标签： CS 127

数学代写|密码学作业代写Cryptography代考|Design process of a cryptosystem

Posted on 2023年5月25日2023年5月25日 by statistics-lab

如果你也在怎样密码学Cryptography Theory 这个学科遇到相关的难题，请随时右上角联系我们的24/7代写客服。密码学Cryptography Theory 是对存在对抗行为的安全通信技术的实践和研究。更广泛地说，密码学是关于构建和分析防止第三方或公众阅读私人信息的协议；信息安全的各个方面，如数据保密性、数据完整性、认证和不可抵赖性是现代密码学的核心。现代密码学存在于数学、计算机科学、电子工程、通信科学和物理学等学科的交叉点。密码学的应用包括电子商务、基于芯片的支付卡、数字货币、计算机密码和军事通信。

密码学Cryptography Theory 在现代很大程度上是基于数学理论和计算机科学实践的；密码学算法是围绕计算硬度假设设计的，这使得这种算法在实际操作中很难被任何对手破解。虽然在理论上有可能破解一个设计良好的系统，但在实际操作中这样做是不可行的。因此，这种方案，如果设计得好，被称为 “计算安全”；理论上的进步（例如，整数分解算法的改进）和更快的计算技术要求这些设计被不断地重新评估，如果有必要的话，要进行调整。信息理论上的安全方案，即使有无限的计算能力也无法被破解，如一次性密码键盘，在实践中比理论上可被破解但计算上安全的最佳方案更难使用。

statistics-lab™ 为您的留学生涯保驾护航在代写密码学Cryptography方面已经树立了自己的口碑, 保证靠谱, 高质且原创的统计Statistics代写服务。我们的专家在代写密码学Cryptography代写方面经验极为丰富，各种代写密码学Cryptography相关的作业也就用不着说。

数学代写|密码学作业代写Cryptography代考|Design process of a cryptosystem

The following chapters will focus on describing cryptographic primitives and how they work. However, it is extremely important from a practical security perspective to recognise that the primitives themselves must always be considered as part of a process, rather than isolated mechanisms. The process that surrounds a cryptographic primitive includes the following.
SELECTION OR DESIGN OF APRIMITIVE
The selection of a cryptographic primitive depends on the application requirements. For example, with respect to selection of an encryption algorithm, this part of the process may involve asking questions such as:

Should we use symmetric or public-key encryption?

What requirements and/or restrictions on the key length exist?

Should we adopt a publicly known encryption algorithm or develop our own proprietary encryption algorithm?
Throughout our discussion of cryptographic primitives, we will investigate some of the properties which influence this selection (design) process. Note that in many cases the financial or operational constraints may dictate the use of certain primitives. For example, an organisation might be forced to use a specific primitive in order to comply with a relevant application standard.

数学代写|密码学作业代写Cryptography代考|Evaluating security

One of the most difficult aspects of cryptography is making an accurate assessment of the security of a given cryptosystem. We separate this discussion into assessing the security of cryptographic primitives, protocols, and cryptosystems.
ASSESSING THE SECURITY OF A CRYPTOGRAPHIC ALGORITHM
Historically, the security of cryptographic algorithms (and protocols) relied on a rather informal approach which considered known attacks on the algorithm, such as an exhaustive key search, and then designed the algorithm to make these attacks ineffective. Often the arguments put forward to justify the resulting ‘security’ were not particularly rigorous, and in many cases were experimental. This process resulted from the fact that cryptographic algorithm design is as much about engineering as mathematics.

The problem with such an informal approach is it does not provide any real notion of ‘proof’ that a cryptographic algorithm is secure. With this in mind, cryptographic researchers have gradually been developing and adopting methodologies for attempting to provide stronger arguments for the security of cryptographic algorithms. This concept of provable security attempts to assess the security of a cryptographic algorithm by starting from some assumptions about the attack environment (captured by a security model), and then showing the security of the cryptographic algorithm can be formally linked (reduced) to the difficulty of a computational problem which is better understood.
There are two potential problems with this type of approach:
The starting assumptions may not be the right ones. For example, there may be attacks which have not been considered in the security model.

The computational problem might not be as difficult as thought. Provable security arguments are essentially translations from one relatively poorly understood concept (the cryptographic algorithm) into a better understood concept (the computational problem). However, this does not guarantee any ‘security’ in the event that the computational problem is not as hard as originally believed.

密码学代写

数学代写|密码学作业代写Cryptography代考|Design process of a cryptosystem

接下来的章节将重点描述密码原语及其工作原理。然而，从实际安全性的角度来看，认识到原语本身必须始终被视为流程的一部分，而不是孤立的机制，这一点非常重要。围绕加密原语的过程包括以下内容。
原始的选择或设计
加密原语的选择取决于应用程序的需求。例如，关于加密算法的选择，这部分过程可能涉及以下问题:

我们应该使用对称加密还是公钥加密?

对键长度有什么要求和/或限制?

我们应该采用公开的加密算法还是开发我们自己的专有加密算法?
在我们对加密原语的讨论中，我们将研究影响这个选择(设计)过程的一些属性。请注意，在许多情况下，财务或操作约束可能要求使用某些原语。例如，为了遵守相关的应用程序标准，组织可能被迫使用特定的原语。

数学代写|密码学作业代写Cryptography代考|Evaluating security

密码学最困难的方面之一是对给定密码系统的安全性进行准确评估。我们将此讨论分为评估加密原语、协议和密码系统的安全性。
评估加密算法的安全性
从历史上看，加密算法(和协议)的安全性依赖于一种相当非正式的方法，该方法考虑了对算法的已知攻击，例如穷举密钥搜索，然后设计算法使这些攻击无效。通常，为了证明最终的“安全性”而提出的论点并不是特别严格，而且在许多情况下都是实验性的。这个过程源于这样一个事实，即加密算法的设计不仅是数学，也是工程学。

这种非正式方法的问题在于，它没有提供任何真正的“证明”，证明加密算法是安全的。考虑到这一点，密码学研究人员逐渐开发和采用方法，试图为密码学算法的安全性提供更有力的论据。这种可证明安全性的概念试图通过对攻击环境的一些假设(由安全模型捕获)来评估加密算法的安全性，然后显示加密算法的安全性可以正式地与更好地理解的计算问题的难度联系起来(简化)。
这种方法存在两个潜在问题:
一开始的假设可能并不正确。例如，可能存在安全模型中没有考虑到的攻击。

计算问题可能没有想象的那么难。可证明的安全性参数本质上是从一个相对不太容易理解的概念(加密算法)转换为一个更容易理解的概念(计算问题)。然而，如果计算问题不像最初认为的那么难，这并不能保证任何“安全性”。

数学代写|密码学作业代写Cryptography代考请认准statistics-lab™

统计代写请认准statistics-lab™. statistics-lab™为您的留学生涯保驾护航。

金融工程代写

金融工程是使用数学技术来解决金融问题。金融工程使用计算机科学、统计学、经济学和应用数学领域的工具和知识来解决当前的金融问题，以及设计新的和创新的金融产品。

非参数统计代写

非参数统计指的是一种统计方法，其中不假设数据来自于由少数参数决定的规定模型；这种模型的例子包括正态分布模型和线性回归模型。

广义线性模型代考

广义线性模型（GLM）归属统计学领域，是一种应用灵活的线性回归模型。该模型允许因变量的偏差分布有除了正态分布之外的其它分布。

术语广义线性模型（GLM）通常是指给定连续和/或分类预测因素的连续响应变量的常规线性回归模型。它包括多元线性回归，以及方差分析和方差分析（仅含固定效应）。

有限元方法代写

有限元方法（FEM）是一种流行的方法，用于数值解决工程和数学建模中出现的微分方程。典型的问题领域包括结构分析、传热、流体流动、质量运输和电磁势等传统领域。

有限元是一种通用的数值方法，用于解决两个或三个空间变量的偏微分方程（即一些边界值问题）。为了解决一个问题，有限元将一个大系统细分为更小、更简单的部分，称为有限元。这是通过在空间维度上的特定空间离散化来实现的，它是通过构建对象的网格来实现的：用于求解的数值域，它有有限数量的点。边界值问题的有限元方法表述最终导致一个代数方程组。该方法在域上对未知函数进行逼近。[1] 然后将模拟这些有限元的简单方程组合成一个更大的方程系统，以模拟整个问题。然后，有限元通过变化微积分使相关的误差函数最小化来逼近一个解决方案。

tatistics-lab作为专业的留学生服务机构，多年来已为美国、英国、加拿大、澳洲等留学热门地的学生提供专业的学术服务，包括但不限于Essay代写，Assignment代写，Dissertation代写，Report代写，小组作业代写，Proposal代写，Paper代写，Presentation代写，计算机作业代写，论文修改和润色，网课代做，exam代考等等。写作范围涵盖高中，本科，研究生等海外留学全阶段，辐射金融，经济学，会计学，审计学，管理学等全球99%专业科目。写作团队既有专业英语母语作者，也有海外名校硕博留学生，每位写作老师都拥有过硬的语言能力，专业的学科背景和学术写作经验。我们承诺100%原创，100%专业，100%准时，100%满意。

随机分析代写

随机微积分是数学的一个分支，对随机过程进行操作。它允许为随机过程的积分定义一个关于随机过程的一致的积分理论。这个领域是由日本数学家伊藤清在第二次世界大战期间创建并开始的。

时间序列分析代写

随机过程，是依赖于参数的一组随机变量的全体，参数通常是时间。随机变量是随机现象的数量表现，其时间序列是一组按照时间发生先后顺序进行排列的数据点序列。通常一组时间序列的时间间隔为一恒定值（如1秒，5分钟，12小时，7天，1年），因此时间序列可以作为离散时间数据进行分析处理。研究时间序列数据的意义在于现实中，往往需要研究某个事物其随时间发展变化的规律。这就需要通过研究该事物过去发展的历史记录，以得到其自身发展的规律。

回归分析代写

多元回归分析渐进（Multiple Regression Analysis Asymptotics）属于计量经济学领域，主要是一种数学上的统计分析方法，可以分析复杂情况下各影响因素的数学关系，在自然科学、社会和经济学等多个领域内应用广泛。

MATLAB代写

MATLAB 是一种用于技术计算的高性能语言。它将计算、可视化和编程集成在一个易于使用的环境中，其中问题和解决方案以熟悉的数学符号表示。典型用途包括：数学和计算算法开发建模、仿真和原型制作数据分析、探索和可视化科学和工程图形应用程序开发，包括图形用户界面构建MATLAB 是一个交互式系统，其基本数据元素是一个不需要维度的数组。这使您可以解决许多技术计算问题，尤其是那些具有矩阵和向量公式的问题，而只需用 C 或 Fortran 等标量非交互式语言编写程序所需的时间的一小部分。MATLAB 名称代表矩阵实验室。MATLAB 最初的编写目的是提供对由 LINPACK 和 EISPACK 项目开发的矩阵软件的轻松访问，这两个项目共同代表了矩阵计算软件的最新技术。MATLAB 经过多年的发展，得到了许多用户的投入。在大学环境中，它是数学、工程和科学入门和高级课程的标准教学工具。在工业领域，MATLAB 是高效研究、开发和分析的首选工具。MATLAB 具有一系列称为工具箱的特定于应用程序的解决方案。对于大多数 MATLAB 用户来说非常重要，工具箱允许您学习和应用专业技术。工具箱是 MATLAB 函数（M 文件）的综合集合，可扩展 MATLAB 环境以解决特定类别的问题。可用工具箱的领域包括信号处理、控制系统、神经网络、模糊逻辑、小波、仿真等。

R语言代写	问卷设计与分析代写
PYTHON代写	回归分析与线性模型代写
MATLAB代写	方差分析与试验设计代写
STATA代写	机器学习/统计学习代写
SPSS代写	计量经济学代写
EVIEWS代写	时间序列分析代写
EXCEL代写	深度学习代写
SQL代写	各种数据建模与可视化代写

数学代写|密码学作业代写Cryptography代考|Perfect secrecy

Posted on 2023年5月25日2023年5月25日 by statistics-lab

数学代写|密码学作业代写Cryptography代考|Perfect secrecy

The notion of a cryptosystem being ‘unbreakable’ is modeled by the concept of perfect secrecy.
MOTIVATING PERFECT SECRECY
An exhaustive key search can always be launched against any cryptosystem. However, there is an even more basic attack that can also always be conducted against a cryptosystem which does not even involve trying to obtain the decryption key: an attacker can simply try to guess the plaintext.

