University of Virginia, Department of Computer ScienceCS588: Cryptology - Principles and Applications, Fall 2001 |

Manifest: Wednesday 19 September 2001

Assignments DueBefore 21 SeptemberEmail or talk to me about your project topic ideas Wednesday, 26 SeptemberProblem Set 2 Monday, 1 OctoberProjects Preliminary Proposal

Readings

R.L. Rivest, A. Shamir, L. Adleman.

A Method for Obtaining Digital Signatures and Public-Key Cryptosystems, 1978. - This is the original RSA paper, perhaps the most important paper in any field in the last 30 years. You should read it in the Rotunda or a lawn garden.

Code Book, Chapter 6

[optional] Whitfield Diffie and Martin Hellman.

New Directions in Cryptography, 1976. (This is a PDF conversion of an optical scan, hence all the language problems.)

Diffie-Hellman Key Agreement

- Choose public numbers:
q(large prime number),α(primitive root ofq)- A generates random X
_{A}and sends B: Y_{A}= α^{XA}modq.- B generates random X
_{B}and sends A: Y_{B}= α^{XB}modq.- A calculates secret key: K = (Y
_{B})^{XA}modq.- B calculates secret key: K = (Y
^{A})^{XB}modq.Transmitted in clear:

q,α, Y_{A}= α^{XA}modq, Y_{B}= α^{XB}modq.

Only A knows: X_{A}. Only B knows: X_{B}.

Primitive Rootα is a primitive root ofSame Keys are Generated:qif for all 1 ≤n<q, there is somem, 1 ≤m<qsuch that α^{m}=nmodqK = (Y_{B})^{XA}modq= (Y^{A})^{XB}modq.(Y

_{B})^{XA}modq

= (α^{XB}modq)^{XA}modq

= α^{XBXA}modq

= α^{XAXB}modq

(Y

_{A})^{XB}modq

= (α^{XA}modq)^{XB}modq

= α^{XAXB}modq

Links

- Prophet of Privacy, Wired Magazine Feature on Whitfield Diffie. November 1994.
- Diffie-Hellman Key Exchange - A Non-Mathematician's Explanation
- Whitfield Diffie and Susan Landau, Privacy on the Line: The Politics of Wiretapping and Encryption, 1998.
- New York Times article on history of public-key cryptography, December 24, 1997.
- Ellis, Cocks and Williamson's original memos on non-secret encryption
Questions

- Why is key distribution important?
- What are some ways to distribute secret keys?
- How does Diffie-Hellman key agreement work?
- What does its security depend on?
Useful Proof Methods

Proof by intimidation: "Trivial" or "obvious."

Proof by exhaustion: An issue or two of a journal devoted to your proof is useful.

Proof by omission: ``The reader may easily supply the details'', ``The other 253 cases are analogous''

Proof by obfuscation: A long plotless sequence of true and/or meaningless syntactically related statements.

Proof by funding: How could three different government agencies be wrong?

Proof by lack of funding: How could anything funded by those bozos be correct?

Proof by democracy: A lot of people believe it's true: how could they all be wrong?

Proof by reference to inaccessible literature: The author cites a simple corollary of a theorem to be found in a privately circulated memoir of the Icelandic Philological Society, 1883. This works even better if the paper has never been translated from the original Icelandic.

Proof by forward reference: Reference is usually to a forthcoming paper of the author, which is often not as forthcoming as at first.

Proof by flashy graphics: A moving sequence of shaded, 3D color models will convince anyone that your object recognition algorithm works. An SGI workstation is helpful here.

Proof by vehement assertion: It is useful to have some kind of authority relation to the audience, so this is particularly useful in classroom settings.

Proof by vigorous handwaving: Works well in a classroom, seminar, or workshop setting.

Proof by cumbersome notation: Best done with access to at least four alphabets, special symbols, and the newest release of LaTeX.

Proof by lack of space: "The proof is not detailled due to lack of space in this proceedings..." works well in conjunction with proof by forward reference.

Selected from

http://www.ai.sri.com/~luong/research/proof.html.

None of these proof methods are suggested in your CS588 problem sets or exams.

University of Virginia Department of Computer Science CS 588: Cryptology - Principles and Applications |
David Evansevans@cs.virginia.edu |