JayChang

@JayChang

Joined on May 28, 2021

  • 對稱式密碼學,主要分為兩個大項,stream cipher 和 block cipger,下文主要會介紹block cipher其中的一個例子:DES 。 123 (Figure comes from Understanding Cryptography : A Textbook for Students and Practitioners, Christof PaarJan Pelzl) Stream 可以想像是一次加密1個 bits,block ciphper 則是一次加密多個bits,我們稱這多個bits為一個block。 兩大主要概念被在許多密碼演算法可見。 Confusion : an encryption operation where the relationship between key and ciphertext is obscured.
     Like  Bookmark
  • Crytprography 密碼學簡介(一)_Cryptography The introduction to Cryptography 密碼學簡介(二)_Cryptography The introduction to Algebra used in Cryptography
     Like  Bookmark
  • This article will introduce the cryptographic system based on elliptic curve. We will go through detail as possible. Finally, we will present elliptic curve digital signature (ECDSA) aglgortihm, which is widely used in blockchain for signing transaction. 1. The group of points on elliptic curve In this section, we define group of points on elliptic curve. The basic concept of group and can be referred to this link. First, we define the ellitpic curve over $\mathbb{Z}_p$ $\textit{Definition: Elliptic Curve}$ $E$ $\textit{The elliptic curve over } \mathbb{Z}_p, \quad p>3, \textit{is the set of all paris } (x,y)\in \mathbb{Z}_p \textit{, which fulfill}$ $$y^2\equiv x^3 + a \cdot x +b \textit{ (mod } p)$$
     Like  Bookmark
  • Due to the issue about the random function recently, I survey some related topics. In fact, rand() in C lib is not secure enough to be used in cryptographic or privacy problem. This kind of random function we called random number generator (RNG), and we called the random function, which strong enough in cryptographic scenario, cryptographically-secure pseudorandom number generator (CSPRNG). In the following, I will list some drawbacks about PRNG. And in order to imagine easily, we just regard PRNG as rand() in C lib for convenience. 1. The rand() is deterministic Everyone has the experience about calling rand(), when we need a random number. Before calling it, we may need to choose the "seed" used to decide random number. In the common situation, we usually call "srand(time(NULL))"" first. That is the problem! If we try to use this random number in implementation required security or privacy, it may cause system be vulnerable. For example, if we use this method to construction "private key". And an attacker know which "year" you generated this random number. The complexity an attacker using brute-force key search is about $2^{25}$. (NOTE: we use time as seed) This complexity keeps decreasing as the more precise time an attacker known. (e.x. year, month, even day). The simple solution is that using another way to generate "seed", but it is still not ensure security if the bad PRNG be applied.
     Like  Bookmark
  • 本文主要想透過簡單的方式來介紹密碼學,主要想透過為什麼 (why) 和 如何做 (how) 為出發點來介紹,也會詳盡的介紹其背後的數學理論,用得最多的有代數 (Algebra) 及數論 (Number Theory)。 在密碼學中,主要分為兩種密碼系統,對稱式密碼學 (Symmetric-key Cryptography)與非對稱式密碼學 (Asymmetric-key Crptography),同時非對稱式密碼學又稱公開金鑰密碼學 (Public-key Cryptography),以下將進行簡單的介紹。 對稱式密碼學 (Symmetric Cryptography) 簡單來說對稱式的加解密是透過"同一把"密鑰 (secret-key)來達成通訊,在兩個人進行通訊(或多人)的情況中,都是經由"同一把"密鑰來把明文 (plaintext) 加密,或是把密文 (ciphertext) 解密。 Definition of notations:
     Like 1 Bookmark
  • 這次和大家介紹進入密碼學世界前,需要知道的最基本數學工具。我們將會講到 Group(群)、Ring (環)、 Field(體)、模運算(modular arithmetic)。本文會以數學語言來描述,需要基本的集合論,會對於符號比較能理解。 Group (群) $\textit{A group G is a set together with a binary operation, denoted "*" having the}$ $\textit{following properties,}$ $1.$ $Associativity$ $$\forall a,b,c\in G, (ab)c = a(bc)$$
     Like  Bookmark