Guessing the plaintext is an attack that can never be prevented. Of course, for long and complicated plaintexts it is very unlikely that an interceptor will be able to guess the plaintext correctly, but there will always be a chance (ideally a very small one) that they could. Note that guessing the plaintext becomes a much more plausible attack when the number of possible plaintexts is small, such as when the plaintext is a four-digit PIN or a short password.
DEFINING PERFECT SECRECY
It is thus useful to come up with a notion of security in which guessing the plaintext is essentially the best attack that the interceptor can deploy. We say a cryptosystem has perfect secrecy if, after seeing the ciphertext, an interceptor gets no extra information about the plaintext other than what was known before the ciphertext was observed.

数学代写|密码学作业代写Cryptography代考|A simple cryptosystem offering perfect secrecy

We now demonstrate a very simple cryptosystem which offers perfect secrecy.
DESCRIPTION OF THE CRYPTOSYSTEM
Consider the following situation. An investor has to make a major financial decision regarding whether to purchase additional stock in a shareholding, or whether to sell his existing shares. At 14.00 he intends to inform his broker which instruction to follow. The decision is highly sensitive, so the investor wants to encrypt it to prevent competitors from learning his intent.

Table 3.1 describes a suitable cryptosystem for use in this scenario. This cryptosystem has two keys $K_1$ and $K_2$, two plaintexts BUY and SELL, and two ciphertexts 0 and 1. The notation $E_K$ (data) denotes the ciphertext created by encrypting the data using key $K$. The cryptosystem works as follows:

Investor and broker agree on a randomly chosen key in advance (either $K_1$ or $K_2$ ).
Once the investor makes his investment decision, he looks up Table 3.1 and reads the ciphertext in the row corresponding to the chosen key and the column corresponding to the chosen decision. For example, if the key is $K_1$ and the investor is selling then the ciphertext selected will be 1 .
At 14.00 the investor sends the single ciphertext bit to the broker.
The broker looks up the row of Table 3.1 corresponding to the chosen key and establishes which column the ciphertext bit lies in. He then deduces the decision corresponding to that column. In our above example, the broker checks the row corresponding to $K_1$ and sees that 1 lies in the column corresponding to SELL. So the broker deduces the plaintext is SELL.

密码学代写

数学代写|密码学作业代写Cryptography代考|Perfect secrecy

密码系统“牢不可破”的概念是由完美保密的概念建立的。
激励完美的保密
对任何密码系统都可以进行穷举式密钥搜索。然而，还有一种更基本的攻击也可以针对加密系统进行，这种攻击甚至不涉及尝试获取解密密钥:攻击者可以简单地尝试猜测明文。

猜测明文是一种永远无法阻止的攻击。当然，对于长而复杂的明文，拦截器不太可能正确地猜出明文，但总是有机会(理想情况下是很小的机会)。请注意，当可能的明文数量很少时，猜测明文会成为一种更合理的攻击，例如当明文是四位数的PIN或短密码时。
完美保密的定义
因此，提出一种安全概念是有用的，在这种概念中，猜测明文本质上是拦截器可以部署的最佳攻击。如果在看到密文之后，拦截器除了在密文被观察到之前已知的信息外，没有得到关于明文的额外信息，那么我们就说一个密码系统具有完美的保密性。

数学代写|密码学作业代写Cryptography代考|A simple cryptosystem offering perfect secrecy

我们现在演示一个非常简单的密码系统，它提供了完美的保密性。
密码系统的描述
考虑以下情况。投资者必须做出重大的财务决定，决定是购买额外的股份，还是出售现有的股份。在14时，他打算通知他的经纪人要遵循哪条指令。这个决定是高度敏感的，因此投资者希望对其进行加密，以防止竞争对手了解他的意图。

表3.1描述了在此场景中使用的合适密码系统。这个密码系统有两个密钥$K_1$和$K_2$，两个明文BUY和SELL，两个密文0和1。符号$E_K$ (data)表示使用密钥$K$加密数据所产生的密文。密码系统的工作原理如下:

投资者和经纪人事先约定一个随机选择的密钥($K_1$或$K_2$)。

投资者做出投资决策后，查阅表3.1，读取所选密钥对应的行和所选决策对应的列中的密文。例如，如果密钥是$K_1$，而投资者正在出售，那么选择的密文将是1。

在14点，投资者将单个密文位发送给经纪人。

代理查找表3.1中与所选密钥对应的行，并确定密文位位于哪一列。然后，他推导出与该列相对应的决策。在上面的示例中，代理检查与$K_1$对应的行，看到1位于与SELL对应的列中。因此经纪人推断明文是SELL。

统计代写请认准statistics-lab™. statistics-lab™为您的留学生涯保驾护航。

金融工程代写

非参数统计代写

非参数统计指的是一种统计方法，其中不假设数据来自于由少数参数决定的规定模型；这种模型的例子包括正态分布模型和线性回归模型。

广义线性模型代考

广义线性模型（GLM）归属统计学领域，是一种应用灵活的线性回归模型。该模型允许因变量的偏差分布有除了正态分布之外的其它分布。

有限元方法代写

随机分析代写

时间序列分析代写

回归分析代写

MATLAB代写

R语言代写	问卷设计与分析代写
PYTHON代写	回归分析与线性模型代写
MATLAB代写	方差分析与试验设计代写
STATA代写	机器学习/统计学习代写
SPSS代写	计量经济学代写
EVIEWS代写	时间序列分析代写
EXCEL代写	深度学习代写
SQL代写	各种数据建模与可视化代写

数学代写|密码学作业代写Cryptography代考|Frequency analysis

Posted on 2023年5月25日2023年5月25日 by statistics-lab

数学代写|密码学作业代写Cryptography代考|Frequency analysis

A good cryptanalyst needs many skills, including the ability to think laterally. In order to ‘break’ a cryptosystem, every available piece of information should be used. We are about to see that cryptosystems such as the Caesar Cipher and the Simple Substitution Cipher have a significant problem that can be exploited. Intriguingly, this exploit arises because of the typical nature of plaintexts.
THE NATURE OF PLAINTEXTS
The job of a cryptographer would arguably be much simpler if cryptosystems were only used to protect plaintexts consisting of randomly generated data. But, typically, they are not! In many situations, a plaintext is a meaningful string of letters that represents words, sentences, perhaps even an entire book, expressed in a language such as English. In any language, there are certain letters, or combinations of letters, that occur far more often than others, and hence languages are highly structured. Table 2.1 shows approximate letter frequencies for the English language.

The letter frequencies in Table 2.1 are expressed to three decimal places, indicating that, for example, in every 100000 letters of typical English text we would expect about 8167 A’s, 12702 E’s, but only 74 Z’s. Of course, this is just an approximation, but the inference is clear: given any plaintext string in English, there are likely to be far more occurrences of the letter E than the letter $\mathrm{Z}$.

数学代写|密码学作业代写Cryptography代考|A study of theory versus practice

Before leaving the topic of monoalphabetic ciphers, it is worth using letter frequency analysis of the Simple Substitution Cipher to illustrate a point that we will keep returning to throughout our investigation of cryptography: the differences between theory and practice.
THEORY: UNIQUENESS OF THE PLAINTEXT
We have just observed that the Simple Substitution Cipher can provide reasonable protection for very short plaintexts. As an illustration, consider plaintexts consisting of just three letters. With only three ciphertext characters to work with, an attacker is faced with so many possible three-letter plaintexts which could encrypt into a given three-letter ciphertext, that it is probably fair to describe the Simple Substitution Cipher as being unbreakable.

To illustrate this, if we are given a three-letter ciphertext MFM, then letter frequency analysis is useless, but we do know the first and the third plaintext letter must be the same. The plaintext could be $\mathrm{BOB}$, or POP, or MUM, or NUN, or..

However, given a ‘reasonable’ length of ciphertext, we know letter frequency analysis becomes very effective. So how much ciphertext does it take for the apparently hard problem of decrypting a short ciphertext to transform into the easy problem of decrypting a longer ciphertext?

Although there is no simple answer to this question, an important observation is that as the number of ciphertext letters increases, the number of possible plaintexts which could have resulted in that ciphertext must decrease. At some point this number will decrease to the point where only one plaintext is possible. The obvious question is: how many letters do we need before only one For the Simple Substitution Cipher applied to English plaintexts, this number is usually regarded as being around 28 ciphertext letters. This means:

If we have significantly less than 28 ciphertext letters, then there are probably many meaningful plaintexts which could have resulted in the ciphertext.
As we approach 28 ciphertext letters, then the number of possible meaningful plaintexts which could have resulted in the ciphertext steadily decreases.
Once we have 28 ciphertext letters, we can be fairly sure there is only one meaningful plaintext which could have resulted in the ciphertext.
If we have hundreds of ciphertext letters, then it is virtually a certainty that there is only one meaningful plaintext which results in the ciphertext.

