Outline for May 11, 2004
Reading: Chapter 9.1-9.2
The following is a passage from Sun Tsu's book The Art of War:
There are three ways in which a sovereign can bring misfortune upon
Does this apply to an organization with computers that are under
attack, or are expected to be attacked? How?
By commanding the army to advance or retreat, being ignorant of the
fact that it cannot obey. This is called hobbling the army.
By attempting to govern an army in the same way as he administers
a kingdom, being ignorant of the conditions that obtain in an army.
This causes restlessness in the soldiers' minds. Humanity and justice
are the principles on which to govern a state, but not an army;
opportunism and flexibility, on the other hand, are military rather
than civic virtues.
By employing the officers of his army without discrimination, through
ignorance of the military principle of adaptation to circumstances.
This shakes the confidence of the soldiers.1
Outline for the Day
- Classical Cryptography
- polyalphabetic: Vigenère,
(a + ki) mod n
- cryptanalysis: first do index of coincidence to see if it's
monoalphabetic or polyalphabetic, then Kasiski method.
- problem: eliminate periodicity of key
- Long key generation
- Running-key cipher: M = THETREASUREISBURIED;
K = THESECONDCIPHERISAN;
C = MOILVGOFXTMXZFLZAEQ;
wedge is that (plaintext,key) letter pairs are not random
(T/T, H/H, E/E, T/S, R/E, A/O, S/N, etc.)
- Perfect secrecy: when the probability of computing the plaintext
message is the same whether or not you have the ciphertext
- Only cipher with perfect secrecy: one-time pads; C = AZPR; is
that DOIT or DONT?
- Public-Key Cryptography
- Basic idea: 2 keys, one private, one public
- Cryptosystem must satisfy:
- given public key, CI to get private key;
- cipher withstands chosen plaintext attack;
- encryption, decryption computationally feasible [note: commutativity
- Benefits: can give confidentiality or authentication or both
- Sun Tzu, The Art of War,
Delta Publishing, New York, NY 10036 (1983) pp. 1617
Here is a PDF version of this document.