Professional Documents
Culture Documents
Pascal Lafourcade
2009
pascal.lafourcade@imag.fr
1 / 52
Security and Cryptography just by images
Motivations
Applications
2 / 52
Security and Cryptography just by images
Motivations
Secrecy or Confidentiality
Secret
3 / 52
Security and Cryptography just by images
Motivations
Secrecy or Confidentiality
Secret
Intruder
3 / 52
Security and Cryptography just by images
Motivations
Secrecy or Confidentiality
Secret
Intruder
3 / 52
Security and Cryptography just by images
Motivations
Authentication
4 / 52
Security and Cryptography just by images
Motivations
5 / 52
Security and Cryptography just by images
Motivations
6 / 52
Security and Cryptography just by images
Motivations
7 / 52
Security and Cryptography just by images
Motivations
Outline
Motivations
Two Examples
History of Cryptography
Cryptographic Security Intuitions
Logical Attacks
Interactive Zero Knowledge Proofs
Secret Sharing
Conclusion
8 / 52
Security and Cryptography just by images
Two Examples
Outline
Motivations
Two Examples
History of Cryptography
Cryptographic Security Intuitions
Logical Attacks
Interactive Zero Knowledge Proofs
Secret Sharing
Conclusion
9 / 52
Security and Cryptography just by images
Two Examples
Hash Functions
A hash function H takes as input a bit-string of any finite length
and returns a corresponding ’digest’ of fixed length.
H(Alice) = 6= H(Bob)
marion →
marine 9 ← laurence
11 / 52
Security and Cryptography just by images
Two Examples
12 / 52
Security and Cryptography just by images
History of Cryptography
Outline
Motivations
Two Examples
History of Cryptography
Cryptographic Security Intuitions
Logical Attacks
Interactive Zero Knowledge Proofs
Secret Sharing
Conclusion
13 / 52
Security and Cryptography just by images
History of Cryptography
Information hiding
14 / 52
Security and Cryptography just by images
History of Cryptography
Slave
15 / 52
Security and Cryptography just by images
History of Cryptography
Historical ciphers
16 / 52
Security and Cryptography just by images
History of Cryptography
◮ L oryh brx
17 / 52
Security and Cryptography just by images
History of Cryptography
17 / 52
Security and Cryptography just by images
History of Cryptography
17 / 52
Security and Cryptography just by images
History of Cryptography
17 / 52
Security and Cryptography just by images
History of Cryptography
18 / 52
Security and Cryptography just by images
History of Cryptography
A = {a, b}
H(a) = {00, 10}, and H(b) = {01, 11}.
Example
The plaintext ab encrypts to one of 0001, 0011, 1001, 1011.
19 / 52
Security and Cryptography just by images
History of Cryptography
A = {a, b}
H(a) = {00, 10}, and H(b) = {01, 11}.
Example
The plaintext ab encrypts to one of 0001, 0011, 1001, 1011.
19 / 52
Security and Cryptography just by images
History of Cryptography
m = THI SCI PHE RIS CER TAI NLY NOT SEC URE
then
Ee (m) = WOS VJS SOO UPC FLB WHS QSI QVD VLM XYO
20 / 52
Security and Cryptography just by images
History of Cryptography
21 / 52
Security and Cryptography just by images
History of Cryptography
21 / 52
Security and Cryptography just by images
History of Cryptography
21 / 52
Security and Cryptography just by images
History of Cryptography
Composite ciphers
◮ Ciphers based on just substitutions or transpositions are not
secure
◮ Ciphers can be combined. However . . .
◮ two substitutions are really only one more complex
substitution,
◮ two transpositions are really only one transposition,
◮ but a substitution followed by a transposition makes a new
harder cipher.
◮ Product ciphers chain
substitution-transposition combinations.
◮ Difficult to do by hand
invention of cipher machines.
22 / 52
Security and Cryptography just by images
History of Cryptography
23 / 52
Security and Cryptography just by images
History of Cryptography
m = 010111
◮ Example: k = 110010
c = 100101
◮ Unconditional (information theoretic) security, if key isn’t
reused!
◮ Problem? 23 / 52
Security and Cryptography just by images
History of Cryptography
m = 010111
◮ Example: k = 110010
c = 100101
◮ Unconditional (information theoretic) security, if key isn’t
reused!
◮ Problem? Securely exchanging and synchronizing long keys. 23 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
Outline
Motivations
Two Examples
History of Cryptography
Cryptographic Security Intuitions
Logical Attacks
Interactive Zero Knowledge Proofs
Secret Sharing
Conclusion
24 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
ECB vs Others
25 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
ECB vs Others
25 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
ECB vs Others
25 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
One-Wayness (OW)
Put your message in a translucid bag, but you cannot read the text.
26 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
One-Wayness (OW)
Put your message in a translucid bag, but you cannot read the text.
26 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
Is it secure ?
27 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
Is it secure ?
27 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
Is it secure ?
◮ you cannot read the text but you can distinguish which one
has been encrypted.
27 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
Indistinguishability (IND)
Put your message in a black bag, you can not read anything.
28 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
Is it secure?
29 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
Is it secure?
29 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
Is it secure?
29 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
But in a black box you cannot touch the cube (message), hence
NM implies IND.