密码学代写

数学代写|密码学作业代写Cryptography代考|Frequency analysis

一个好的密码分析师需要很多技能，包括横向思考的能力。为了“破解”一个密码系统，应该使用所有可用的信息。我们将看到诸如凯撒密码和简单替代密码这样的密码系统存在一个可以被利用的重大问题。有趣的是，这个漏洞的出现是由于明文的典型性质。
明文的本质
如果密码系统只用于保护由随机生成的数据组成的明文，密码学家的工作可能会简单得多。但是，通常情况下，他们不是!在许多情况下，明文是一串有意义的字母，它代表单词、句子，甚至可能是整本书，用英语等语言表示。在任何语言中，都有某些字母或字母的组合比其他字母出现的频率要高得多，因此语言是高度结构化的。表2.1显示了英语中字母的大致频率。

表2.1中的字母频率表示为小数点后三位，这表明，例如，在典型英语文本的每100000个字母中，我们预计大约有8167个A, 12702个E，但只有74个Z。当然，这只是一个近似值，但推论很清楚:给定任何英文明文字符串，字母E的出现次数可能远远多于字母$\ mathm {Z}$的出现次数。

数学代写|密码学作业代写Cryptography代考|A study of theory versus practice

在结束单字母密码的主题之前，有必要使用简单替代密码的字母频率分析来说明我们将在整个密码学研究中不断回到的一点:理论与实践之间的差异。
理论:明文的唯一性
我们刚刚观察到，简单替换密码可以为非常短的明文提供合理的保护。作为说明，考虑仅由三个字母组成的明文。由于只有三个密文字符可供使用，攻击者面临着许多可能的三字母明文，这些明文可以加密成给定的三字母密文，因此将简单替代密码描述为不可破解的可能是公平的。

为了说明这一点，如果我们得到一个三个字母的密文MFM，那么字母频率分析是无用的，但是我们知道第一个和第三个明文字母必须是相同的。明文可以是$\ mathm {BOB}$、POP、MUM、NUN或..

然而，给定一个“合理”长度的密文，我们知道字母频率分析变得非常有效。那么，解密短密文这个明显困难的问题，要用多少密文才能转化为解密长密文这个简单的问题呢?

虽然这个问题没有简单的答案，但一个重要的观察是，随着密文字母数量的增加，可能导致密文的可能明文的数量一定会减少。在某些时候，这个数字将减少到只有一个明文可能的点。显而易见的问题是:我们需要多少个字母才能得到一个?对于应用于英语明文的简单替换密码，这个数字通常被认为是28个左右的密文字母。这意味着:

如果我们有明显少于28个密文字母，那么可能有许多有意义的明文可以产生密文。

当我们接近28个密文字母时，可能导致密文的可能有意义的明文的数量稳步减少。

一旦我们有了28个密文字母，我们就可以相当确定只有一个有意义的明文可以产生密文。

如果我们有数百个密文字母，那么几乎可以肯定只有一个有意义的明文产生密文。

统计代写请认准statistics-lab™. statistics-lab™为您的留学生涯保驾护航。

金融工程代写

非参数统计代写

非参数统计指的是一种统计方法，其中不假设数据来自于由少数参数决定的规定模型；这种模型的例子包括正态分布模型和线性回归模型。

广义线性模型代考

广义线性模型（GLM）归属统计学领域，是一种应用灵活的线性回归模型。该模型允许因变量的偏差分布有除了正态分布之外的其它分布。

有限元方法代写

随机分析代写

时间序列分析代写

回归分析代写

MATLAB代写

R语言代写	问卷设计与分析代写
PYTHON代写	回归分析与线性模型代写
MATLAB代写	方差分析与试验设计代写
STATA代写	机器学习/统计学习代写
SPSS代写	计量经济学代写
EVIEWS代写	时间序列分析代写
EXCEL代写	深度学习代写
SQL代写	各种数据建模与可视化代写

数学代写|密码学作业代写Cryptography代考|Knowledge of the encryption algorithm

Posted on 2023年5月7日2023年5月7日 by statistics-lab

数学代写|密码学作业代写Cryptography代考|Knowledge of the encryption algorithm

As promised, we now consider the validity of the standard assumption that an attacker knows the encryption algorithm. There tend to be two different approaches to designing encryption algorithms, which result in most encryption algorithms being classified as either:

Publicly known algorithms: The full details of the algorithm are in the public domain and can be studied by anyone

Proprietary algorithms: The details of the algorithm are only known by the designers and perhaps a few selected parties.

In the case of publicly known encryption algorithms, an attacker knows the encryption algorithm. In the case of proprietary encryption algorithms, an attacker may well know the name of the encryption algorithm and certain basic properties, but it is not intended that they know any of the details of how it performs the encryption and decryption processes.

Note that the term proprietary is often used in other contexts to describe something that has an owner (an individual or organisation) and may have been patented; hence, our use of this term is slightly unusual. It is possible for a publicly known algorithm to be patented by an owner, and indeed there are several high-profile examples. Further, it is not necessarily the case that a proprietary algorithm has any patent issues, although its use will necessarily be restricted.

数学代写|密码学作业代写Cryptography代考|Use of publicly known algorithms

We have just observed that one possible advantage of publicly known algorithms is that a wide range of experts will have had the chance to evaluate such algorithms. However, designing cryptographic algorithms requires a great deal of knowledge, experience, and skill. Many well-qualified (and lessqualified!) people have designed cryptographic algorithms, but very few ever gain sufficient public confidence to become recommended for use in real applications. It is thus very important to appreciate that:

just because an algorithm is publicly known does not imply it has been studied by a wide range of experts;
even if a publicly known algorithm has been fairly well scrutinised, it may not be wise to deploy it in an application from a security perspective (for example, the level of scrutiny may not be sufficient);
relatively few publicly known algorithms are actually deployed in applications; and
very few publicly known algorithms are widely supported across different applications.
To emphasise these points, Figure 1.4 presents a conceptual taxonomy of publicly known encryption algorithms. While this taxonomy is artificial, it is designed to emphasise the prudent ‘conservatism’ of adoption of publicly known encryption algorithms. The zones in the figure can be interpreted as follows:

Unstudied algorithms (Zone A). This consists of a substantial number of encryption algorithms that have been proposed by designers, but never subjected to any serious analysis. There may well be some very good algorithms in this zone, but they have not been scrutinised enough to be relied upon. Algorithms in this zone include those used by a number of commercial products that claim to have designed their own encryption algorithm. Great caution should be applied before relying on such products.
‘Broken’ algorithms (Zone B). This consists of the many publicly known encryption algorithms that have been analysed and subsequently found to be flawed.

密码学代写

数学代写|密码学作业代写Cryptography代考|Knowledge of the encryption algorithm

如前所述，我们现在考虑攻击者知道加密算法这一标准假设的有效性。设计加密算法往往有两种不同的方法，这导致大多数加密算法被归类为:

公开的算法:算法的全部细节都在公共领域，任何人都可以研究

专有算法:算法的细节只有设计者和少数选定的方知道。

在公开已知加密算法的情况下，攻击者知道加密算法。在专有加密算法的情况下，攻击者可能知道加密算法的名称和某些基本属性，但并不打算让他们知道加密和解密过程的任何细节。

请注意，专有一词通常用于其他上下文中，用于描述拥有所有者(个人或组织)并且可能已获得专利的事物;因此，我们对这个词的使用有点不寻常。一个公开的算法有可能被所有者申请专利，确实有几个引人注目的例子。此外，专有算法不一定有任何专利问题，尽管它的使用必然会受到限制。

数学代写|密码学作业代写Cryptography代考|Use of publicly known algorithms

我们刚刚观察到，公开已知算法的一个可能优势是，广泛的专家将有机会评估这些算法。然而，设计加密算法需要大量的知识、经验和技能。许多合格的(和不合格的)人设计了加密算法，但很少有人获得足够的公众信任，被推荐用于实际应用程序。因此，认识到以下几点非常重要:

仅仅因为一个算法是公开的，并不意味着它已经被广泛的专家研究过;

即使一个公开的算法已经经过了很好的审查，从安全的角度来看，在应用程序中部署它可能是不明智的(例如，审查的级别可能不够);

在应用程序中实际部署的公开已知算法相对较少;和

很少有公开已知的算法在不同的应用程序中得到广泛支持。
为了强调这些要点，图1.4给出了已知加密算法的概念分类。虽然这种分类法是人为的，但它旨在强调采用公开已知加密算法的谨慎“保守主义”。图中的分区可以解释如下:

未研究的算法(A区)。这包括大量由设计师提出的加密算法，但从未经过任何认真的分析。在这个领域可能会有一些非常好的算法，但它们还没有经过足够的审查，不能被依赖。该区域的算法包括许多声称设计了自己的加密算法的商业产品所使用的算法。在依赖这些产品之前，应该非常谨慎。
“破损”算法(B区)。这包括许多已被分析并随后发现有缺陷的公开已知的加密算法。

统计代写请认准statistics-lab™. statistics-lab™为您的留学生涯保驾护航。

金融工程代写

非参数统计代写

非参数统计指的是一种统计方法，其中不假设数据来自于由少数参数决定的规定模型；这种模型的例子包括正态分布模型和线性回归模型。

广义线性模型代考

广义线性模型（GLM）归属统计学领域，是一种应用灵活的线性回归模型。该模型允许因变量的偏差分布有除了正态分布之外的其它分布。

有限元方法代写

随机分析代写

时间序列分析代写

回归分析代写

MATLAB代写

R语言代写	问卷设计与分析代写
PYTHON代写	回归分析与线性模型代写
MATLAB代写	方差分析与试验设计代写
STATA代写	机器学习/统计学习代写
SPSS代写	计量经济学代写
EVIEWS代写	时间序列分析代写
EXCEL代写	深度学习代写
SQL代写	各种数据建模与可视化代写

数学代写|密码学作业代写Cryptography代考|Steganography

Posted on 2023年5月7日2023年5月7日 by statistics-lab

数学代写|密码学作业代写Cryptography代考|Steganography

Another concept often confused with cryptography is steganography, which is also concerned with preventing unauthorised users from accessing plaintext data. However, the basic assumptions behind the use of steganography are rather different from those of cryptography. Steganography is essentially the study of information hiding. The main aim of steganography is for a sender to transfer a plaintext to a receiver in such a way that only the receiver can extract the plaintext because only the receiver knows that a hidden plaintext exists in the first place, and how to look for it (for example, by extracting information from a digital image). In steganography, an ‘interceptor’ may well be unaware that observed data contains hidden information. This is quite unlike cryptography, where an interceptor is normally fully aware that data is being communicated because they can see the ciphertext. Their problem in this case is that they cannot determine what data the ciphertext represents.

Cryptography and steganography are used in quite different applications. They can also be used together. In this case, steganography can be used to hide a ciphertext. This creates two layers of security:

The first layer, steganography, tries to hide the fact that a ciphertext exists in the first place.
In the event that this use of steganography is detected and the ciphertext is found, the second layer, cryptography, prevents the plaintext from being known.

We will not discuss steganography any further in this book. While it does potentially have niche applications, and might in some cases be regarded as a potential threat to an information system, steganography is rarely employed to secure information systems.

数学代写|密码学作业代写Cryptography代考|Access control

There are, in fact, three different approaches that can be taken to providing data confidentiality. The one we are most interested in is encryption, since this provides protection independently of the location where the data resides. As we have just seen, steganography relies on ‘hiding’ the data. A third approach is to control access to the (unencrypted) data. Access control is a major topic in its own right. Indeed, much of our data is not protected through the use of encryption, but rather through access control mechanisms on computers that use a combination of software and hardware techniques to prevent unauthorised users from accessing data.

Encryption can be regarded as a means of implementing a type of access control where only those with access to the appropriate decryption key can access protected data. However, they are normally separate mechanisms. Indeed, just as we saw for steganography, they can be used together to provide two separate layers of security. Access control can be used to restrict access to data, which is itself encrypted. Thus, an attacker who manages to get around the access control mechanism only manages to retrieve encrypted data.

