Cryptographic Primitives
Cryptographic primitives are well-established, low-level cryptographic algorithms that are frequently used to build cryptographic protocols for computer security systems.
In this course, 7 kinds of cryptographic primitives are covered:
- Encryption scheme
- Message authentication code (MAC)
- Hash function
- Key-exchange protocol
- Identification scheme
- Digital signature
- One-way function
In different application scenarios, we need different kinds of security:
- Confidentiality: only trusted party could understand the secret message. Secure encryption scheme provides confidentiality.
- Integrity: ensures the information has NOT been tampered in transmission. MAC and digital signature provide integrity.
- Non-repudiation: sender can NOT later deny that the message was sent. Digital signature provides non-repudiation.
- Authenticity, Public verifiability, transferability…
Also, for a cryptographic primitive, the definition of security varies in face of different threat model.
Threat model consists of the adversary and his targets of attack.
In stronger notions of security, adversary tends to have more power, therefore cryptographic primitives with stronger definitions are more secure than weak ones.
In general, the security of a cryptographic primitive is defined by an experiment (or game). The idea of reduction (归约) is critical in designing such experiments.
- Encryption scheme: Passive eavesdropping (EAV) security, Chosen-plaintext-attack (CPA) security, Chosen-ciphertext-attack (CCA) security, Perfect secrecy
- Message authentication code (MAC): Extentially unforgeable under a chosen-message attack
- Hash function: Preimage resistance, Second-preimage resistance, Collision resistance
- Key-exchange protocol: EAV security
- Identification scheme: EAV security
- Digital signature: Extentially unforgeable under a chosen-message attack
- One-way function: Non-invertibility