Views
5 years ago

# x - Faculty of Computer Science - Technische Universität Dresden

x - Faculty of Computer Science - Technische Universität Dresden

## Diffie-Hellman (DH)

Diffie-Hellman (DH) assumption: Diffie-Hellman assumption Given p, g, g x mod p and g y mod p Calculating g xy mod p is difficult. DH assumption is stronger than the discrete logarithm assumption • Able to calculate discrete Logs � DH is broken. Calculate from p, g, g x mod p and g y mod p either x or y. Calculate g xy mod p as the corresponding partner of the DH key agreement. • Until now it couldn’t be shown: Using p, g, g x mod p, g y mod p and g xy mod p either x or y can be calculated. 252

Find a generator in cyclic group Z p * Find a generator of a cyclic group Z p * Factor p -1 =: p 1 e 1 � p 2 e 2 � . . . � p k e k 1. Choose a random element g in Z p * 2. For i from 1 to k: p -1 p i b := g mod p If b =1 go to 1. 253

• Page 1 and 2:

Security in Computer Networks Multi

• Page 3 and 4:

Areas of Teaching and Research •

• Page 5 and 6:

5/48 Examples of changes w.r.t. ano

• Page 7 and 8:

The massmedia „newspaper“ will

• Page 9 and 10:

Multimedia Forensics

• Page 11 and 12:

Multimedia Forensics

• Page 13 and 14:

Areas of Teaching and Research •

• Page 15 and 16:

15 General Aims of Education in IT-

• Page 17 and 18:

General Aims of Education in IT-sec

• Page 19 and 20:

General Aims of Education in IT-sec

• Page 21 and 22:

…but no this way! First stupid an

• Page 23 and 24:

Aims of Education: Offers by other

• Page 25 and 26:

3 Cryptographic basics Table of Con

• Page 27 and 28:

History of Communication Networks (

• Page 29 and 30:

Important Terms computers interconn

• Page 31 and 32:

threats: Threats and corresponding

• Page 33 and 34:

confidentiality integrity availabil

• Page 35 and 36:

commands universal universal Trojan

• Page 37 and 38:

Which protection measures against w

• Page 39 and 40:

money time Considered maximal stren

• Page 41 and 42:

Strength of the attacker (model) At

• Page 43 and 44:

• Page 45 and 46:

Why should I protect myself... ? ..

• Page 47 and 48:

Previously on Security and Cryptogr

• Page 49 and 50:

Multilateral security (2nd version)

• Page 51 and 52:

Prevent the unintended Achieve the

• Page 53 and 54:

Protection Goals: Definitions Confi

• Page 55 and 56:

Correlations between protection goa

• Page 57 and 58:

Physical security assumptions Each

• Page 59 and 60:

Shell-shaped arrangement of the fiv

• Page 61 and 62:

Golden rule Correspondence between

• Page 63 and 64:

• Page 65 and 66:

• Page 67 and 68:

Identification of IT-systems by IT-

• Page 69 and 70:

• Page 71 and 72:

One-way functions - cryptographic h

• Page 73 and 74:

MD5 Hash in the Wild • United Sta

• Page 75 and 76:

mission statement:= “USCYBERCOM p

• Page 77 and 78:

• Page 79 and 80:

• Page 81 and 82:

• main idea: Cryptanalytic Time -

• Page 83 and 84:

• 2 nd example - breaking of PINs

• Page 85 and 86:

• Page 87 and 88:

• Page 89 and 90:

• Page 91 and 92:

• Page 93 and 94:

• Page 95 and 96:

• Page 97 and 98:

• Page 99 and 100:

• Page 101 and 102:

• OTP Implementations - hash chai

• Page 103 and 104:

Biometrics: Physiological / Behavio

• Page 105 and 106:

• Enrolment phase: • Verificati

• Page 107 and 108:

• Pros: Biometrics: Pros and Cons

• Page 109 and 110:

• Pros: Biometrics: Pros and Cons

• Page 111 and 112:

• Pros: Biometrics: Pros and Cons

• Page 113 and 114:

ROC Curve and Security Problems of

• Page 115 and 116:

Enhanced Security: Multi-biometric

• Page 117 and 118:

Computer virus vs. transitive Troja

• Page 119 and 120:

Further problems 1. Specify exactly

• Page 121 and 122:

Aspects of distribution Distributed

• Page 123 and 124:

Availability Infrastructure with th

• Page 125 and 126:

more detailed notation Symmetric en

• Page 127 and 128:

Key exchange using symmetric encryp

• Page 129 and 130:

more detailed notation Domain of tr

• Page 131 and 132:

more detailed notation Symmetric au

• Page 133 and 134:

Key distribution using digital sign

• Page 135 and 136:

Whom are keys assigned to? Comments

• Page 137 and 138:

severity a) passive a1) ciphertext-

• Page 139 and 140:

• Page 141 and 142:

Grundlagen - Sicherheit kryptograph

• Page 143 and 144:

security information theoretic acti

• Page 145 and 146:

Hybrid cryptosystems (2) Even more

• Page 147 and 148:

Information-theoretically secure en

• Page 149 and 150:

ciphertext S 00 01 10 11 equally di

• Page 151 and 152:

154 Keys have to be very long for i

• Page 153 and 154:

Definition for information-theoreti

• Page 155 and 156:

Another definition for information-

• Page 157 and 158:

Symmetric authentication systems (2

• Page 159 and 160:

• Page 161 and 162:

clear: in NP � but difficulty can

• Page 163 and 164:

Search of prime numbers (1) 1. Are

• Page 165 and 166:

Z n : ring of residue classes mod n

• Page 167 and 168:

Calculating with and without p,q (3

• Page 169 and 170:

Compose ? Calculating with and with

• Page 171 and 172:

Calculating with and without p,q (7

• Page 173 and 174:

Calculating with and without p,q (9

• Page 175 and 176:

Calculating with and without p,q (1

• Page 177 and 178:

Calculating with and without p,q (1

• Page 179 and 180:

Calculating with and without p,q (1

• Page 181 and 182:

184 The s 2 -mod-n-Pseudo-random Bi

• Page 183 and 184:

s 2 -mod-n-generator as symmetric e

• Page 185 and 186:

s 2 -mod-n-generator as asymmetric

• Page 187 and 188:

Security of the s 2 -mod-n-generato

• Page 189 and 190:

Security of PBGs more precisely (1)

• Page 191 and 192:

Security of PBGs more precisely (3)

• Page 193 and 194:

constructive proof often Scheme of

• Page 195 and 196:

Alg.2: has to demand uniformity Why

• Page 197 and 198: GMR - signature system (2) Construc
• Page 199 and 200: To factor is difficult (1) Theorem:
• Page 201 and 202: Solution of problem 1 (1) Tree of r
• Page 203 and 204: Note In the proof you dispose the
• Page 205 and 206: Key generation 1) Choose two prime
• Page 207 and 208: Proof (2) Holds, of course, for m
• Page 209 and 210: secret area plaintext x random numb
• Page 211 and 212: secret area text with signature and
• Page 213 and 214: ( x s ) Attack on digital signature
• Page 215 and 216: Active Attack of Davida against RSA
• Page 217 and 218: secret area plaintext x random numb
• Page 219 and 220: Faster calculation of the secret op
• Page 221 and 222: 64-bit block plaintext L 0 IP round
• Page 223 and 224: L i-1 L i = R i-1 Decryption Why do
• Page 225 and 226: Generation of a key for each of the
• Page 227 and 228: L i-1 One round complement compleme
• Page 229 and 230: Generalization of DES 1.) 56 � 16
• Page 231 and 232: e.g. 64 bits with DES ECB Main prob
• Page 233 and 234: Cipher Block Chaining (CBC) All lin
• Page 235 and 236: � plaintext block n memory for ci
• Page 237 and 238: Block length a Length of the output
• Page 239 and 240: shift register 1 b CFB for authenti
• Page 241 and 242: Plain Cipher Block Chaining (PCBC)
• Page 243 and 244: Utilization of indeterministic bloc
• Page 245 and 246: Diffie-Hellman key agreement (1) pr
• Page 247: andom number 1 Domain of trust secr
• Page 251 and 252: x, s(x), “pass” or “fail” r
• Page 253 and 254: Signature system for blindly provid
• Page 255 and 256: Reconstruction of the secret: Thres
• Page 257 and 258: adio television videophone phone in
• Page 259 and 260: adio television videophone phone in
• Page 261 and 262: Since about 1990 reality Video-8 ta
• Page 263 and 264: Problems with exchanges Unsolved pr
• Page 265 and 266: Questions: Attacker (-model) • Ho
• Page 267: Questions: Attacker (-model) • Ho
faculty of computer science - Fakultät Informatik - Technische ...
Slides - Technische Universität Dresden
Optimierung und Frustration: - Technische Universität Dresden
Statistics beyond Physics - Technische Universität Dresden
Graphs - Www-st.inf.tu-dresden.de - Technische Universität Dresden
OCL By Example Lecture - Technische Universität Dresden
2. Mobile Internet - Faculty of Computer Science - Technische ...
3. Mobile Internet - Faculty of Computer Science - Technische ...
4. Context Awareness - Faculty of Computer Science - Technische ...
Talk - Technische UniversitÃ¤t Dresden
3. Adaptation - Faculty of Computer Science - Technische ...
5. Adaptation - Faculty of Computer Science - Technische ...
02 - Technische UniversitÃ¤t Dresden
Wiki Event Navigation - Computer Networks - Technische Universität ...
Content Sharing - Technische UniversitÃ¤t Dresden
7. Location-based Se.. - Faculty of Computer Science - Technische ...
SAP AG - Faculty of Computer Science
6. Context Awareness - Faculty of Computer Science - Technische ...
Computer Science and Engineering - Technische Universiteit ...
5. Location-based Se.. - Faculty of Computer Science - Technische ...
Folie 1 - Faculty of Computer Science
First Presentation - Faculty of Computer Science
Folie 1 - Faculty of Computer Science
Folie 1 - Faculty of Computer Science
X - Technische Universität Dresden
X - Technische Universität Dresden
diplomarbeit - Computer Networks - Technische Universität Dresden
Technische Universität Dresden - Computer Networks - Technische ...
M - Technische Universität Dresden
TRANSCRIPT OF RECORDS - Technische Universität Dresden