密码学代写

学代写|密码学作业代写Cryptography代考|Steganography

The first layer, steganography, tries to hide the fact that a ciphertext exists in the first place.
In the event that this use of steganography is detected and the ciphertext is found, the second layer, cryptography, prevents the plaintext from being known.

数学代写|密码学作业代写Cryptography代考|Access control

统计代写请认准statistics-lab™. statistics-lab™为您的留学生涯保驾护航。

金融工程代写

非参数统计代写

非参数统计指的是一种统计方法，其中不假设数据来自于由少数参数决定的规定模型；这种模型的例子包括正态分布模型和线性回归模型。

广义线性模型代考

广义线性模型（GLM）归属统计学领域，是一种应用灵活的线性回归模型。该模型允许因变量的偏差分布有除了正态分布之外的其它分布。

有限元方法代写

随机分析代写

时间序列分析代写

回归分析代写

MATLAB代写

R语言代写	问卷设计与分析代写
PYTHON代写	回归分析与线性模型代写
MATLAB代写	方差分析与试验设计代写
STATA代写	机器学习/统计学习代写
SPSS代写	计量经济学代写
EVIEWS代写	时间序列分析代写
EXCEL代写	深度学习代写
SQL代写	各种数据建模与可视化代写

数学代写|密码学作业代写Cryptography代考|Types of attack

Posted on 2023年5月7日2023年5月7日 by statistics-lab

数学代写|密码学作业代写Cryptography代考|Types of attack

Risks to information can be assessed by identifying different types of possible attack that can be attempted. These attacks are often classified by the type of action that an attacker is able to perform.
PASSIVE ATTACKS
The main type of passive attack is unauthorised access to data. This is a passive process in the sense that the data and the processes being conducted on that data remain unaffected by the attack. Note that a passive attack is often likened to ‘stealing’ information. However, unlike stealing physical goods, in most cases theft of data still leaves the owner in possession of that data. As a result, information theft may go unnoticed by the owner. Indeed, it may even be undetectable.
ACTIVE ATTACKS
An active attack involves either data being changed in some way, or a process being conducted on the data. Examples of active attacks include:

unauthorised alteration of data;
unauthorised deletion of data;
unauthorised transmission of data;
unauthorised tampering with the origin of data;
unauthorised prevention of access to data (denial of service).
We will see that cryptography can be used as a tool to help prevent most passive and active attacks. A notable exception is denial of service. There is very little protection that cryptography can provide against this type of attack. Defence against denial of service normally requires security controls in other parts of the security infrastructure.

数学代写|密码学作业代写Cryptography代考|Security risks for a simple scenario

We now examine a very simple communication scenario and consider what security risks might exist. The simple scenario depicted in Figure 1.1 features a sender (who in the cryptographic world is often called Alice) and a receiver (who is usually called $B o b$ ). Alice wishes to transmit some information in an email to Bob. If Alice and Bob are to have any assurances about the security of the email they have just exchanged, then they should ask themselves some serious questions.

For example, Alice might ask herself:

Am I happy that anyone could read this email, or do I only want Bob to see it?
How can I make sure that my email reaches Bob without being changed?
Am I prepared (or allowed) to take any measures to protect my email before I send it?
Bob might ask himself:
How can I have confidence that this email actually came from Alice?
Can I be sure that this is the email Alice intended to send me?
Is it possible that Alice could deny in the future that she sent me this email?
This simple communication scenario (or variations thereof) is one we will regularly return to when we consider different types of cryptographic mechanisms. However, it is important to realise that not all applications of cryptography conform to this simple communication scenario. For example, we may need to secure:
a broadcast environment, where one sender is streaming data to a large number of receivers;
a data storage environment, which may not have an obvious recipient.
At this stage, it suffices to appreciate that there are other basic scenarios that each come with their own players and security risks.

密码学代写

数学代写|密码学作业代写Cryptography代考|Types of attack

可以通过识别可能尝试的不同类型的攻击来评估信息风险。这些攻击通常根据攻击者能够执行的操作类型进行分类。
被动攻击
被动攻击的主要类型是未经授权访问数据。从某种意义上说，这是一个被动的过程，数据和在该数据上执行的过程不受攻击的影响。请注意，被动攻击通常被比作“窃取”信息。然而，与窃取实物商品不同，在大多数情况下，窃取数据仍然使所有者拥有该数据。因此，信息被盗可能会被所有者所忽视。事实上，它甚至可能是无法检测到的。
主动攻击
主动攻击包括以某种方式更改数据或对数据进行处理。主动攻击的例子包括:

未经授权更改资料;

未经授权删除资料;

未经授权传送资料;

未经授权篡改资料来源;

未经授权防止访问数据(拒绝服务)。
我们将看到密码学可以作为一种工具来帮助防止大多数被动和主动攻击。一个明显的例外是拒绝服务。对于这种类型的攻击，密码学所能提供的保护很少。对拒绝服务的防御通常需要在安全基础结构的其他部分进行安全控制。

数学代写|密码学作业代写Cryptography代考|Security risks for a simple scenario

现在我们研究一个非常简单的通信场景，并考虑可能存在哪些安全风险。图1.1中描述的简单场景具有一个发送方(在密码学世界中通常称为Alice)和一个接收方(通常称为$B o B $)。爱丽丝希望通过电子邮件向鲍勃传递一些信息。如果Alice和Bob要对他们刚刚交换的电子邮件的安全性有任何保证，那么他们应该问自己一些严肃的问题。

例如，爱丽丝可能会问自己:

我是很高兴有人能读到这封邮件，还是我只想让鲍勃看到它?

我如何确保我的电子邮件到达鲍勃而不被更改?

我是否准备(或允许)在发送电子邮件之前采取任何措施来保护我的电子邮件?
鲍勃可能会问自己:

我怎么能确信这封邮件是Alice发的呢?

我能确定这是Alice要发给我的邮件吗?

有没有可能以后Alice会否认她给我发了这封邮件?
当我们考虑不同类型的加密机制时，我们将经常回到这个简单的通信场景(或其变体)。然而，重要的是要认识到并不是所有的密码学应用都符合这个简单的通信场景。例如，我们可能需要确保:

广播环境，其中一个发送方将数据流式传输给大量接收方;

数据存储环境，可能没有明显的接收者。
在这个阶段，只要认识到还有其他基本场景，每个场景都有自己的参与者和安全风险就足够了。

统计代写请认准statistics-lab™. statistics-lab™为您的留学生涯保驾护航。

金融工程代写

非参数统计代写

非参数统计指的是一种统计方法，其中不假设数据来自于由少数参数决定的规定模型；这种模型的例子包括正态分布模型和线性回归模型。

广义线性模型代考

广义线性模型（GLM）归属统计学领域，是一种应用灵活的线性回归模型。该模型允许因变量的偏差分布有除了正态分布之外的其它分布。

有限元方法代写

随机分析代写

时间序列分析代写

回归分析代写

MATLAB代写

R语言代写	问卷设计与分析代写
PYTHON代写	回归分析与线性模型代写
MATLAB代写	方差分析与试验设计代写
STATA代写	机器学习/统计学习代写
SPSS代写	计量经济学代写
EVIEWS代写	时间序列分析代写
EXCEL代写	深度学习代写
SQL代写	各种数据建模与可视化代写

数学代写|密码学作业代写Cryptography代考|History of Cryptography from the 1800s

Posted on 2023年4月5日2023年4月5日 by statistics-lab

如果你也在怎样代写密码学Cryptography这个学科遇到相关的难题，请随时右上角联系我们的24/7代写客服。

密码学创造了具有隐藏意义的信息；密码分析是破解这些加密信息以恢复其意义的科学。许多人用密码学一词来代替密码学；然而，重要的是要记住，密码学包括了密码学和密码分析。

我们提供的密码学Cryptography及其相关学科的代写，服务范围广, 其中包括但不限于:

Statistical Inference 统计推断
Statistical Computing 统计计算
Advanced Probability Theory 高等概率论
Advanced Mathematical Statistics 高等数理统计学
(Generalized) Linear Models 广义线性模型
Statistical Machine Learning 统计机器学习
Longitudinal Data Analysis 纵向数据分析
Foundations of Data Science 数据科学基础

数学代写|密码学作业代写Cryptography代考|The Vernam Cipher

The Vernam cipher is a type of one-time pad (Mollin 2000). The concept behind a one-time pad is that the plain text is somehow altered by a random string of data so that the resulting cipher text is truly random. Gilbert Vernam (April 3, 1890 to February 7,1960 ) proposed a stream cipher that would be used with teleprinters. It would combine character by character a prepared key that was stored on a paper tape, with the characters of the plain text to produce the cipher text. The recipient would again apply the key to get back the plain text.

In 1919 Vernam patented his idea (US Patent 1,310,719). In Vernam’s method he used the binary XOR (exclusive OR) operation applied to the bits of the message. We will be examining binary operations including XOR, in more detail in Chap. 4 . To truly be a one-time pad, by modern standards, a cipher needs two properties. The first is suggested by the name: the key is only used once. After a message is enciphered with a particular key, that key is never used again. This makes the one-time pad quite secure but also very impractical for ongoing communications such as one encounters in e-commerce. The second property is that the key be as long as the message. That prevents any patterns from emerging in the cipher text. It should be noted that Vernam also patented three other cryptographic inventions: US Patent $1,416,765$; US Patent 1,584,749; and US Patent 1,613,686.

One-time pads are still used for communications today, but only for the most sensitive communications. The keys must be stored in a secure location, such as a safe, and used only once for very critical messages. The keys for modern one-time pads are simply strings of random numbers sufficiently large enough to account for whatever message might be sent.

Contrary to popular misconceptions, the Enigma is not a single machine, but rather a family of machines. The first version was invented by German engineer Arthur Scherbius toward the end of World War I. It was also used by several different militaries, not just the Nazi Germans. Some military texts encrypted using a version of Enigma were broken by Polish cryptanalysts: Marian Rejewski, Jerzy Rozycki, and Henryk Zygalski. The three basically reverse engineered a working Enigma machine. The team then developed tools for breaking Enigma ciphers, including one tool named the cryptologic bomb.

The core of the Enigma machine was the rotors. These were disks that were arranged in a circle with 26 letters on them. The rotors where lined up. Essentially each rotor represented a different single-substitution cipher. You can think of the Enigma as a sort of mechanical poly-alphabet cipher. The operator of the Enigma machine would be given a message in plain text, and then type that message into Enigma. For each letter that was typed in, Enigma would provide a different cipher text based on a different substitution alphabet. The recipient would type in the cipher text, getting out the plain text, provided both Enigma machines had the same rotor settings. Figure 2.2 is a picture of an enigma machine.

数学代写|密码学作业代写Cryptography代考|The NSA: The Early Years

It is impossible to discuss the history of cryptography without some discussion of the history of the US National Security Agency. Today they are a large organization and are often reported to be the single largest employer of mathematicians, anywhere in the world. The history of cryptography in the latter half of the twentieth century, and beyond, is closely intertwined with the history of the NSA.