30 / 52
Security and Cryptography just by images
Cryptographic Security Intuitions
Non Malleability
⇓
Indistinguishability
⇓
One-Wayness
31 / 52
Security and Cryptography just by images
Logical Attacks
Outline
Motivations
Two Examples
History of Cryptography
Cryptographic Security Intuitions
Logical Attacks
Interactive Zero Knowledge Proofs
Secret Sharing
Conclusion
32 / 52
Security and Cryptography just by images
Logical Attacks
33 / 52
Security and Cryptography just by images
Logical Attacks
33 / 52
Security and Cryptography just by images
Logical Attacks
Symbolic Model
Logical Attack
Perfect Encryption hypothesis
Needham-Schroeder Public Key Protocol (1978)
“Man in the middle attack” [Lowe’96] 33 / 52
Security and Cryptography just by images
Logical Attacks
Simple Example
{12h10}KB
34 / 52
Security and Cryptography just by images
Logical Attacks
Simple Example
{12h10}KB {12h10}KB
34 / 52
Security and Cryptography just by images
Logical Attacks
Simple Example
{12h10}KB {12h10}KB
Day After
{11h45}KB {12h10}KB
34 / 52
Security and Cryptography just by images
Logical Attacks
Simple Example
{12h10}KB {12h10}KB
Day After
{11h45}KB {12h10}KB
34 / 52
Security and Cryptography just by images
Logical Attacks
35 / 52
Security and Cryptography just by images
Logical Attacks
{A, NA }KB
36 / 52
Security and Cryptography just by images
Logical Attacks
{A, NA }KB
{NA , NB }KA
36 / 52
Security and Cryptography just by images
Logical Attacks
{A, NA }KB
{NA , NB }KA
{NB }KB
36 / 52
Security and Cryptography just by images
Logical Attacks
{A, NA }KB
{NA , NB }KA
{NB }KB
Question
36 / 52
Security and Cryptography just by images
Logical Attacks
{NA , NB }KA
{NB }KB
Question
Answer
◮ In 1995, G.Lowe find an attack 17 years after its publication! 36 / 52
Security and Cryptography just by images
Logical Attacks
A −→ B : {A, Na }KB
B −→ A : {Na , Nb }KA
A −→ B : {Nb }KB
37 / 52
Security and Cryptography just by images
Logical Attacks
{A, Na }KI
• A −→ B : {A, Na }KB
B −→ A : {Na , Nb }KA
A −→ B : {Nb }KB
37 / 52
Security and Cryptography just by images
Logical Attacks
• A −→ B : {A, Na }KB
B −→ A : {Na , Nb }KA
A −→ B : {Nb }KB
37 / 52
Security and Cryptography just by images
Logical Attacks
A −→ B : {A, Na }KB
• B −→ A : {Na , Nb }KA
A −→ B : {Nb }KB
37 / 52
Security and Cryptography just by images
Logical Attacks
A −→ B : {A, Na }KB
• B −→ A : {Na , Nb }KA
A −→ B : {Nb }KB
37 / 52
Security and Cryptography just by images
Logical Attacks
A −→ B : {A, Na }KB
B −→ A : {Na , Nb }KA
• A −→ B : {Nb }KB
37 / 52
Security and Cryptography just by images
Logical Attacks
A −→ B : {A, Na }KB
B −→ A : {Na , Nb }KA
• A −→ B : {Nb }KB
37 / 52
Security and Cryptography just by images
Logical Attacks
{A, NA }KB
38 / 52
Security and Cryptography just by images
Logical Attacks
{A, NA }KB
{NA , NB , B}KA
38 / 52
Security and Cryptography just by images
Logical Attacks
{A, NA }KB
{NA , NB , B}KA
{NB }KB
38 / 52
Security and Cryptography just by images
Logical Attacks
{A, NA }KB
{NA , NB , B}KA
{NB }KB
Question
38 / 52
Security and Cryptography just by images
Interactive Zero Knowledge Proofs
Outline
Motivations
Two Examples
History of Cryptography
Cryptographic Security Intuitions
Logical Attacks
Interactive Zero Knowledge Proofs
Secret Sharing
Conclusion
39 / 52
Security and Cryptography just by images
Interactive Zero Knowledge Proofs
40 / 52
Security and Cryptography just by images
Interactive Zero Knowledge Proofs
41 / 52
Security and Cryptography just by images
Interactive Zero Knowledge Proofs
At last, Peggy returns along the desired path (using the secret if
necessary).
42 / 52
Security and Cryptography just by images
Secret Sharing
Outline
Motivations
Two Examples
History of Cryptography
Cryptographic Security Intuitions
Logical Attacks
Interactive Zero Knowledge Proofs
Secret Sharing
Conclusion
43 / 52
Security and Cryptography just by images
Secret Sharing
Secret Sharing
44 / 52
Security and Cryptography just by images
Secret Sharing
Secret Sharing
44 / 52
Security and Cryptography just by images
Secret Sharing
1234567
45 / 52
Security and Cryptography just by images
Secret Sharing
1234567
1234567
1234567
1234567
1234567
1234567
1234567
46 / 52
1234567
Security and Cryptography just by images
Secret Sharing
1234567
1234567
1234567
1234567
1234567
11567
734567
534567
934567
563317
114567
47 / 52
455567
Security and Cryptography just by images
Secret Sharing
11567
734567
534567
934567
563317
(2,5)
48 / 52
Security and Cryptography just by images
Secret Sharing
(3,5)
49 / 52
Security and Cryptography just by images
Conclusion
Outline
Motivations
Two Examples
History of Cryptography
Cryptographic Security Intuitions
Logical Attacks
Interactive Zero Knowledge Proofs
Secret Sharing
Conclusion
50 / 52
Security and Cryptography just by images
Conclusion
Summary
Today
◮ Motivation
◮ History of Cryptography
◮ Securities notions
◮ Logical attacks
◮ Zero - knowledge
◮ Secret Sharing
51 / 52
Security and Cryptography just by images
Conclusion
Questions ?
pascal.lafourcade@imag.fr
52 / 52