Additional key-sizes and block-sizes Ability to function efficiently and securely in a wide variety of platforms and applications low-end smartcards, wireless: small memory requirements IPSec, ATM – small key setup time in hardware B-ISDN, satellite communication – large encryption speed Flexibility

Iterating Block ciphers Definition A product cipher combines two or more transformations in a manner intending that the resulting cipher is more secure than the individual components. Definition An iterated block cipher is a block cipher involving the sequential repetition of an internal function called a round function. Parameters include the number of rounds Nr, the block bitsize n, and the bitsize k of the input key K from which Nr subkeys Ki (round keys) are derived. For invertibility (allowing unique decryption), for each value Ki the round function is a bijection on the round input

Modular arithmetic – Used to define a finite field – a = b mod n means that if a and b are divided by n they produce the same remainder – a*b mod n can result in 0 even if a and b are not 0

Definitions – Digital Signature - a data string which associates a message with some originating entity – Digital Signature Generation Algorithm – a method for producing a digital signature – Digital signature verification algorithm - a method for verifying that a digital signature is authentic (i.e., was indeed created by the specified entity)

Numbers Integers Real Arithmetic Operations Addition and subtraction Multiplication and division Exponentiation and logarithm

Definition: Group A set G of elements and operator @ form a group if: for all x,y in G, x @ y is also in G (inclusion) there is an identity element e such that for all x in G, e@x = x for all x in G, there is an inverse element x

Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms

Digital Signatures and Message Authentication Code (MAC) overview Suppose Alice and Bob share a secret key k which determines hash function hk Alice sends (x, y) to Bob where y = hk

Originally designed to be efficient in hardware . A LOT of money has been invested in hardware. although DES standard is public there was considerable controversy over design – in choice of 56-bit key (vs Lucifer 128-bit) – and because design criteria were classified

《水处理》课程教学资源（参考资料）密码长期不变的FTP大集合