While the NSA formally was founded in 1952, there were many precursors to it. As early as 1919, the US Department of State created the Cipher Bureau, often simply called the “Black Chamber.” The Black Chamber operated in an office in Manhattan, and its main purpose was to crack the communications of foreign governments. They persuaded Western Union to allow them to monitor telegraphs transmitted by Western Union customers. The group had significant initial successes but was shut down in 1929 by the Secretary of State. He felt that spying was not a gentlemanly or honorable activity.

In 1924 the US Navy formed its Radio Intelligence office with the purpose of developing intelligence from monitoring radio communications. By 1942 the US Army renamed its Signal Intelligence Service, as Signal Security Service. At this time, the various military branches had their own initiatives on communications, radio intelligence, and cryptography, and cooperation was at a minimum.

In 1949 the various military agencies coordinated cryptology activities with a new, centralized organization named the Armed Forces Security Agency. This agency was part of the Department of Defense, rather than a specific branch of the military. In 1951, President Harry Truman set up a panel to investigate the shortcomings of the AFSA. Among those shortcomings was the failure to predict the outbreak of the Korean War. From this investigation came the National Security Agency. President Truman issued a classified directive entitled “Communications Intelligence Activities” that, among other things, established the NSA.

For much of its early history, the existence of the NSA was not acknowledged. This led to those who did know, jokingly referring to the NSA as “No Such Agency.” Obviously, the history of any intelligence agency is not completely public. But let’s examine some highlights that are.

After World War II, Soviet encryption was unbreakable and thus posed a significant issue for US Intelligence agencies. This fact, coupled with the discovery of Soviet Spies in various western governments, lead to a renewed emphasis on signals intelligence (SIGINT) and cryptanalysis.

The NSA had two primary roles. The first being to be able to monitor and decipher the communications of other nations. This would enable the gathering of important intelligence. The second being the protection of US communications from other nations eavesdropping. This led the NSA to develop a standard now known as TEMPEST, an acronym for Transient Electromagnetic Pulse Emanation Standard. This standard applies to both equipment used and to deployment and configuration of communications equipment.

During the cold war, the NSA grew and had some significant successes. As one prominent example, in 1964 the NSA intercepted and decrypted communications regarding China’s first nuclear weapon test. There were many others; some are still classified today. In recent years The Washington Times reported that NSA programs have foiled terrorist plots in over 20 different countries. We will see the NSA again in later chapters, particularly when we study modern cryptographic ciphers such as DES and AES in Chaps. 6 and 7 and then when we discuss cryptographic backdoors in Chap. 18.

密码学代写

数学代写|密码学作业代写Cryptography代考|The Vernam Cipher

Vernam 密码是一种一次性密码本 (Mollin 2000)。一次性一密背后的概念是纯文本以某种方式被随机数据串改变，因此生成的密文是真正随机的。Gilbert Vernam（1890 年 4 月 3 日至 1960 年 2 月 7 日）提出了一种用于电传打字机的流密码。它将一个字符一个字符地组合，一个存储在纸带上的准备好的密钥，与纯文本的字符产生密文。收件人将再次应用密钥以取回纯文本。

1919 年，Vernam 为他的想法申请了专利（美国专利 1,310,719）。在 Vernam 的方法中，他使用了应用于消息位的二进制 XOR（异或）运算。我们将在第 1 章中更详细地研究包括 XOR 在内的二进制操作。4. 要真正成为一次性一密本，按照现代标准，密码需要两个属性。第一个由名称建议：密钥仅使用一次。在使用特定密钥对消息进行加密后，该密钥将不再使用。这使得一次性一卡通非常安全，但对于正在进行的通信（例如在电子商务中遇到的人）来说也非常不切实际。第二个属性是密钥与消息一样长。这可以防止任何模式出现在密文中。值得注意的是，Vernam 还为其他三项密码学发明申请了专利：美国专利1,416,765; 美国专利 1,584,749；和美国专利 1,613,686。

一次性一密本今天仍用于通信，但仅用于最敏感的通信。密钥必须存储在安全位置，例如保险箱，并且对于非常关键的消息只能使用一次。现代一次性一密的密钥只是一串随机数，足够大以说明可能发送的任何消息。

与流行的误解相反，Enigma 不是一台机器，而是一个机器家族。第一个版本是由德国工程师 Arthur Scherbius 在第一次世界大战结束时发明的。它也被几个不同的军队使用，而不仅仅是纳粹德国人。一些使用 Enigma 版本加密的军事文本被波兰密码分析家破译：Marian Rejewski、Jerzy Rozycki 和 Henryk Zygalski。三人基本上逆向设计了一台工作的恩尼格玛机。该团队随后开发了用于破解 Enigma 密码的工具，包括一种名为密码炸弹的工具。

Enigma 机器的核心是转子。这些圆盘排列成一个圆圈，上面有 26 个字母。转子排成一行。本质上，每个转子代表一个不同的单替换密码。您可以将 Enigma 视为一种机械多字母密码。Enigma 机器的操作员将收到一条纯文本消息，然后将该消息输入 Enigma。对于输入的每个字母，Enigma 都会根据不同的替代字母表提供不同的密文。如果两台 Enigma 机器的转子设置相同，接收者将输入密文，得到明文。图 2.2 是谜机的图片。

数学代写|密码学作业代写Cryptography代考|The NSA: The Early Years

如果不讨论美国国家安全局的历史，就不可能讨论密码学的历史。今天，他们是一个大型组织，并且经常被报道为世界上任何地方最大的数学家雇主。二十世纪下半叶及以后的密码学历史与美国国家安全局的历史密切相关。

虽然 NSA 于 1952 年正式成立，但它的前身有很多。早在 1919 年，美国国务院就成立了密码局，通常简称为“黑室”。黑室在曼哈顿的一间办公室里运作，其主要目的是破解外国政府的通讯。他们说服西联汇款允许他们监控西联汇款客户发送的电报。该组织最初取得了重大成功，但在 1929 年被国务卿关闭。他觉得间谍活动不是绅士或光荣的活动。

1924 年，美国海军成立了无线电情报办公室，目的是通过监视无线电通信来开发情报。到 1942 年，美国陆军将其信号情报处更名为信号安全处。此时，各军种在通信、无线电情报、密码学等方面各有各的倡议，合作也处于最低限度。

1949 年，各种军事机构与一个名为武装部队安全局的新的中央组织协调密码学活动。该机构是国防部的一部分，而不是军队的一个特定部门。1951 年，哈里杜鲁门总统成立了一个小组来调查 AFSA 的缺点。这些缺点之一是未能预测朝鲜战争的爆发。来自这项调查的是国家安全局。杜鲁门总统发布了一项名为“通信情报活动”的机密指令，除其他外，该指令还建立了美国国家安全局。

在其早期历史的大部分时间里，NSA 的存在并未得到承认。这导致那些知道的人开玩笑地将 NSA 称为“没有这样的机构”。显然，任何情报机构的历史都不是完全公开的。但是，让我们检查一些亮点。

第二次世界大战后，苏联的加密是牢不可破的，因此给美国情报机构带来了重大问题。这一事实，再加上在各个西方政府中发现苏联间谍，导致人们重新强调信号情报 (SIGINT) 和密码分析。

美国国家安全局有两个主要角色。第一个是能够监视和破译其他国家的通信。这将使重要情报的收集成为可能。第二个是保护美国通信免受其他国家的窃听。这导致美国国家安全局制定了一个标准，现在称为 TEMPEST，瞬态电磁脉冲发射标准的首字母缩写词。本标准既适用于所使用的设备，也适用于通信设备的部署和配置。

在冷战期间，美国国家安全局发展壮大并取得了一些重大成就。举一个突出的例子，1964 年美国国家安全局截获并解密了有关中国第一次核武器试验的通信。还有很多其他的；有些至今仍属于机密。近年来，《华盛顿时报》报道称，美国国家安全局的计划已在 20 多个不同的国家挫败了恐怖主义阴谋。我们将在后面的章节中再次看到 NSA，特别是当我们在第 2 章中学习现代密码算法（例如 DES 和 AES）时。第 6 章和第 7 章，然后当我们在第 1 章讨论加密后门时。

统计代写请认准statistics-lab™. statistics-lab™为您的留学生涯保驾护航。

金融工程代写

非参数统计代写

非参数统计指的是一种统计方法，其中不假设数据来自于由少数参数决定的规定模型；这种模型的例子包括正态分布模型和线性回归模型。

广义线性模型代考

广义线性模型（GLM）归属统计学领域，是一种应用灵活的线性回归模型。该模型允许因变量的偏差分布有除了正态分布之外的其它分布。

有限元方法代写

随机分析代写

时间序列分析代写

回归分析代写

MATLAB代写

R语言代写	问卷设计与分析代写
PYTHON代写	回归分析与线性模型代写
MATLAB代写	方差分析与试验设计代写
STATA代写	机器学习/统计学习代写
SPSS代写	计量经济学代写
EVIEWS代写	时间序列分析代写
EXCEL代写	深度学习代写
SQL代写	各种数据建模与可视化代写

数学代写|密码学作业代写Cryptography代考|History of Cryptography to the 1800s

Posted on 2023年4月5日2023年4月5日 by statistics-lab

如果你也在怎样代写密码学Cryptography这个学科遇到相关的难题，请随时右上角联系我们的24/7代写客服。

我们提供的密码学Cryptography及其相关学科的代写，服务范围广, 其中包括但不限于:

Statistical Inference 统计推断
Statistical Computing 统计计算
Advanced Probability Theory 高等概率论
Advanced Mathematical Statistics 高等数理统计学
(Generalized) Linear Models 广义线性模型
Statistical Machine Learning 统计机器学习
Longitudinal Data Analysis 纵向数据分析
Foundations of Data Science 数据科学基础

数学代写|密码学作业代写Cryptography代考|Affne Ciphers

Affine ciphers are any single-substitution alphabet ciphers (also called monoalphabet substitution) in which each letter in the alphabet is mapped to some numeric value, permuted with some relatively simple mathematical function, and then converted back to a letter. For example, using the Caesar cipher, each letter is converted to a number, shifted by some amount, and then converted back to a letter. The basic formula for any affine cipher is
$$
a x+b(\bmod m)
$$
$M$ is the size of the alphabet-so in English that would be 26 . The $x$ represents the plain text letter’s numeric equivalent, and the $b$ is the amount to shift. The letter $a$ is some multiple-in the case of the Caesar cipher, $a$ is 1 . So, the Caesar cipher would be
$$
1 x+3(\bmod 26)
$$
What has been presented thus far is rather simplified. To use an affine cipher, you need to pick the value a so that it is coprime with $\mathrm{m}$. We will explore coprime in more detail later in this book. However, for now simply understand that two numbers are coprime if they have no common factors. For example, the number 8 has the factors 2 and 4 . The number 9 has the factor 3 . Thus, 8 and 9 have no common factors and are coprime. If you don’t select a and $\mathrm{m}$ that are coprime, it may not be possible to decrypt the message.

