Embed Size (px)
Citation preview
6.857 Computer and Network Security Lecture 12
Admin: Project proposals due this week. Project Ideas:
Electronic auctions See: recent CACM article
http://www.cs.ut.ee/~lipmaa/crypto/link/protocols/auctions.php (good high-level set of links)
Today:
Group theory review Diffie-Hellman key exchange Five crypto groups: Z *, Q , Z *, Q , elliptic curves
1
ILL INI:L
:-‘tkeorz
(niwI4pkc.%ejmc4p) xc C&, *‘) is fntc aehan s;t.c t
iden+c+y :• 3r44a 1s.t.qc&)q.1t1.a= a
InVtv5tS. . (V4t&)(c&) (6tca1)
. (q,l,,tc&) q.(.c’)i (aS).c.• •
Let or4er(s) = least Lflo s$, a 1. (‘ &).€4 .f srec t
ZLJ (VasG) orc1er(’)t ,
1,tortn-; rr% ywp 0c s;r. t(v0€) atrl
Exnnsp\t: (Vac’Z) ai (ninlp’) s;ncL
Del: <c’> fa’: Co: sa’tjmup enn%4bya
cc rc <q%>; 14enG s
___
a a
______
it •I(>i orckr(a’) •
Xri $nk oe\qr m4p & of orjer. t %AACtC
(YqeG’) [q1]4?[a scicneratDrtf&j.Fqe,t 1j’ “S alwAyS CyClft
2
I DuG
FILE UNDIR
• St.: xc et k 3P A t 4
xc
• dicn4t
OMVbt4 4.$4iWJ 40 b’t k,tcLAnfeascr
2 icn.,t nnJ.wi’l C\los’ev
• Wt c4t eeA 4votgg6\c tw rtfnsent n1css’eS as
y044?a\twev*s 1% 4 messQ,t p4CC I
a. 94 nee.4 qfl injtc.iCVL (t_-one’: (b”4fO
4 (rn’ be à,osev ft
Ic%A)t Cqb% ‘Aaviktfy
wrrt i4e itecs 1,2.,..2 ,v1D1O
•n ovvierD’4pS kk% Can 1ot ‘ h*c 4vrci,
I.
—..
4NtVI t%t MJi
betWttvI.
{S Oflt4Oflt
[o,i,,..,t-i.] in4
t * ponentattovi “power$n5-wp”
.d;sct4t\oac&Im. (Di)
(4t. DL peem’ r
54A6\, k4,.t
pfl k-We fl1t1543t5
Sc
1 .. F.. —
F F.F
JLL I
3
DATE
I
z*tA .
... 1 . . . .fL1 ..n_-.__,_______-.•:e ... aq .
s:i::z:z:zt;Ej. e - — — — —1 — — — - —. — — - .— — - t_. — —. -
EZEiZEZEHEjEZt4iDZ{ä;crzzz::z1
EzGr
ia —‘.. .._ ._, .—a_
—--4
eL_i1HJ_L
t:z:±zz:
ZHE±EEEZpñIAtE..zj-1E :‘:r::z::ZZVLtE:t
.‘ — —. —. — —.——— — .— —— —
f.
4
-t3 ‘S
rtr
•.
.,
L.
t—
t—
it.
.5-
a‘
?rrtc
_
rftir!
2tH
g;
-rta
.tJ
“K
-,
•&
p.••
c-f-
aç
ih
K.
..-
3-
(-S
3-.
ci
3•,
4a
Th
—I
i4
.3
5
c..c.D
5
r
-ncS‘C
4
‘.
10
I-4--
‘41*
<
>-
>-
“3K
u_
IX
a_
5
}4
II
IC
-
0‘3
-
IIC
rW
;S
-SA
€£
•83
4-
‘3-c
——S•-t£$1‘4
-90
-d0aD0
’
aCLbV
t
V
ii444-340-
£(5I(-3
n3
2’
ivi
&4,
C•4—
C—
F-)
—3
,-
-ey-±
ac_i)
!‘
cI
S*1
>%
•
Xrn
çt;
€T
•‘)ti
at
4%
—
%3i-
i
ci—
—a
•‘
-C.
-p6
:L
jE
a-
4->%
04I0-tCe‘pC
l
K6’
a
4
qi
I11
‘6‘S
em1*a
’LC.
Ca
S—
‘-r
c6
-(‘(C
,
•i
‘I0
ta
4*
jrI-,
5S
6
•
•
01
t,
LI
•II
I’
taq&
€3’
Di,
rn
1ir-••
r4t
..
Ap..
1’-r
tk
4,
t*
II
*3
PF
A?.
Itt-
.S
t%
V’
‘a
‘.a
-n;_
_
p•
4,
.S‘%
,/ni
—.
iiI
cf-
Ve
3
__
I-
A
7
_
eS
_
H-
90
‘t
•H
&II
II‘I
•-n.
__
zp
__
II
£3
U‘I
C-
I,
3’
V’
2Z
__
-.
II—
——
(3
“a
a
VD
.-,
C’
t—
8
1—
açt nite pvtper)rn,. v’J ueJ
M4 sleep reiW to
Letr
a yenj 6vccf fritro,
a
Let a, in9q3’7Z,Q
(U’biOJf
cc titans are ttnct,
(*)
...
L
CosAer e1.nicon (in Vattollt$ .xjy moJp)
yxta3cl-6 (no4p)
&rap\ic.\) 4Dflt+1n5 I1i +c
(n)
t”Jok ta4 tc- (s,y’) Qrs CLint,
If roo±s
-ax
50 .3
artr1,ç,r3 t\.n
=-.
