Introduction: Basic Principles
Carla Ràfols
CS2425 - Session 1a
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 1 / 16
This course...
Introduction to cryptographic algorithms, including:
Most widely used and deployed ones;
Give tools to reason about security;
Understand basic design principles.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 2 / 16
Cryptography IS
kryptos + graphein = hidden writing
Modern cryptography involves the study of mathematical/algorithmic
techniques for securing digital information, systems and distributed
computations against adversarial attacks.
Originally more focus on military aspects, it is everywhere: pwds, online
shopling, download updates for your OS, cryptocurrencies.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 3 / 16
Cryptography is NOT:
the solution to all security problems;
reliable unless implemented and used properly;
something that you should try to invent yourself, as there are many and many
examples of broken ad-hoc designs.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 4 / 16
What is Security?
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 5 / 16
What is Security?
In many everyday situations, there are ”physical ways”to ensure ”security”.
(a) Voting;
(b) Signing a document;
(c) Locking houses, bikes, etc;
(d) Playing Roulette or Bingo, lottery;
(e) Auctions;
(f) Public Record, ...
Security = means different things in different contexts, usually we have in
mind some “model” of something that should be impossible to do.
Cryptographic Algorithms allow to construct digital analogues of these
”protocols”, sometimes even with stronger security guarantees.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 6 / 16
An example: The bikeshop
We can get inspiration from the physical world to reason about security:
Is this bike secure?
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 7 / 16
An example: The bikeshop
Secure=“bike cannot be stolen”but, for example, bike could be destroyed.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 8 / 16
An example: The bikeshop
Secure=“bike cannot be stolen”but, for example, bike could be destroyed.
Secure = secure against attackers with certain objectives.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 8 / 16
An example: The bikeshop
Secure=“bike cannot be stolen”but, for example, bike could be destroyed.
Secure = secure against attackers with certain objectives.
Security is relative to the resources of the adversary and more security is
expensive;
We assume the attacker (thief) knows how the locks work.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 8 / 16
An example: The bikeshop
Secure=“bike cannot be stolen”but, for example, bike could be destroyed.
Secure = secure against attackers with certain objectives.
Security is relative to the resources of the adversary and more security is
expensive;
We assume the attacker (thief) knows how the locks work.
The advantage of the honest party (owner) is the key, that makes a difficult
problem (opening a lock) easy;
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 8 / 16
Security in the Digital World
Key = secret, random information;
For honest parties it should be easy to do something that is hard to do for
attackers.
Difficult/ easy = not efficient/ efficient;
Resources = computational power ⇒ money.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 9 / 16
Basic Principles of Cryptography
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 10 / 16
Basic Principles
1 P1: Randomness is crucial.
2 P2: Security is relative to the computational resources of the adversary.
3 P3: Kerchkoffs Principle or No Security by Obscurity.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 11 / 16
Basic Principle 1
The key is secret and an attacker cannot guess it.
Assumption: there are too many possibilities for the key.
The key must be sufficiently random!
Randomness plays a crucial role in cryptography.
Basic Principle 1: Randomness is crucial.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 12 / 16
An easy way to program random
numbers by xkcd comics :-)
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 13 / 16
Basic Principle 2
How much time does it take in the worst case to find a password if:
(a) The password is a 4 numbers.
(b) The password is a 12 English Letters or numbers.
Security depends on how much computational effort we assume the adversary
can do or is willing to do.
For example, it is not rational for an adversary to invest millions to break the
security of an RFID tag.
For simplicity, we do not assume adversaries to be rational and we just say
that a protocol is secure if no efficient attacks are known.
Basic Principle 2: Security is relative to the computational resources of the
adversary.
To simplify, we say that a cryptographic algorithm is secure if no efficient attacks
are known.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 14 / 16
Basic Principle 3: Kerchkoffs principle
No Security by Obscurity
Kerckhoffs’ principle: assume that the attacker knows how the algorithms
work, he just does not have the key;
(Kerchkoff’s Principle, 1883): Design your cryptographic schemes to be secure
against an attacker that knows how they work.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 15 / 16
No Security By Obscurity
Kerckhoffs’ principle is understood as fostering that cryptographic designs be
made completely public in contrast to the notion of “security by obscurity”
which suggests that keeping algorithms secret improves security.
Lessons:
very dangerous to use a proprietary, “home-brewed” algorithm;
published designs undergo public review and are therefore likely to be stronger.
Carla Ràfols Introduction to Cryptography and Security CS2425 - Session 1a 16 / 16