Sunday, November 19, 2017

Cryptography course notes

https://www.coursera.org/learn/crypto

Stream Ciphers 4 - What is a secure cipher?



Statistical tests - given an input it will tell how random it is.
Advantage - |Pr(A(PRG) = 1) - Pr(A(R) = 1)| A is statistical test which will return 1 if it thinks input is random enough. Advantage is close to 1 if A can distinguish very well between a truly random number and PRG random number else it's close to 0.

A PRG is secure if ADV_PRG[A,G] is negligible. It means it's difficult to distinguish between PRG and truly random.
Are there provably secure PRGs? We don't know. It's linked to P = NP.

Secure PRGs are unpredictable. Given first i bits if an algo can predict the i+1 bit with prob > 1/2 + epsilon where epsilon is non-neg then PRGs is predictable and Advantage > epsilon.
Theorem => if for all i in (0 to n-1) PRG G is unpredictable at position i then G is secure PRG.
If next bit predictors can't distinguish G from random then no statistical test can.

Semantic Security - if attacker can't distinguish between Exp(0) and Exp(1) - i.e. m0 and m1. Definition similar to advantage.

Quiz
<?php 
    $cipherText = '6c73d5240a948c86981bc294814d';
    $originalText = 'attack at dawn';
    $newText = 'attack at dusk';
    $otpInAscii = pack('H*',$cipherText) ^ $originalText;
    $newCipherText = bin2hex($otpInAscii ^ $newText);
    echo $newCipherText;
?>

Stream cipher with scure PRG is semantically secure - 

Wednesday, November 15, 2017

Coursera cryptography notes

https://www.coursera.org/learn/crypto

W1S5
1. Problems with RC4 (used in HTTPS/WEP), some bytes have higher prob
of being 0.
2. CSS(Content scrambling system) used for DVDs, Bluetooth, GSM -
implemented in hardware is badly broken. It uses LFSR. US allowed
export of crypto algorithms which weren't more than 40 bits. Hence DVD
manufacturers were constrained.

3. Modern stream ciphers - eStream - Salsa20(elegant) Sosemanuk

Tuesday, November 14, 2017

Coursera cryptography notes

https://www.coursera.org/learn/crypto

W1S4
1. If you use same pad to encrypt multiple messages m1,m2 - an
attacker can XOR resulting CTs C1,C2 = m1 XOR m2 from which one can
recover easily the original messages since there is plenty of
redundancy in English esp ASCII.

2. Real world failures of the 2 time pad - Project Venona (US vs
Russia - 1941-46). MS-PPTP (Windows NT) wherein both server and client
used the same key to encrypt messages. Also 802.11b WEP - IV || k is
used to encrypt a frame. Length of IV is 24 bits. So after 16M frames,
encrypting key gets recycled. So 2 diff msgs encrypted with same key.
Also if you reset router, IV gets reset to 0 - so it will get recycled
faster than normal. Also IV goes like this - 0,1,2,3 so all the keys
are closely related. The PRG used by WEP is RC4 which was demonstrated
to fail after 10^6 frames.

3. Disk encryption fail -
4. OTP is malleable. If attacker has access to CT, he can XOR it with
some pattern to modify the resulting message.

Coursera cryptography notes


W1S1-2
1. Anything which can be done with a Trusted authority can be done without it through some secret protocol communication among all the parties.
2. If there are 2 Random variables with uniform distribution, their XOR is also a uniform distribution.
3. Birthday paradox - 1.2 * sqrt(size(U)) samples would yield 2 distinct elements with same values where size(U) is the size of the entire set. 1.2*sqrt(365) = 24 people in a room would yield 2 people with same birthday. 2^64 samples of 128 bit numbers would yield 2 same numbers. Probability of this happening is >= 0.5

W1S3
1. Definition of perfect secrecy (E,D) over (K,M,C), Pr [ E(k,m0) = c] = Pr[E(k,m1) = c] given that |m0| = |m1|. In other words, CT only attacks are not possible. So One Time Pad (OTP) as perfect secrecy. OTP is simply m XOR k = c.
2. Perfect secrecy also requires that len(k) >= len(m) . OTP satisifies this with equality. So OTP is not practical since if you can transmit the key securely, you can as well transmit the message securely as well(they are the same length).

How to make OTP more secure with stream ciphers?
1. PRG but PRG must be unpredictable. Predictable means that given first few bits of PRG output I can deduce the rest of the bits. If that's so, if the attacker knows first few bits of m and sees the CT, by XORing can get first few bits of PRG output. From those first few bits, can generate rest of the bits.
2. Weak PRGs - A. glibc random() B. LCG 
3. Negligible/non negligible epsilon corresponds to polynomial/exponential


 

Tuesday, September 5, 2017

Windows checking which port is used by which process

Task Manager -> Performance -> Open Resource Monitor -> Network -> Listening Ports

If you are looking to close the process using port 80 - Net stop HTTP

Wednesday, August 30, 2017

glog

alias glog="git log --pretty=format:\"%h%x09%an%x09%aD%x09%cD%x09%s\""

Blog Archive