- Greetings and Felicitations!
- Why is homework program useful? If a program deletes an environment variable, which one?
- Current grades,
*etc*. now on web page

- Puzzle of the day
- RSA
- Provides both authenticity and confidentiality
- Go through algorithm:

Idea:*C*=*M*mod^{e}*n*, M =*C*mod^{d}*n*, with*ed*mod PHI(*n*) = 1.

Proof:*M*^{PHI(n)}mod*n*= 1 [by Fermat's theorem as generalized by Euler]; follows immediately from*ed*mod PHI(*n*) = 1.

Public key is (*e*,*n*); private key is*d*. Choose*n*=*pq*; then PHI(*n*) = (*p*-1)(*q*-1). - Example:

*p*= 5,*q*= 7;*n*= 35, PHI(*n*) = (5-1)(7-1) = 24. Pick*d*= 11. Then*de*mod PHI(*n*) = 1, so choose*e*= 11. To encipher 2,*C*=*M*mod^{e}*n*= 2^{11}mod 35 = 2048 mod 35 = 18, and M =*C*mod^{d}*n*= 1811 mod 35 = 2. - Example:
*p*= 53,*q*= 61,*n*= 3233, PHI(*n*) = (53-1)(61-1) = 3120. Take*d*= 791; then*e*= 71. Encipher*M*=`RENAISSANCE`: A = 00, B = 01, ..., Z = 25, blank = 26. Then:

*M*=`RE NA IS SA NC Eblank`= 1704 1300 0818 1800 1302 0426

*C*= (1704)^{71}mod 3233 = 3106;*etc*. = 3106 0100 0931 2691 1984 2927

- Cryptographic Checksums
- Function
*y*=*h*(*x*): easy to compute*y*given*x*; computationally infeasible to compute*x*given*y* - Variant: given
*x*and*y*, computationally infeasible to find a second*x'*such that*y*=*h*(*x'*). - Keyed
*vs*. keyless - MD5, HMAC

- Function
- Key Exchange
- Needham-Schroeder and Kerberos
- Public key; man-in-the-middle attacks

- Cryptographic Key Infrastructure
- Certificates (X.509, PGP)
- Certificate, key revocation
- Key Escrow

- Digital Signatures
- Certificates (X.509, PGP)
- Certificate, key revocation
- Key Escrow

The UNIX system reserves network ports numbered 1023 and below for root-owned processes only. User processes must use ports with higher numbers. So, if the source port from a remote host has a source port of 536, it must have originated with a process that was at one time root. This is a UNIX standard, not an Internet one.

What problems can this scheme cause in a heterogeneous network?

Matt Bishop Office: 3059 Engineering Unit II Phone: +1 (530) 752-8060 Fax: +1 (530) 752-4767 Email: bishop@cs.ucdavis.edu | Copyright Matt Bishop, 2000. All federal and state copyrights reserved for all original material presented in this course through any medium, including lecture or print. |