YALE UNIVERSITY
DEPARTMENT OF COMPUTER SCIENCE
| CPSC 467a: Cryptography and Computer Security | Handout #9 |
Professor M. J. Fischer | | October 22, 2006 |
|
|
|
|
Study Guide for Midterm Examination
1 Exam Coverage
The midterm examination will cover the topics of the first 13 lectures of the course (through October 19).
These topics are presented in several different formats:
- In-person class lectures.
- Written lecture notes, available on the course web site.
- Written handouts, available on the course web site. I especially recommend handout 4 for
reviewing number theory.
- Textbook (Trappe and Washington), relevant sections from chapters 1–4, 6, 7, 15.
- Supplementary textbook (Talbot and Welsh), sections 4.3, 5.1–5.3, 7.3, 7.4, 7.6, 7.7, 9.3.
- Other resources available in the library and on the web.
- Problem sets and solutions.
2 Review Outline
Below I give a list of topics, concepts, definitions, theorems, algorithms, and protocols that we have
covered and that I expect you to know. This list is not inclusive, as I’m sure I have missed some
things.
- Secret-message transmission problem.
- Model.
- Alice.
- Bob.
- Eve (passive eavesdropper).
- Mallory (active eavesdropper).
- Plaintext.
- Ciphertext.
- Key.
- Encryption function.
- Decryption function.
- Attacks.
- Known plaintext.
- Chosen plaintext.
- Known ciphertext.
- Chosen ciphertext.
- Breaking system.
- Finding key.
- Decrypting ciphertext.
- Extracting partial information from ciphertext.
- Information security in the real world.
- Classical cryptography.
- Cryptosystems.
- Caeser cipher.
- One-time pad.
- Simple XOR system.
- Monoalphabetic cipher.
- Playfair cipher.
- Hill cipher.
- Polyalphabetic cipher.
- Transposition techniques.
- Rotor machines.
- Steganography.
- Security.
- Kerckhoffs’s assumption (that only key is secret).
- Statistical inference.
- Brute force attack.
- Redundancy.
- Entropy.
- Information-theoretic security.
- Stream cipher.
- Keystream generator.
- Next-state generator.
- Block cipher.
- Block size.
- Padding.
- Chaining modes.
- Electronic Codebook Mode (ECB).
- Cipher Block Chaining Mode (CBC).
- Cipher-Feedback Mode (CFB).
- Output Feedback Mode (OFB).
- Propagating Cipher-Block Chaining Mode (PCBC).
- Recoverability from lost/damaged ciphertext blocks.
- Data Encryption Standard (DES).
- Feistel network.
- Block size.
- Key size.
- Subkey.
- S-box.
- Rounds.
- Decryption.
- Group property of a cryptosystem.
- Double encryption.
- Birthday paradox.
- Message Authentication Codes (MACs).
- Definition.
- Need for MACs; why encryption isn’t enough.
- MACs from DES and other block ciphers.
- Asymmetric cryptosystems.
- Definition and requirements.
- Public key model.
- Need for resistence against chosen plaintext attack.
- Man-in-the-middle attack.
- RSA.
- Components.
- Modulus.
- Encryption key.
- Decryption key.
- Encryption function.
- Decryption function.
- Algorithms needed.
- Primality testing.
- Finding modular inverse.
- Fast modular exponentiation.
- Theoretical basis.
- Prime number theorem.
- Existence of modular inverse.
- Proof that decryption function is inverse of encryption function.
- Computational efficiency.
- Security properties.
- Factoring problem.
- Computing φ(n) given factorization of n.
- Factoring n given φ(n).
- Factoring n given public and private keys.
- Hybrid system.
- Use RSA for secure transmission of random session key.
- Use symmetric cryptosystem for body of message.
- Algebra.
- Groups.
- Abelian group
- Subgroups.
- Cyclic group, generator, and order of an element.
- Order of subgroup divides order of group.
- Number theory.
- Modular arithmetic.
- Divides (a∣b).
- Division theorem: a = bq + r, 0 ≤ r < b.
- The remainder operator “a mod n”
- The congruence relation a ≡ b (mod n)
- Zn.
- Computing in Zn for large n.
- Fast modular exponentiation.
- Z*n
- Relatively prime pairs of numbers.
- Euler’s totient function φ(n)
- Euler’s theorem and Fermat’s little theorem.
- Consequence: x ≡ y (mod φ(n)) implies ax ≡ ay (mod n).
- Greatest common divisor (gcd).
- Euclidean gcd algorithm.
- Diophantine equations and modular inverses.
- Extended Euclidean algorithm.
- Chinese remainder theorem.
- Prime number theorem.
- Primitive roots.
- Lucas test.
- Discrete logarithm.
- Quadratic residues.
- Square roots modulo a prime.
- Square roots modulo a product of two distinct primes.
- Euler criterion.
- Finding square roots modulo prime p when p ≡ 3 (mod 4).
- Shank’s algorithm for finding square roots modulo an odd prime.
- Legendre symbol.
- Jacobi symbol.
- Jacobi symbol identities (don’t memorize, but understand what they are).
- Computing the Jacobi symbol.
- Probabilistic primality testing
- General framework for tests of compositeness (from lecture notes 10).
- Fermat test of compositness ζa(n).
- Strassen-Solovay test of compositeness νa(n)
- Miller-Rabin test of compositeness μa(n).
- Cryptographic protocols based on number theory (besides RSA).
- Diffie-Hellman key exchange.
- ElGamal key agreement.
- ElGamal public key cryptosystem.
- Goldwasser-Micali (QR) probabilistic cryptosystem.