Continuing with a simplified example (ignoring the need for coprime a and $\mathrm{m}$ ), you could obviously use any shift amount you want, as well as any multiplier. The $a x$ value could be $1 x$, as with Caesar, or it could be $2 x, 3 x$, or any other value. For example, let’s create a simple Affine cipher:
$$
2 x+4(\bmod 26)
$$
To encrypt the phrase Attack at dawn, we first convert each letter to a number and then multiply that number by 2 and calculate that result $\equiv 6$. So, $A$ is 1,2 multiplied by 1 is still 2 , add 54 , gives us $6 \bmod 26$ yielding 6 , or $F$.

数学代写|密码学作业代写Cryptography代考|Vigenère

Perhaps the most widely known multi-alphabet cipher is the Vigenère cipher. This cipher was first described in 1553 by Giovan Battista Bellaso, though it is misattributed to nineteenth-century cryptographer Blaise de Vigenère (Singh 2000). It is a method of encrypting alphabetic text by using a series of different mono-alphabet ciphers selected based on the letters of a keyword. Bellaso also added the concept of using any keyword, thereby making the choice of substitution alphabets difficult to calculate. Essentially, the Vigenère cipher uses the tabula recta with a keyword. So, let us assume you have the word book, and you wish to encrypt it. You have a keyword for encryption, that keyword is $\operatorname{dog}$. You would like up the first letter of your plaintext, $b$ on the left-hand side of the tabula recta, with the first letter or your keyword $d$ on the top. The first letter of your cipher text is then $e$. Then you take the second letter of your plaintext, $o$, and line it up with the second letter of the keyword, also $o$, producing the second letter of your cipher text, $c$. The next o in book will line up with the $\mathrm{g}$ in dog, producing $\mathrm{u}$. Now that you have reached the end of your keyword, you start over at d. So, the $k$ in book is lined up with the $d$ in dog, producing the last letter of your cipher text, which is $n$. Thus, using Vigenère, with the keyword dog, the plaintext book becomes the cipher text ecun.

For many years, Vigenère was considered very strong-even unbreakable. However, in the nineteenth century, Friedrich Kasiski published a technique for breaking the Vigenère cipher. We will revisit that when we discuss cryptanalysis later in this book. It is important that you get accustomed to mathematical notation. Here, using $P$ for plain text, $C$ for cipher text, and $K$ for key, we can view Vigenère very similarly to Caesar, with one important difference: the value $K$ changes.
$$
\mathrm{Ci}=\mathrm{Pi}+\mathrm{Ki}(\bmod 26)
$$
The $i$ denotes the current key with the current letter of plain text and the current letter of cipher text. Note that many sources use $M$ (for message) rather than $P$ (for plain text) in this notation. Let us assume the word you wish to:

A variation of the Vigenère, the running key cipher, simply uses a long string of random characters as the key, which makes it even more difficult to decipher.

密码学代写

数学代写|密码学作业代写Cryptography代考|Affne Ciphers

仿射密码是任何单替换字母表密码（也称为单字母表替换），其中字母表中的每个字母都映射到某个数值，用一些相对简单的数学函数排列，然后转换回一个字母。例如，使用凯撒密码，每个字母都被转换为数字，移位一定量，然后再转换回字母。任何仿射密码的基本公式是
$$
a x+b(\bmod m)
$$
$M$ 是字母表的大小一一所以在英语中是 26 。这 $x$ 代表纯文本字母的数字等价物，而 $b$ 是要移动的量。这封信 $a$ 是一些倍数一一在凯撒密码的情况下， $a$ 是 1 。所以，凯撒密码将是
$$
1 x+3(\bmod 26)
$$
到目前为止所呈现的内容相当简单。要使用仿射密码，您需要选择值 a 以便它与 $\mathrm{m}$. 我们将在本书后面更详细地探讨互质。但是，现在只需了解如果两个数没有公因数，则它们是互质的。例如，数字 8 具有因数 2 和 4 。数字 9 有因数 3。因此，8和 9 没有公因数并且互质。如果您不选择和 $m$ 互质，则可能无法解密消自。
继续一个简化的例子 (忽略互质 $\mathrm{a}$ 和 $\mathrm{m}$ )，你显然可以使用你想要的任何移位量，以及任何乘数。这 $a x$ 价值可能是 $1 x$ ，就像凯撒一样，或者它可能是 $2 x, 3 x$ ，或任何其他值。例如，让我们创建一个简单的仿射密码:
$$
2 x+4(\bmod 26)
$$
为了加密短语 Attack at dawn，我们首先将每个字母转换为一个数字，然后将该数字乘以 2 并计算结果 $\equiv 6$. 所以， $A$ 是 1,2 乘以 1 仍然是 2 ，加上 54 ，给我们 $6 \bmod 26$ 产生 6 ，或 $F$.

数学代写|密码学作业代写Cryptography代考|Vigenère

也许最广为人知的多字母密码是 Vigenère 密码。1553 年，忝万·巴蒂斯塔·贝拉索 (Giovan Battista Bellaso) 首次描述了这种密码，尽管它被错误地归因于 19 世纪的密码学家 Blaise de Vigenère (Singh 2000)。它是一种通过使用基于关键字字母选择的一系列不同的单字母密码来加密字母文本的方法。 Bellaso 还添加了使用任何关键字的概念，从而使替代字母表的选择难以计算。本质上，Vigenère 密码使用带有关键字的白板。所以，让我们假设你有单词书，并且你想加密它。您有一个用于加密的关键字，该关键字是dog. 你想要明文的第一个字母， $b$ 在 tabula recta 的左侧，第一个字母或您的关键字 $d$ 在顶端。然后是密文的第一个字母 $e$. 然后你拿你的明文的第二个字母， $o$ ，并将其与关键字的第二个字母对齐， $o$ ，生成密文的第二个字母， $c$. 书中的下一个 0 将与 $\mathrm{g}$ 在狗身上，生产 $\mathrm{u}$. 现在您已经到达关键字的末尾，您可以从 $d$ 重新开始。所以 $k$ 在书中与 $d$ 在狗中，生成密文的最后一个字母，即 $n$. 因此，使用带有关键字 dog 的 Vigenère，明文 book 变成密文 ecun。
多年来，Vigenère 被认为非常坚固，甚至牢不可破。然而，在 19 世纪，弗里德里布·卡西斯基 (Friedrich Kasiski) 发表了破解维吉尼亚密码的技术。我们将在本书后面讨论密码分析时重新讨论这一点。习惯数学符号很重要。在这里，使用 $P$ 对于纯文本， $C$ 对于密文，和 $K$ 对于 key，我们可以将 Vigenère 视为与 Caesar 非常相似，但有一个重要区别：价值 $K$ 变化。
$$
\mathrm{Ci}=\mathrm{Pi}+\mathrm{Ki}(\bmod 26)
$$
这 $i$ 用明文的当前字母和密文的当前字母表示当前密钥。请注意，许多来源使用 $M$ (用于消息) 而不是 $P$ (对于纯文本) 以这种表示法。让我们假设您想要的词:
运行密钥密码是 Vigenère 的一种变体，它只是使用一长串随机字符作为密钥，这使得破译更加困难。

统计代写请认准statistics-lab™. statistics-lab™为您的留学生涯保驾护航。

金融工程代写

非参数统计代写

非参数统计指的是一种统计方法，其中不假设数据来自于由少数参数决定的规定模型；这种模型的例子包括正态分布模型和线性回归模型。

广义线性模型代考

广义线性模型（GLM）归属统计学领域，是一种应用灵活的线性回归模型。该模型允许因变量的偏差分布有除了正态分布之外的其它分布。

有限元方法代写

随机分析代写

时间序列分析代写

回归分析代写

MATLAB代写

R语言代写	问卷设计与分析代写
PYTHON代写	回归分析与线性模型代写
MATLAB代写	方差分析与试验设计代写
STATA代写	机器学习/统计学习代写
SPSS代写	计量经济学代写
EVIEWS代写	时间序列分析代写
EXCEL代写	深度学习代写
SQL代写	各种数据建模与可视化代写

数学代写|密码学作业代写Cryptography代考|CISS3341

Posted on 2023年3月30日2023年3月30日 by statistics-lab

如果你也在怎样代写密码学Cryptography这个学科遇到相关的难题，请随时右上角联系我们的24/7代写客服。

我们提供的密码学Cryptography及其相关学科的代写，服务范围广, 其中包括但不限于:

Statistical Inference 统计推断
Statistical Computing 统计计算
Advanced Probability Theory 高等概率论
Advanced Mathematical Statistics 高等数理统计学
(Generalized) Linear Models 广义线性模型
Statistical Machine Learning 统计机器学习
Longitudinal Data Analysis 纵向数据分析
Foundations of Data Science 数据科学基础

数学代写|密码学作业代写Cryptography代考|MESSAGING PROTOCOLS

A messaging protocol must be able to deal with three processes: Establishing a state for a conversation, encrypting messages and decrypting messages. We shall use stateful encryption, something that we wanted to avoid in Chapters 7 and 8 , but which now will be needed. Also, we must generate keys.

For convenience, the definition of messaging protocols comes in two parts: the algorithms and the correctness requirement, with some notation in between. Correctness essentially implies that if two parties running the protocol agree on the context for the conversation and what they have sent and received through the network, they will also agree on the messages sent and received.
Definition 13.1. A basic messaging protocol $\mathrm{SM}=\left(\mathfrak{P}, \mathfrak{F}, \mathcal{K}, \mathcal{H}, \mathcal{E}_m, \mathcal{D}_m\right)$ consists of a set of plaintexts $\mathfrak{F}$, a set of associated data $\mathfrak{F}$, and four algorithms:

The key generation algorithm $\mathcal{K}$ takes no input and outputs a public key $p k$ and a secret key $s k$.
The interactive handshake algorithm $\mathcal{H}$ takes as input a role $\rho \in{0,1}$, associated data $a d$, a key pair $\left(p k_\rho, s k_\rho\right)$ and a public key $p k_{1-\rho}$. It alternates between sending and receiving signals, initially sending if $\rho=$ 0 , otherwise initially receiving. Eventually, it either outputs a state st or the special symbol $\perp$ signifying failure.
The encryption algorithm $\mathcal{E}_m$ takes as input a secret key sk, a state st, per-message associated data $a d^m$ and a message $m \in \mathfrak{P}$, and outputs either the special symbol $\perp$, or a state $s t^{\prime}$ and a ciphertext $c$.
The decryption algorithm $\mathcal{D}_m$ takes as input a secret key sk, a state $s t$, per-message associated data $a d^m$ and $c$. It outputs either the special symbol $\perp$, or a state $s t^{\prime}$ and a message $m \in \mathfrak{F}$.

The algorithms may also output $\perp$, and they will if given an input state $\perp$.
An instance of SM with role $\rho$, associated data ad, key pair $\left(p k_\rho, s k_\rho\right)$ and $p k_{1-\rho}$ is described by signals $\hat{c}1, \hat{c}_2, \ldots, \hat{c}{\hat{l}}$, events $\left(\rho_i, a d_i^m, m_i, c_i\right), i=$ $1,2, \ldots, l$, and states $s t_0, s t_1, \ldots, s t_l$, where

$\mathcal{H}$ with input $\left(\rho, a d, p k_\rho, s k_\rho, p k_{1-\rho}\right)$ sends/receives (receives/sends) the signals $\hat{c}1, \hat{c}_2, \ldots, \hat{c}{\hat{l}}$ and outputs the state $s t_0$;
and for $i=1,2, \ldots, l$ we have either
$\rho_i=\rho$ and $\mathcal{E}m\left(s k, s t{i-1}, a d_i^m, m_i\right)$ output $\left(s t_i, c_i\right)$ (encryption); or
$\rho_i=1-\rho$ and $\mathcal{D}m\left(s k, s t{i-1}, a d_i^m, c_i\right)$ output $\left(s t_i, m_i\right)$ (decryption).

