21
![Page 10: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/10.jpg)
§ We construct systems that are practical and efficient. § Found applications in various domains:
§ Cloud computing § Database
§ Searchable encryption § Distributed system
§ Electronic Cash, Bitcoin § Electronic Voting
§ Electronic Healthcare § Access Control of Patient Record § Outsourcing / Privacy-Preserving Pattern Matching
§ Power grid § Vehicular Ad-Hoc Network (VANET) § etc.
Applied Cryptography
6th, September, 2017 ENGG 5383 Applied Cryptography 10/21
![Page 11: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/11.jpg)
§ How to make your computer “secure” § How to deploy a secure system § How to crack a password-protected account
§ How to implement HTTPS, SSH, SSL/TLS, IPsec, etc. § What caused the Java 7 vulnerabilities
§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function, pseudorandom number generator, AES, etc
What this course is not about
6th, September, 2017 ENGG 5383 Applied Cryptography 11/21
![Page 12: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/12.jpg)
§ You know a suites of cryptographic tools for your problem. § You know what you are talking about when you are saying
“an (encryption) scheme XXX is secure”. § You can make sense out of a specification of cryptographic
scheme and should be able to program it. § You can “cryptanalyze” a cryptographic scheme.
§ Hopefully, your implementation will be free from any silly mistake.
§ Be interested in cryptography!
Course outcome
6th, September, 2017 ENGG 5383 Applied Cryptography 12/21
![Page 13: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/13.jpg)
Is thriving as a scientific area of research: § Taught at most major universities § Attracts many excellent students § Discussed at many conferences § Published in hundreds of papers (e.g., http://eprint.iacr.org) § Major conferences have >500 attendees
§ (Major trade shows have >10,000 attendees)
§ Received the ultimate seal of approval from the CS community § Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman, 2002 § Silvio Micali and Shafi Goldwasser, 2012 § // Lesile Lamport (distributed system, designed Lamport signature), 2013
Crypto. as a scientific discipline [Shamir]
6th, September, 2017 ENGG 5383 Applied Cryptography 13/21
![Page 14: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/14.jpg)
§ IACR Flagship Conferences: Crypto, EuroCrypt, AsiaCrypt § IACR Specialist Conferences:
§ CHES (Cryptographic Hardware and Embedded Systems) § FSE (Fast Software Encryption) § PKC (Public Key Cryptography) § TCC (Theory of Cryptography Conference)
§ Conferences in Cooperation with IACR (e.g.:) AfricaCrypt, LatinCrypt, MyCrypt, Selected Areas in Cryptography (SAC), InsCrypt (China), Financial Crypt., Post Quantum Crypt.
§ Others: ACISP, ACNS, ACSW-AISC, CANS, CT-RSA, ECC, EuroPKI, ICICS, ICITS, ICISC, IndoCrypt, ISC, ISPEC, SCN, Pairing,
ProvSec, Qcrypt, SCIS, SEC, SEcrypt, WISA, …
Cryptographic Conferences
6th, September, 2017 ENGG 5383 Applied Cryptography 14/18
![Page 15: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/15.jpg)
§ Security § ACM Conf. on Computer and Communications Security (CCS) § IEEE Security & Privacy (S&P/”Oakland”) § Usenix Security § ISOC Network and Distributed System Security (NDSS) § ESORICS, EuroS&P, PETS, WiSec, SACMAT, …
§ Network/System § IEEE Infocom § IEEE Intl. Conf. on Distributed Computing Systems (ICDCS) § ACM Principles of Distributed Computing (PODC)
§ Theory § IEEE Foundations of Computer Science (FOCS) § ACM Symposium on Theory of Computing (STOC) § ACM Conf. on Innovations in Theoretical Computer Science (ITCS)
Other Conferences with Crypto. Papers
6th, September, 2017 ENGG 5383 Applied Cryptography 15/21
![Page 16: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/16.jpg)
§ 2 written assignments: 40% § An (in-class open-note) mid-term exam: 20% § (Group-)Project with report and presentation: 40%
§ Implementation / Survey § Cryptanalysis § Proposing new cryptosystem! § (2-Man Group/Individual: Depending on the final class size)
Tentative Assessment
6th, September, 2017 ENGG 5383 Applied Cryptography 16/21
![Page 17: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/17.jpg)
§ 02: 14.09 § (Definitions and Primitives for) Public-Key Encryption (PKE)
§ 03: 21.09 § Hash Function, and Digital Signatures § [Homework 1 assigned]
§ 04: 28.09 § Security Proof and Random Oracle Model § [Homework 2 assigned]
§ 05: 05.10 § “More Secure” and “Fancier” Cryptosystems (Encryption/Signatures)
§ 06: 12.10 § Secret Sharing, Zero-Knowledge Proof, Privacy-Enhancing Cryptography
Tentative Schedule (1)
6th, September, 2017 ENGG 5383 Applied Cryptography 17/21
![Page 18: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/18.jpg)
§ 07: 19.10 [Mid-Term] § 08: 26.10 Searchable Encryption § 09: 02.11 Pairing-Based Cryptography § 10: 09.11 Anonymous Credentials § 11: 16.11 Advanced Topics
§ E.g.: proof of storage, computing on encrypted data, etc.
§ 12: 23.11 [Presentations] § 13: 30.11 [Presentations]
Tentative Schedule (2)
6th, September, 2017 ENGG 5383 Applied Cryptography 18/21
![Page 19: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/19.jpg)
§ There is no required textbook for the course. § Recommended textbook
§ Modern Cryptography: Theory and Practice by Wenbo Mao
§ Many online resources § Handbook of Applied Cryptography
§ http://cacr.uwaterloo.ca/hac
§ A Computational Intro. to Number Theory and Algebra § http://shoup.net/ntb
§ “Lecture Notes on Cryptography” § http://cseweb.ucsd.edu/users/mihir/papers/gb.html
Textbooks
6th, September, 2017 ENGG 5383 Applied Cryptography 19/21
![Page 20: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/20.jpg)
§ Brown University § Massachusetts Institute of Technology § New York University § Stanford University § University of California, Berkeley § University of Maryland § University of Texas, Austin § University of Toronto § University of Waterloo § Etc.
Similar/ Related Courses Worldwide
6th, September, 2017 ENGG 5383 Applied Cryptography 20/21
![Page 21: ENGG 5383 Applied Cryptography - Dept. of IE, CUHK Staff ...smchow/5383/5383-17F-0-Admin.pdf§ We do not discuss cryptanalysis of “symmetric-key” primitives § E.g., hash function,](https://reader034.fdocuments.in/reader034/viewer/2022052408/5f0ac8f27e708231d42d544a/html5/thumbnails/21.jpg)
§ Do your reading § No plagiarism
§ at the very least, you need paraphrasing
§ Work independently § discussion is allowed, but write your own solution
§ Any questions?
Class Policy
7th, September, 2015 ENGG 5383 Applied Cryptography 21/21