• Home

  • Documents

  • Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf ·...
16
Application Problems Introduction to Combinatorics and Cryptography Ahto Buldas [email protected] Jaan Priisalu [email protected] November 24, 2016

Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas [email protected] ... i is

  • Upload
    others

  • View
    1

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

Application ProblemsIntroduction to Combinatorics and Cryptography

Ahto Buldas [email protected]

Jaan Priisalu [email protected]

November 24, 2016

Page 2: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for study

Topics

1 HistorySignal Intelligence CooperationEnigmaVenonaRussian Diplomatic Communication

2 Implementation detailsBlock chipher modes

3 Tools for study

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 3: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for study

Signal Intelligence CooperationEnigmaVenonaRussian Diplomatic Communication

Cryptanalysis known pairing

France

Poland

United Kingdom

Japan

Finland

Estonia

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 4: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for study

Signal Intelligence CooperationEnigmaVenonaRussian Diplomatic Communication

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 5: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for study

Signal Intelligence CooperationEnigmaVenonaRussian Diplomatic Communication

Breaking Enigma

Breaking basis method is Friedman’s Index of Coincidence -statistics of letter pairwise sequencies.

Reasons of breaking Enigma:

Open commercial design

Avoiding one substitution

Plaintext partialpredictability

Operating discipline

International cooperation

Roles:

FR Obtaining machines

PL Methoddevelopment

UK Consolidation andindustrialisation

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 6: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for study

Signal Intelligence CooperationEnigmaVenonaRussian Diplomatic Communication

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 7: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for study

Signal Intelligence CooperationEnigmaVenonaRussian Diplomatic Communication

Venona

Russians reused keys.Project 1946-1980Decryption rate

1942 1.8%

1943 15.0%

1944 49.0%

1945 1.5%

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 8: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for study

Signal Intelligence CooperationEnigmaVenonaRussian Diplomatic Communication

One-time Pad

Plaintext x is divided into blocks x = x1x2 . . . xm.Ciphertext is y also divided into blocks y = y1y2 . . . ym, whereevery ciphertext block yi is computed by

yi = xi ⊕ zi ,

where zi is the key intended for the encryption of xi .The keys zi are mutually independent and uniformly random.

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 9: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for study

Signal Intelligence CooperationEnigmaVenonaRussian Diplomatic Communication

Key reuse

If all keys are the same zi = k ∀i and we know oneplaintext-ciphertext pair (xj , yj) then we can decrypt all pairs ask = xj ⊕ yj .

If we know that key is re-used one time zm = zn = k , then

ym ⊕ yn = xm ⊕ k ⊕ xn ⊕ k

= xm ⊕ xn .

XOR-ed texts can be attacked by pair frequency matrix.

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 10: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for study

Signal Intelligence CooperationEnigmaVenonaRussian Diplomatic Communication

Tallinn Telegrams

Some intercepted telegrams of Russian Tallinn Embassy withMoscow are preserved.

They were misclassified in Estonian State Archive.

Content is not random, autocorrelation does exist.

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 11: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for study

Signal Intelligence CooperationEnigmaVenonaRussian Diplomatic Communication

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 12: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for studyBlock chipher modes

Block cipher modes

Original file ECB encrypted CBC encrypted

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 13: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for studyBlock chipher modes

Mode properties

Mode Encrypt Decypt Random readECP Parallel Parallel YesCBC No Parallel YesCFB No Parallel YesOFB No No No

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 14: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for studyBlock chipher modes

PKI practical problems

Dutch DigiNotar

Swedish BankId

Estonian ID card negative moduli

Taiwan ID card weak random

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 15: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for studyBlock chipher modes

Keypair roles

SEIS original keypair roles

signature No recovery allowed

authentication Arbitrary challange

encryption Key recovery desired

FinID optimised authetication and encryption keypairs together.

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems

Page 16: Application Problems - Introduction to Combinatorics and ...ahtbu/applicationproblems.pdf · Introduction to Combinatorics and Cryptography Ahto Buldas ahto.buldas@ttu.ee ... i is

HistoryImplementation details

Tools for study

Tools to consider

cryptool.org

openssl

Cryptographers Workbench

Ahto Buldas [email protected], Jaan Priisalu [email protected] Problems


Curriculum vitae - Cyberneticaahtbu/buldas-cv-eng.pdfCurriculum vitae Ahto Buldas was born in January 17, 1967 in Tallinn and is an Eestonian citizen. Married to Riina Buldas, father

Curriculum vitae - Cyberneticaahtbu/buldas-cv-eng.pdfCurriculum vitae Ahto Buldas was born in January 17, 1967 in Tallinn and is an Eestonian citizen. Married to Riina Buldas, father

Documents
COMBINATORICS OVEMBER DISCRETE … · COLLOQUIUM ON COMBINATORICS — 04/05 NOVEMBER 2016 DISCRETE MATHEMATICS — PADERBORN UNIVERSITY Dear combinatorialists, the Colloquium on Combinatorics

COMBINATORICS OVEMBER DISCRETE … · COLLOQUIUM ON COMBINATORICS — 04/05 NOVEMBER 2016 DISCRETE MATHEMATICS — PADERBORN UNIVERSITY Dear combinatorialists, the Colloquium on Combinatorics