数学代写|密码学作业代写Cryptography代考|Practical Mathematical Cryptography

We shall consider four examples. The first two examples are channel protocols. We studied a variant of the first example in Section 7.4. The second example uses session key evolution to achieve stronger security in some contexts.
The third example is a natural combination of public key encryption and digital signatures, which we looked at in Section 9.4. It is our first messaging protocol. In some sense, this example is very similar to the first example.
The fourth example is another natural combination of a key exchange scheme and a channel protocol. Depending on which channel protocol we use, the composition is either suitable for short-lived or longer-lived instances.
The third and fourth examples use compositional constructions, where simpler constructions are composed to form new constructions. As previously mentioned, composition seems very natural, but can be quite subtle. Security properties do not compose nicely in general, but sometimes they do.

Channel As we saw in Section 7.4 there are a number of ways to realise a channel protocol. The following example is probably the simplest possible method. The channel protocol simply encrypts any message with the symmetric cryptosystem, encoding the sender and its order in the associated data. The recipient encodes its belief about the sender and the sender’s order in the associated data it uses. It does not achieve any kind of security if more than one instance uses the same role, the same key and the same associated data.
Example 13.2. Let $\Sigma=\left(\mathfrak{K}_s, \mathfrak{P}, \mathfrak{F}_0, \mathfrak{C}, \mathcal{E}_s, \mathcal{D}_s\right)$ be a symmetric cryptosystem, with ${0,1} \times \mathbb{Z} \times \mathfrak{F} \times \mathfrak{F} \subseteq \mathfrak{F}_0$. The channel is SC-SYM $=\left(\mathfrak{P}, \mathfrak{F}, \mathfrak{K}_s, \mathcal{H}, \mathcal{E}_m, \mathcal{D}_m\right)$, where the algorithms all take the key $k$ and state $\left(\rho, a d, j, j^{\prime}\right) \in{0,1} \times \mathfrak{F} \times$ $\mathbb{Z} \times \mathbb{Z}$ as input, and work as follows:

The encryption algorithm $\mathcal{E}_m$ also takes $a d^m$ and $m$ as input, computes $c \leftarrow \mathcal{E}_s\left(k,\left(\rho, j, a d, a d^m\right), m\right)$ and outputs $\left(\rho, a d, j+1, j^{\prime}\right)$ and $c$.
The decryption algorithm $\mathcal{D}_m$ also takes $a d^m$ and $c$ as input and computes $m \leftarrow \mathcal{D}_s\left(k,\left(\rho, j^{\prime}, a d, a d^m\right), c\right)$. If $m=\perp$, the algorithm outputs $\perp$. Otherwise, it outputs $\left(\rho, a d, j, j^{\prime}+1\right)$ and $m$.
This is a simple channel and $\mathcal{H}(\rho, a d, k)$ outputs the state $(\rho, a d, 0,0)$.
This causal order of this channel is the minimal causal order, since the two directions are treated independently.

密码学代写

数学代写|密码学作业代写Cryptography代考|MESSAGING PROTOCOLS

消息传递协议必须能够处理三个过程：建立对话状态、加密消息和解密消息。我们将使用状态加密，这是我们在第 7 章和第 8 章中想要避免的东西，但现在需要它。此外，我们必须生成密钥。
为方便起见，消息协议的定义分为两部分：算法和正确性要求，中间有一些符号。正确性本质上意味着如果运行该协议的两方就对话的上下文以及他们通过网络发送和接收的内容达成一致，他们也会就发送和接收的消息达成一致。
定义 13.1。一个基本的消息传递协议 $\mathrm{SM}=\left(\mathfrak{P}, \mathfrak{F}, \mathcal{K}, \mathcal{H}, \mathcal{E}_m, \mathcal{D}_m\right)$ 由一组明文组成 $\mathfrak{F}$ ，一组关联数据 $\mathfrak{F}$ ，以及四种算法:

密钥生成算法 $\mathcal{K}$ 不接受输入并输出公钥 $p k$ 和一把秘钥 $s k$.
交互式握手算法 $\mathcal{H}$ 将角色作为输入 $\rho \in 0,1$, 关联数据 $a d_r$ 一对密钥 $\left(p k_\rho, s k_\rho\right)$ 和一个公钥 $p k_{1-\rho}$. 它在发送和接收信号之间交替，如果 $\rho=0$ ，否则最初接收。最终，它要么输出状态 st，要么输出特殊符号上表示失败。
加密算法 $\mathcal{E}_m$ 将密钥 sk、状态 st、每条消息关联的数据作为输入 $a d^m$ 和一条消息 $m \in \mathfrak{P}$, 并输出特殊符号上，或者一个状态 $s t^{\prime}$ 和密文 $c$.
解密算法 $\mathcal{D}m$ 将密钥 sk 作为输入，一个状态 $s t$, 每条消息关联数据 $a d^m$ 和 $c$. 它输出特殊符号, 或者一个状态 $s t^{\prime}$ 和一条消息 $m \in \mathfrak{F}$. 算法也可能输出，如果给定一个输入状态，他们就会. 具有角色的 SM 实例 $\rho$ ，关联数据广告，密钥对 $\left(p k\rho, s k_\rho\right)$ 和 $p k_{1-\rho}$ 由信号描述 $\hat{c} 1, \hat{c}_2, \ldots, \hat{c} \hat{l}$ ，事件 $\left(\rho_i, a d_i^m, m_i, c_i\right), i=1,2, \ldots, l$, 和状态 $s t_0, s t_1, \ldots, s t_l$ ，在哪里
$\mathcal{H}$ 有输入 $\left(\rho, a d, p k_\rho, s k_\rho, p k_{1-\rho}\right.$ )发送/接收 (接收/发送) 信号 $\hat{c} 1, \hat{c}_2, \ldots, \hat{c} \hat{l}$ 并输出状态 $s t_0$ ；并为 $i=1,2, \ldots, l$ 我们要么
$\rho_i=\rho$ 和 $\mathcal{E} m\left(s k, s t i-1, a d_i^m, m_i\right)$ 输出 $\left(s t_i, c_i\right)$ (加密) ; 或者
$\rho_i=1-\rho$ 和 $\mathcal{D} m\left(s k, s t i-1, a d_i^m, c_i\right)$ 输出 $\left(s t_i, m_i\right)$ (解密)。

数学代写|密码学作业代写Cryptography代考|Practical Mathematical Cryptography

我们将考虑四个例子。前两个示例是通道协议。我们研究了第 7.4 节中第一个示例的变体。第二个示例使用会话密钥演化在某些情况下实现更强的安全性。
第三个例子是公钥加密和数字签名的自然结合，我们在第 9.4 节中看到过。这是我们的第一个消息传递协议。从某种意义上说，这个例子与第一个例子非常相似。
第四个例子是密钥交换方案和信道协议的另一个自然组合。根据我们使用的通道协议，该组合适用于短期或长期实例。
第三个和第四个示例使用组合结构，其中将较简单的结构组合成新的结构。如前所述，构图看起来很自然，但也可能非常微妙。安全属性通常不会很好地组合，但有时它们会。
通道正如我们在 7.4 节中看到的，有许多方法可以实现通道协议。以下示例可能是最简单的方法。通道协议简单地使用对称密码系统加密任何消息，在相关数据中对发送者及其顺序进行编码。接收方在其使用的关联数据中编码其对发送方的信念和发送方的订单。如果多个实例使用相同的角色、相同的密钥和相同的关联数据，则它不会实现任何类型的安全性。
例 13.2。让 $\Sigma=\left(\mathfrak{K}_s, \mathfrak{P}, \mathfrak{F}_0, \mathfrak{C}, \mathcal{E}_s, \mathcal{D}_s\right)$ 是一个对称的密码系统，有 $0,1 \times \mathbb{Z} \times \mathfrak{F} \times \mathfrak{F} \subseteq \mathfrak{F}_0$. 通道是 SC-SYM $=\left(\mathfrak{P}, \mathfrak{F}, \mathfrak{K}_s, \mathcal{H}, \mathcal{E}_m, \mathcal{D}_m\right)$ ，算法都采用密钥 $k$ 和状态 $\left(\rho, a d, j, j^{\prime}\right) \in 0,1 \times \mathfrak{F} \times \mathbb{Z} \times \mathbb{Z}$ 作为输入，并按如下方式工作:

加密算法 $\mathcal{E}_m$ 也需要 $a d^m$ 和 $m$ 作为输入，计算 $c \leftarrow \mathcal{E}_s\left(k,\left(\rho, j, a d, a d^m\right), m\right)$ 和输出 $\left(\rho, a d, j+1, j^{\prime}\right)$ 和 $c$. 法输出 $\perp$. 否则，它输出 $\left(\rho, a d, j, j^{\prime}+1\right)$ 和 $m$.
这是一个简单的频道 $\mathcal{H}(\rho, a d, k)$ 输出状态 $(\rho, a d, 0,0)$.
此通道的因果顺序是最小因果顺序，因为两个方向是独立处理的。

统计代写请认准statistics-lab™. statistics-lab™为您的留学生涯保驾护航。

金融工程代写

非参数统计代写

非参数统计指的是一种统计方法，其中不假设数据来自于由少数参数决定的规定模型；这种模型的例子包括正态分布模型和线性回归模型。

广义线性模型代考

广义线性模型（GLM）归属统计学领域，是一种应用灵活的线性回归模型。该模型允许因变量的偏差分布有除了正态分布之外的其它分布。

有限元方法代写

随机分析代写

时间序列分析代写

回归分析代写

MATLAB代写

R语言代写	问卷设计与分析代写
PYTHON代写	回归分析与线性模型代写
MATLAB代写	方差分析与试验设计代写
STATA代写	机器学习/统计学习代写
SPSS代写	计量经济学代写
EVIEWS代写	时间序列分析代写
EXCEL代写	深度学习代写
SQL代写	各种数据建模与可视化代写

数学代写|密码学作业代写Cryptography代考|CS388

Posted on 2023年3月30日2023年3月30日 by statistics-lab

如果你也在怎样代写密码学Cryptography这个学科遇到相关的难题，请随时右上角联系我们的24/7代写客服。

我们提供的密码学Cryptography及其相关学科的代写，服务范围广, 其中包括但不限于:

Statistical Inference 统计推断
Statistical Computing 统计计算
Advanced Probability Theory 高等概率论
Advanced Mathematical Statistics 高等数理统计学
(Generalized) Linear Models 广义线性模型
Statistical Machine Learning 统计机器学习
Longitudinal Data Analysis 纵向数据分析
Foundations of Data Science 数据科学基础

数学代写|密码学作业代写Cryptography代考|DISTRIBUTED DECRYPTION

Sometimes we need to decrypt ciphertexts, but we consider it too risky for a single party to have the decryption key. Distributed decryption allows us to mitigate this risk by sharing the decryption key among several parties and having them cooperate to compute the decryption. We also want robustness so that none of the parties can renege on their responsibilities.