9
1
Tt
•icc2J1
.AO1aI%‘it”tYt44aJ(anoA
#1);.t’
LTh17;Nrz
t4
I ciat”A
flAil’“!
v.1
Sa
Si
a—,ca
_________
E1Pz H_L...,+
U‘ThEE
t4’.tp’n!
Ot4H
IVU)
si:j
‘?“
—4-
Ez-
z4jworub_&,t).4LW
41’r
t=lai/‘Cj):r4’4AQJt’i’rr—l
{njn£tttcA:ch’s,}=3.
___
LAO%4ufO‘1
—‘——
———
w:
——-——
L[___I3CNi1
10
-Th
-t
Ca
>‘
eL.2
Sc
-S
-t)
-JZe
—=
-‘.
,c
fl)
I%
.JU
“9C.
—q.
C-
.0
—_o
-s0
)Cb
C
-t.
-fl-
4-
Lii-%
—I.-
—,
C.__
.,
(.3..
.•te
le
1E0
LtL
.!
-i
&
-
SL
I,
‘a
_
+aII‘I£I—
‘C
C:
4-.H3•
,->
.4-c_c
‘C,
-r
S
Sc?
S
—j
4’
S—
V‘
__l%.
-c%
1
—F
•II
II
—+
4-I
Eo
---o-E
.4
7-
t’
1\
2’—I)
KI’,E
r-
‘3
4a
‘C•tdl(
4—
_%
-.‘
I—
rN
,c
‘c-I
1Is
IIUEa.ft
‘C
4‘C
St
-ta
‘3
—I
4)
11
Tc)pIc I
__________________
—
.HLEUI’JDFP:
_______________ ____.__j
iEt_!—Wi.
IN-
85
w
Th
€
Is A.n14 “sck
Icwr’ms
4i+-*t
r we t
[t4tjftP$#s H
44
a’
-t
“firsr %ta.t14$ MCt 4
4; C.—
;
Ifl
anA
iN I i ‘
--t
_
I
__
tHt.LL.L.Lt----.tI f -
EEL-rE
-I
-_
Ps _ttt’1Irr
t::
i
__!EEE
lIE HE1
-
I
_
--
---F
12
3914:47 notes S /*pplicationslsage/sageDetected 6A0E64 flagBuilding Sage on OS Z in 64—bit mode
Sage version 4.6.2, Release Date: 2011—02-25I 1ype notebook() for the GUI, and license() for intonation.
Iaqez I some experiments with elliptic tunes with sagesage: I first define a (Said mod 101sages V — Zmot(1O1)sages VRing of integers nodule 101sage: I example of multiplication is Vsages t(l0)flhl)9sage: * define elliptic ctrve aver Vnge. P — EllipticCurve(P,f0,1J)sage: SElliptic Curve defined by y2 r3 P 1 Over Ring of integers modulo 101sage: P — E.r.ndoajoint()sage: P(96 : 49 1)sages I note coordinates are La projective ton (K i I 5) representingsage; U point x — 1/I, y — 1/5, with a — 0 for point at infinity.sage: I get another pointsage: Q — !.random_point()angus 9(29 94 : 1)sage: P+Q21 : 77 , 1.)sage: I check cammutativitysage: Q+P(21 77 1)sage: I get thira pointsage; K — E.randonpoiflt()sage; K(76 t 58 1 1)sage: I check •ssoei.ativitysage: P + (Q+R)(53 2 : 1)sage: (P+9)+R(53 : 2 : 1)sages 4 find size of this groupsage: S.order()102sage: I what are factors of 102?sage: factar(102)2 — 3 * 17 -
sage: I so possible orders of elements are 1,2,3,6,17,34,51,102Pages Porder()51sega. Q.order()51sage; R.order()Sisage: * none of P,Q, A are a generator (i.e. have order 102)sages Iiet’e find onesage; a — E.racdoia_point()
13
sage: R.order()102sage: 8 bingesage: 4 what don identity look like?sage: P-P(0 i 1 a 0)sage: a
sage. I(0 1sage: Zn(96 t 49 a 1)sage; P4.1(96 : 49 a 1)sage: .
(96 a 52 a 1)sags: I cots that innrses just negate T component, nodule 101sage: I look at nec seall powers of generator asage: for i in range(15): print 1, j*g
o (0 a 1 a 0)1 (72 a 85 a 1)2 (15 a 89 a 1)3 (9 a 86 a 1)4 (84 a 21 a 1)£ (52 a 44 a 1)6 (07 a 61 a 1)7 (90 a 65 1)$ (35 a 31 • 1)9 (10 a 71 a I)10 (18 51 a 1)11 (93 14 a 1)12 (4 a 41 1)13 (38 38 a 1)14 (76 58 a 1)sage: I find discrete log at P, base asage: R.dIscretelog(P)80sage: 80*R(96 a 49 a 1)sage: C0RPTruesage: I find discrete log of Q, base Ksage: K. di.crete_log(Q)58sager I find eleaents of each possible ordersage. R.ordet()102sage: S — 2Rsage: S.order()51sage: S — 3RSage: S.order()34sage: S — 6Ksage, S.osder()17sage: S — 17CRsage; 8.order()
14
f0‘aot)9
t
.t5—S
npog:abgs—9
p
15
MIT OpenCourseWarehttp://ocw.mit.edu
6.857 Network and Computer SecuritySpring 2014
For information about citing these materials or our Terms of Use, visit: http://ocw.mit.edu/terms.