Documents
Math Academy: Combinatorics

Math Academy: Combinatorics

Education
Annals of Combinatorics - Institut Néelperso.neel.cnrs.fr/jean-christian.angles-dauriac/... · Annals of Combinatorics 3 (1999) 131-158 Annals of Combinatorics O Springer-VerIag

Annals of Combinatorics - Institut Néelperso.neel.cnrs.fr/jean-christian.angles-dauriac/... · Annals of Combinatorics 3 (1999) 131-158 Annals of Combinatorics O Springer-VerIag

Documents
Graphs and Combinatorics

Graphs and Combinatorics

Documents
Hash Functions: lecture series by Ahto Buldas

Hash Functions: lecture series by Ahto Buldas

Education
Chapter 6: Combinatorics

Chapter 6: Combinatorics

Documents
Mac OS X and iOS security - Cyberneticaahtbu/CDS2011/HeliandDemaSlides1.pdf · Mac OS X and iOS security Cyberdefence Seminar Ahto Buldas Heliand Dema . Desktop and mobile OS share

Mac OS X and iOS security - Cyberneticaahtbu/CDS2011/HeliandDemaSlides1.pdf · Mac OS X and iOS security Cyberdefence Seminar Ahto Buldas Heliand Dema . Desktop and mobile OS share

Documents
geometric and enumerative Combinatorics · geometric and enumerative Combinatorics Enumerative combinatorics has broad applications in probability, statistical physics, optimization,

geometric and enumerative Combinatorics · geometric and enumerative Combinatorics Enumerative combinatorics has broad applications in probability, statistical physics, optimization,

Documents
Combinatorics & Counting

Combinatorics & Counting

Documents
MATHEMATICAL COMBINATORICS

MATHEMATICAL COMBINATORICS

Documents
Tropical Combinatorics

Tropical Combinatorics

Documents
Elements of Combinatorics

Elements of Combinatorics

Documents
Elementary Number Theory - Cyberneticaahtbu/numbertheory.pdf · Ahto Buldas Elementary Number Theory December 3, 2016 16 / 1. Some Lemmas Lemma 1: Every composite m 2 is a product

Elementary Number Theory - Cyberneticaahtbu/numbertheory.pdf · Ahto Buldas Elementary Number Theory December 3, 2016 16 / 1. Some Lemmas Lemma 1: Every composite m 2 is a product

Documents
Description: Algebraic combinatorics and convex geometry.sf34/proposal_poly.pdf · Description: Algebraic combinatorics and convex geometry. 1. Introduction The eld of geometric combinatorics,

Description: Algebraic combinatorics and convex geometry.sf34/proposal_poly.pdf · Description: Algebraic combinatorics and convex geometry. 1. Introduction The eld of geometric combinatorics,

Documents
Combinatorics of Compositions

Combinatorics of Compositions

Documents
CombinatoricsI Combinatorics CombinatoricsI Combinationscse.unl.edu/~cbourke/CSCE235/notes/Combinatorics-HandoutNoNot… · CombinatoricsI Introduction Combinatorics is the study

CombinatoricsI Combinatorics CombinatoricsI Combinationscse.unl.edu/~cbourke/CSCE235/notes/Combinatorics-HandoutNoNot… · CombinatoricsI Introduction Combinatorics is the study

Documents
Combinatorics Mmmm

Combinatorics Mmmm

Documents
enumetarive combinatorics

enumetarive combinatorics

Documents
100 Combinatorics Problems

100 Combinatorics Problems

Documents
Geometry and Combinatorics

Geometry and Combinatorics

Documents
Algebraic Combinatorics

Algebraic Combinatorics

Documents
Combinatorics and Probability

Combinatorics and Probability

Documents
de Bruijn's COMBINATORICS

de Bruijn's COMBINATORICS

Documents
Combinatorics Lecture 2

Combinatorics Lecture 2

Documents
Combinatorics Notes

Combinatorics Notes

Documents
Financial Mathematics Combinatorics

Financial Mathematics Combinatorics

Documents
Circuits - Cyberneticaahtbu/Complexity_6_slides.pdf · Slides based on S.Aurora, B.Barak. Complexity Theory: A Modern Ap-proach. Ahto Buldas Ahto.Buldas@ut.ee. Lecture 6 of Complexity

Circuits - Cyberneticaahtbu/Complexity_6_slides.pdf · Slides based on S.Aurora, B.Barak. Complexity Theory: A Modern Ap-proach. Ahto Buldas [email protected]. Lecture 6 of Complexity

Documents
RELATIONS BETWEEN COMBINATORICS AND … BETWEEN COMBINATORICS ... RELATIONS BETWEEN COMBINATORICS AND OTHER PARTS OF MATHEMATICS ... Combinatorial problems in geometry and number theory

RELATIONS BETWEEN COMBINATORICS AND … BETWEEN COMBINATORICS ... RELATIONS BETWEEN COMBINATORICS AND OTHER PARTS OF MATHEMATICS ... Combinatorial problems in geometry and number theory

Documents
1. Early combinatorics - (Indico)€¦ · 1. Early combinatorics 2. European combinatorics: Middle Ages to Renaissance 3. Euler [s combinatorics 4. Magic squares, Latin squares &

1. Early combinatorics - (Indico)€¦ · 1. Early combinatorics 2. European combinatorics: Middle Ages to Renaissance 3. Euler [s combinatorics 4. Magic squares, Latin squares &

Documents