Agenda : 2.1.Applications
2.2.Steps used in application
The core of cryptography which is secure communication consists of 2 parts
1) Key establishment
2) Communication using shared key
In this course, Alice,Bob,attacker plays a vital role to help us understand working of the system.
Speaking about the roles
a) Alice tries to have a secure communication with Bob.
b) Attacker's motive is to modify or eavesdrop the communication.
2.1 :: Applications
First Application : Digital Signature
Physical world : Here, in physical world, Signature is always the same when you sign any document.
Digital world : Having same signature to all the documents possibly won't work, because attacker will try to cut, copy, paste the signature once he/she obtains from other document.that I might not have wanted to sign.
Q) Does the above problem have got a solution?
A) Yes,Indeed , digital signature is created via function of the content being signed.So an attacker who tries to copy my signature from one document to another is not gonna succeed because the signature. On the new document is not gonna be the proper function of the data in the new document, and as a result, the signature won't verify.
Second Application : Anonymous communication
E.G. 1 : Imagine a medical condition which alice wants to talk, but alice do not want bob to know about her condition i.e. she wants to talk anonymously. This is possible using a standard method called mix network.Through a sequence of proxies such anonymity is maintained till the end of the communication.Therefore Bob will still have no idea to whom he just talked to.
For more information about the mix network :visit http://en.wikipedia.org/wiki/Mix_network
Physical world : Alice can walk into a bookstore and buy a book and the merchant would have no idea who alice is.
Digital world :Suppose alice has a digital coin and she wants to spend it on a online book store.and may be she replicates the coin and would try to purchase from other merchants.That is Alice is double spending which is illegal.
Q) If anonymity is given to Alice, she is misusing it ! and there is nothing to prevent ?
A) Yes, that is a paradox, here anonymity is in conflict with security.But,it is complete doable to prevent Alice from double spending. Basically, if Alice spins the coin once. Then no one knows who she is, but if she spends the coin more than once. All of the sudden, her identity is completely exposed and then she could be subject to all sorts of legal problems.
All the applications are possible by using abstract protocols.Other examples of anonymous communication are voting system and auction system.The above examples can be categorized under secure multi-party computation.
Third Application : Pure magical applications ( professor says)
E.G. 1: Privately outsourcing computation
Imagine Alice has a search query. There are very special encryption schemes such that Alice can send an encryption of her query to Google. And then because of the property of the encryption scheme google can actually compute on the encrypted values without knowing what the plain texts are. So google can actually run its massive search algorithm on the encrypted query and recover in encrypted results. and sends result back to Alice. Alice will decrypt and then she will receive the results. But the magic here is all google saw was just encryptions of her inquiries and nothing else.
E.G. 2 : Zero knowledge
This is a abstract problem which can be explained by using sudoku puzzle .Let us assume that Alice wants to prove that she solved, Alice can prove it to Bob in a way that a, Bob would learn nothing at all about the solution, and yet Bob would be convinced that Alice really do have a solution to this puzzle.
For more understanding visit : http://en.wikipedia.org/wiki/Zero-knowledge_proof
2.2 :: Steps Used :
Every application or concept follows 3 rigorous steps
1) Define primitive ( say digital signature)
2) Define Threat model ( what possible options are available to forge a signature by attacker)
3) Propose a construction 
well written with meaningful examples, continue doing it :)
ReplyDelete