The obvious approach is to use secret sharing and multi-party computation. We secret share the decryption key and express the decryption algorithm in terms of a algebraic circuit. However, we can do better.

The fundamental operation in many cryptosystems is exponentiation in a group $G$ of prime order $p$. We have a secret exponent $b \in{0,1,2, \ldots, p-1}$ and want to compute $x^b$ for some $x \in G$. We use a $t$-out-of- $l$ Shamir secret sharing of $b$. For a set $\mathfrak{L}0$ of at least $t$ players and shares $\left.f\right|{\mathfrak{L}0}$, we get $$ \sum{P \in \mathfrak{U}0} \rho{P, \mathfrak{I}0} f(P) \equiv b \quad(\bmod p) \quad \text { and } \quad \prod{P \in \mathfrak{U}0} x^{\rho{P, \mathfrak{L}0} f(P)}=\prod{P \in \mathfrak{U}0}\left(x^{f(P)}\right)^{\rho{P, \mathfrak{L}_0}}
$$
If sufficiently many players compute $x^{f(P)}, x^b$ can be reconstructed.
Definition 12.7. Let $\mathrm{PKE}=(\mathcal{K}, \mathcal{E}, \mathcal{D})$ be a public key encryption scheme. $\mathrm{A}$ distributed decryption scheme for PKE and a set of players $\mathfrak{U}$ consists of three algorithms $(\mathcal{D} \mathcal{K}, \mathcal{D} \mathcal{D}, \mathcal{D} \mathcal{R})$

The key distribution algorithm $\mathcal{D} \mathcal{K}$ takes as input a decryption key $d k$ and outputs a decryption key sharing $d$ and a public commitment $p c$.
The distributed decryption algorithm $\mathcal{D} \mathcal{D}$ takes as input a player $P$, a decryption key share $d(P)$, associated data $a d$ and a ciphertext $c$ and outputs either a decryption share $m s$ or the special symbol $\perp$.
The reconstruction algorithm $\mathcal{D} \mathcal{R}$ takes as input a public commitment $p c$, a set of players $\mathfrak{L}_0$, associated data $a d$, a ciphertext $c$ and a set of decryption shares $\left{\left(P, m s_P\right) \mid P \in \mathfrak{U}_0\right}$. It outputs either a message $m$, or the special symbol $\perp$, or $\perp$ and $\mathfrak{U}_1 \subseteq \mathfrak{U}_0$.

We say that $(\mathcal{D} \mathcal{K}, \mathcal{D} \mathcal{D}, \mathcal{D R})$ is correct for an access structure $\mathfrak{A}$ if for any $\mathfrak{U}0 \subseteq \mathfrak{U}$, any $(e k, d k)$ output by $\mathcal{K}$, any decryption key sharing $d$ and public commitment $p c$ output by $\mathcal{D} \mathcal{K}(d k)$, any associated data ad $\in \mathfrak{F}{e k}$ and message $m \in \mathfrak{M}_{e k}$ and ciphertext $c$ output by $\mathcal{E}(e k, a d, m)$, and any decryption shares $m_P$ output by $\mathcal{D} \mathcal{D}(P, d(P), a d, c)$ for $P \in \mathfrak{U}_0$, we have that
$$
\mathcal{D} \mathcal{R}\left(p c, \mathfrak{U}_0, a d, c,\left{\left(P, m s_P\right) \mid P \in \mathfrak{U}_0\right}\right)=m
$$

数学代写|密码学作业代写Cryptography代考|Messaging Protocols

The original cryptographic problem is to have a secure conversation over an insecure channel, for reasonable values of secure, and we have briefly discussed the problem. We shall now formalise the problem and study solutions in detail.
The most extensive discussions were in Section 7.4 and Section 9.4. We build on these discussions and increase precision and the level of security we shall achieve. We shall also consider a greater variety of solutions.

We have previously distinguished between channels and messaging protocols, with the implicit understanding that channels are symmetric cryptosystems, while messaging protocols model multiple parties, though only two-party conversations. One goal for our work is to unify these treatments.

Unfortunately, there is a huge variety in messaging protocol design, and many of the variants have fairly subtle differences in security properties. Unlike the case for symmetric and public key encryption and digital signatures, it seems difficult to give an account of security notions for messaging protocols that is both exhaustive and of limited complexity. Unlike the case for key exchange, where we aimed for a somewhat comprehensive framework for security notions, we shall aim for a much simpler framework for messaging protocols, although there will be sufficient complexity left.

To guide our choices, we shall consider three reasonable classes of messaging protocols, for three distinct applications, and with concrete examples for each class. The first class is short-term, high-bandwidth, low-latency communications, such as establishing a short-term connection to a server. The second is long-term high-bandwidth, low-latency communications, such as establishing a long-term link between a remote sensor and a server. And the third is long-term, medium-bandwidth communications where latency is not crucial, such as text-based human-to-human messaging.

We shall make one crucial restriction on our messaging protocols. There should only be network traffic when establishing a conversation or when a message is sent, and each message sent should correspond to exactly one network message. This limits the types of security we can achieve. For instance, Alice cannot know if Bob has received a message until Bob responds with a message of his own. This choice is deliberate, with the assumption that applications can build such functionality and security on top of a messaging protocol.

密码学代写

数学代写|密码学作业代写Cryptography代考|DISTRIBUTED DECRYPTION

有时我们需要解密密文，但我们认为单方拥有解密密钥的风险太大。分布式解密允许我们通过在多方之间共享解密密钥并让他们合作计算解密来减轻这种风险。我们还需要稳健性，以便任何一方都不能违背自己的责任。
显而易见的方法是使用秘密共享和多方计算。我们秘密共享解密密钥并用代数电路表示解密算法。然而，我们可以做得更好。
许多密码系统的基本操作是在一个群中求幕 $G$ 素数 $p$. 我们有一个秘密指数 $b \in 0,1,2, \ldots, p-1$ 并想计算 $x^b$ 对于一些 $x \in G$. 我们使用一个 $t$-在……之外-l沙米尔的秘密分享 $b$. 对于一套 $\mathfrak{L} 0$ 至少 $t$ 球员和股份 $f \mid \mathcal{L} 0$, 我们得到
$\sum P \in \mathfrak{U} 0 \rho P, \mathfrak{I} 0 f(P) \equiv b \quad(\bmod p) \quad$ and $\quad \prod P \in \mathfrak{U} 0 x^{\rho P, \mathfrak{L} 0 f(P)}=\prod P \in \mathfrak{U} 0\left(x^{f(P)}\right)^{\rho P}$
如果足够多的玩家计算 $x^{f(P)}, x^b$ 可以重建。
定义 12.7。让 $\mathrm{PKE}=(\mathcal{K}, \mathcal{E}, \mathcal{D})$ 是一个公钥加密方案。APKE分布式解密方案及一组播放器 $\mathfrak{U}$ 由三种算法组成 $(\mathcal{D} \mathcal{K}, \mathcal{D D}, \mathcal{D} \mathcal{R})$

密钥分发算法 $\mathcal{D K}$ 将解密密钥作为输入 $d k$ 并输出解密密钥共享 $d$ 和公开承诺 $p c$.
分布式解密算法 $\mathcal{D} \mathcal{D}$ 将玩家作为输入 $P$ ，一个解密密钥份额 $d(P)$, 关联数据 $a d$ 和密文 $c$ 并输出解密份额 $m s$ 或特殊符号上.
重建算法 $\mathcal{D} \mathcal{R}$ 将公开承诺作为输入 $p c_r$ 一组玩家 $\mathfrak{L}0$ ，关联数据 $a d_r$ 一个密文 $c$ 和一组解密共享和 $\mathfrak{U}_1 \subseteq \mathfrak{U}_0$. 我们说 $(\mathcal{D K}, \mathcal{D D}, \mathcal{D} \mathcal{R})$ 对于访问结构是正确的 $\mathfrak{A}$ 如果有的话 $\mathfrak{U} 0 \subseteq \mathfrak{U} ＼mathrm{~ ，任何 ~}(e k, d k)$ 输出方式 $\mathcal{K}$ ，任何解密密钥共享 $d$ 和公开承诺 $p c$ 输出方式 $\mathcal{D K}(d k)$ ，任何关联的数据广告 $\in \mathfrak{F} e k$ 和消息 $m \in \mathfrak{M}{e k}$ 和密文 $c$ 输出方式 $\mathcal{E}(e k, a d, m)$ ，以及任何解密共享 $m_P$ 输出方式 $\mathcal{D} \mathcal{D}(P, d(P), a d, c)$ 为了 $P \in \mathfrak{U}_0$.

数学代写|密码学作业代写Cryptography代考|Messaging Protocols

最初的密码学问题是在不安全的通道上进行安全对话，以获得合理的安全值，我们已经简要讨论了这个问题。我们现在将问题形式化并详细研究解决方案。
最广泛的讨论在第 7.4 节和第 9.4 节中。我们以这些讨论为基础，提高精确度和我们将达到的安全级别。我们还将考虑更多种类的解决方案。

我们之前已经区分了通道和消息传递协议，隐含的理解是通道是对称密码系统，而消息传递协议模拟多方，尽管只是两方对话。我们工作的一个目标是统一这些治疗方法。

不幸的是，消息传递协议的设计千差万别，而且许多变体在安全属性上都有相当细微的差异。与对称和公钥加密以及数字签名的情况不同，似乎很难对既详尽又复杂度有限的消息传递协议的安全概念进行说明。与密钥交换的情况不同，我们的目标是为安全概念建立一个比较全面的框架，我们的目标是为消息传递协议建立一个更简单的框架，尽管还有足够的复杂性。

为了指导我们的选择，我们将考虑三种合理的消息传递协议类别，用于三种不同的应用程序，并为每个类别提供具体示例。第一类是短期、高带宽、低延迟的通信，例如与服务器建立短期连接。第二种是长期高带宽、低延迟的通信，比如在远程传感器和服务器之间建立长期链接。第三种是延迟不重要的长期、中等带宽通信，例如基于文本的人与人之间的消息传递。

我们将对我们的消息协议做出一个重要的限制。只有在建立对话或发送消息时才会有网络流量，并且发送的每条消息都应恰好对应一条网络消息。这限制了我们可以实现的安全类型。例如，在 Bob 用他自己的消息响应之前，Alice 无法知道 Bob 是否收到消息。这种选择是经过深思熟虑的，假设应用程序可以在消息传递协议之上构建此类功能和安全性。

统计代写请认准statistics-lab™. statistics-lab™为您的留学生涯保驾护航。

R语言代写	问卷设计与分析代写
PYTHON代写	回归分析与线性模型代写
MATLAB代写	方差分析与试验设计代写
STATA代写	机器学习/统计学习代写
SPSS代写	计量经济学代写
EVIEWS代写	时间序列分析代写
EXCEL代写	深度学习代写
SQL代写	各种数据建模与可视化代写