Trance-0/NoteNextra-origin
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Trance-0
2026-01-27 11:58:32 -06:00
parent eead5b6458
commit 52e69f9340
4 changed files with 196 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
content/CSE4303/CSE4303_L5.md Normal file
View File

@@ -0,0 +1,80 @@
# CSE4303 Introduction to Computer Security (Lecture 5)
## Cryptography: Foundations
### Definitions
Cryptography is the study of techniques that enable secure communication and computation in the presence of adversaries, by providing formal guarantees such as confidentiality, integrity, and authenticity.
Cryptanalysis is the study of techniques for breaking cryptographic systems, by recovering secret information or violating security guarantees without knowing the secret key
### Background: security guarantee
- Well-defined statement about difficulty of compromising a system
- ...with clear implicit or explicit assumptions about:
- Parameters of the system
- Threat model
- Attack surfaces
- Example: "A one-time pad cipher is secure against any cryptanalysis, including a brute-force attack, assuming:
- the key is the same length as the plaintext,
- the key is truly random, and
- the key is never re-used.
- Example: "Given that keys remain uncompromised (by human error, side channel, etc.), recovering an RSA private key from a given public key is at least as hard as integer factorization."
- I.e. we can reduce RSA to integer factorization.
- Note: correct implementation is not guaranteed!
- Non-example: "This app is secure."
- Empty claim: what does it mean?
### Overview: Encryption and Decryption
- The message m is called the plaintext.
- Alice will convert plaintext m to an encrypted form using an encryption algorithm E that outputs a ciphertext c for m
#### Cryptography goals
- Confidentiality:
- Mallory and Eve cannot recover original message from ciphertext
- Integrity:
- Mallory cannot modify message from Alice to Bob without detection
by Bob
- Authenticity:
- Mallory cannot craft a message that Bob would accept as coming from Alice
#### Cryptosystem compoents
1. The set of possible plaintexts (M)
2. The set of possible ciphertexts (C)
3. The set of encryption keys (K)
4. The set of decryption keys (usually K as well)
5. The correspondence between encryption keys and decryption
keys
6. The encryption algorithm to use (E)
7. The decryption algorithm to use (D)
#### Symmetric ciphers:
A cipher defined over $(K,M,C)$ is a pair of efficient algorithms $(E,D)$ where $E: K\times M\to C$ and $D: K\times C \to M$
Correctness Property:
$\forall m\in M, \exists k\in K$, $E(k,m) = c\in C$, and $D(k,c) = m$
- $D$ and $E$ are often efficient (polynomial time | concrete time)
- $E$ is encryption, often randomized.
- $D$ is decryption, always deterministic.
#### Threat models
Attackers may have:
- collection of ciphertexts (ciphertext-only attack)
- collection of plaintext/ciphertext pairs (known plaintext attack: KPA )
- collection of plaintext/ciphertext pairs for plaintexts selected by the attacker (chosen plaintext attack: CPA )
- collection of plaintext/ciphertext pairs for ciphertexts selected by the attacker (chosen ciphertext attack: CCA/CCA2 )
### Symmetric (shared-key) encryption
Refer to this lecture notes
[CSE442T Lecture 1](https://notenextra.trance-0.com/CSE442T/CSE442T_L1/)