# Cryptography

Kerckhoffs 原则

## Shannon Security(Perfect Secrecy)

Ciphertext should reveal no "infomation" about Plaintext:$Pr\left[PT=m|CT=c\right]=Pr\left[PT=m\right]$

The resulting ciphertext will be impossible to deccrypt or break if the following four conditions are met:

1. The key must at least as long as the plaintext.
2. The key must be random.
3. The key must never be reused in whole or in part.
4. The key must be kept completely secret by the communicating parties.

In cryptography, the one-time pad (OTP) is an encryption technique that cannot be cracked, but requires the use of a single-use pre-shared key that is not smaller than the message being sent.

## Pseudo Random Number Generator(PRNG)

• an algorithm for generating a sequence of numbers whose properties approximate the properties of sequences of random numbers.
• The same seed always gives the same output stream

## Hash function

### Requirements for Cryptographic Hash Functions

• preimage resistant
if given $y\in Y$ it is computationally infeasible to find a value $x\in X$ s.t. $h\left(x\right)=y$
• 2-nd preimage resistant
if given $x\in X$ it is computationally infeasible to find a value ${x}^{\prime }\in X$, s.t. ${x}^{\prime }\ne x$ and $h\left({x}^{\prime }\right)=h\left(x\right)$
• collision resistant
if it is computationally infeasible to find two distinct values ${x}^{\prime },x\in X$, s.t. $h\left({x}^{\prime }\right)=h\left(x\right)$

### Usages of Cryptographics Hash Functions

• Software integrity
• Timestamping
• Message authentication
• Digital signature

### Security level

The level of security of a hash function that output n bits, is about n/2 bits.

## Message Authentication Code(MAC)

• A MAC scheme is a hash family, used for message authentication
• $\mathrm{M}\mathrm{A}\mathrm{C}\left(\mathrm{K},\mathrm{M}\right)={\mathrm{H}}_{\mathrm{K}}\left(\mathrm{M}\right)$
• The sender and the receiver share secret $K$
• The sender sends $\left(\mathrm{M},{\mathrm{H}}_{\mathrm{K}}\left(\mathrm{M}\right)\right)$
• The receiver receives $\left(X,Y\right)$ and verifies that ${H}_{K}\left(X\right)=Y$, if so, then accepts the message as from the sender