没有合适的资源?快使用搜索试试~ 我知道了~
首页现代密码学:原理与协议 (英文版)
现代密码学:原理与协议 (英文版)
需积分: 15 32 下载量 138 浏览量
更新于2023-03-16
评论 2
收藏 2.54MB PDF 举报
This book presents the basic paradigms and principles of modern cryptography. It is designed to serve as a textbook for undergraduate- or graduate-level courses in cryptography (in computer science or mathematics departments), as a general introduction suitable for self-study (especially for beginning graduate students), and as a reference for students, researchers, and practitioners.
资源详情
资源评论
资源推荐
Jonathan Katz and Yehuda Lindell
Introduction to Modern
Cryptography
c
2007 Jonathan Katz and Yehuda Lindell. All Rights Reserved
CRC PRESS
Boca Raton London New York Washington, D.C.
Preface
This book presents the basic paradigms and principles of modern cryptogra-
phy. It is designed to serve as a textbook for undergraduate- or graduate-level
courses in cryptography (in computer science or mathematics departments),
as a general introduction suitable for self-study (especially for beginning grad-
uate students), and as a reference for students, researchers, and practitioners.
There are numerous other cryptography textbooks available today, and the
reader may rightly ask whether another book on the subject is needed. We
would not have written this book if the answer to that question were anything
other than an unequivocal yes. The novelty of this book — and what, in our
opinion, distinguishes it from all other books currently on the market — is
that it provides a rigorous treatment of modern cryptography in an accessible
manner appropriate for an introduction to the topic. To be sure, the material
in this book is difficult (at least in comparison to some other books in this
area). Rather than shy away from this difficulty, however, we have chosen to
face it head-on, to lead the reader through the demanding (yet enthralling!)
subject matter rather than shield the reader’s eyes from it. We hope readers
(and instructors) will respond by taking up the challenge.
As mentioned, our focus is on modern (post-1980s) cryptography, which
is distinguished from classical cryptography by its emphasis on definitions,
precise assumptions, and rigorous proofs of security. We briefly discuss each
of these in turn (these principles are explored in greater detail in Chapter 1):
• The central role of definitions: A key intellectual contribution of
modern cryptography has been the recognition that formal definitions
of security are an essential first step in the design of any cryptographic
primitive or protocol. The reason, in retrospect, is simple: if you don’t
know what it is you are trying to achieve, how can you hope to know
when you have achieved it? As we will see in this book, cryptographic
definitions of security are quite strong and — at first glance — may
appear impossible to achieve. One of the most amazing aspects of cryp-
tography is that (under mild and widely-believed assumptions) efficient
constructions satisfying such strong definitions can be proven to exist.
• The importance of formal and precise assumptions: As will
be explained in Chapter 2, many cryptographic constructions cannot
currently be proven secure in an unconditional sense. Security often
relies, instead, on some widely-believed (albeit unproven) assumption.
The modern cryptographic approach dictates that any such assumptions
iii
iv
must be clearly and unambiguously defined. This not only allows for ob-
jective evaluation of the assumption, but, more importantly, enables
rigorous proofs of security as described next.
• The possibility of rigorous proofs of security: The previous two
ideas lead naturally to the current one, which is the realization that cryp-
tographic constructions can be proven secure with respect to a given def-
inition of security and relative to a well-defined cryptographic assump-
tion. This is the essence of modern cryptography, and was responsible
for the transformation of cryptography from an art to a science.
The importance of this idea cannot be over-emphasized. Historically,
cryptographic schemes were designed in a largely ad-hoc fashion, and
were deemed to be secure if the designers themselves could not find
any attacks. In contrast, modern cryptography promotes the design
of schemes with formal, mathematical proofs of security in well-defined
models. Such schemes are guaranteed to be secure unless the underly-
ing assumption is false (or the security definition did not appropriately
model the real-world security concerns). By relying on long-standing
assumptions (e.g., the assumption that “factoring is hard”), it is thus
possible to obtain schemes that are extremely unlikely to be broken.
A unified approach. The above contributions of modern cryptography are
felt not only within the “theory of cryptography” community. The importance
of precise definitions is, by now, widely understood and appreciated by those
in the security community (as well as those who use cryptographic tools to
build secure systems), and rigorous proofs of security have become one of
the requirements for cryptographic schemes to be standardized. As such, we
do not separate “applied cryptography” from “provable security”; rather, we
present practical and widely-used constructions along with precise statements
(and, most of the time, a proof) of what definition of security is achieved.
Guide to Using this Book
This guide is intended primarily for instructors seeking to adopt this book
for their course, though the student picking up this book on his or her own
may also find it useful.
Required background. This book uses definitions, proofs, and mathemat-
ical concepts, and therefore requires some mathematical maturity. In par-
ticular, the reader is assumed to have had some exposure to proofs at the
college level, say in an upper-level mathematics course or a course on discrete
mathematics, algorithms, or computability theory. Having said this, we have
made a significant effort to simplify the presentation and make it generally
accessible. It is our belief that this book is not more difficult than analogous
textbooks that are less rigorous. On the contrary, we believe that (to take one
v
example) once security goals are clearly formulated, it often becomes easier
to understand the design choices made in a particular construction.
We have structured the book so that the only formal prerequisites are a
course in algorithms and a course in discrete mathematics. Even here we rely
on very little material: specifically, we assume some familiarity with basic
probability and big-O notation, modular arithmetic, and the idea of equating
efficient algorithms with those running in polynomial time. These concepts
are reviewed in Appendix A and/or when first used in the book.
Suggestions for course organization. The core material of this book,
which we strongly recommend should be covered in any introductory course
on cryptography, consists of the following (starred sections are excluded in
what follows; see further discussion regarding starred material below):
• Chapters 1–4 (through Section 4.6), discussing classical cryptography,
modern cryptography, and the basics of private-key cryptography (both
private-key encryption and message authentication).
• Chapter 7, introducing concrete mathematical problems believed to be
“hard”, providing the number-theoretic background needed to under-
stand RSA, Diffie-Hellman, and El Gamal, and giving a flavor of how
number-theoretic assumptions are used in cryptography.
• Chapters 9 and 10, motivating the public-key setting and discussing
public-key encryption (including RSA-based schemes and El Gamal).
• Chapter 12, describing digital signature schemes.
• Sections 13.1 and 13.3, introducing the random oracle model and the
RSA-FDH signature scheme.
We believe that this core material — possibly omitting some of the more
in-depth discussion and some proofs — can be covered in a 30–35-hour under-
graduate course. Instructors with more time available could proceed at a more
leisurely pace, e.g., giving details of all proofs and going more slowly when
introducing the underlying group theory and number-theoretic background.
Alternately, additional topics could be incorporated as discussed next.
Those wishing to cover additional material, in either a longer course or a
faster-paced graduate course, will find that the book has been structured to
allow flexible incorporation of other topics as time permits (and depending on
the instructor’s interests). Specifically, some of the chapters and sections are
starred (*). These sections are not less important in any way, but arguably
do not constitute “core material” for an introductory course in cryptography.
As made evident by the course outline just given (which does not include any
starred material), starred chapters and sections may be skipped — or covered
at any point subsequent to their appearance in the book — without affecting
the flow of the course. In particular, we have taken care to ensure that none of
剩余511页未读,继续阅读
沙_砾
- 粉丝: 0
- 资源: 4
上传资源 快速赚钱
- 我的内容管理 收起
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
会员权益专享
最新资源
- 2022年中国足球球迷营销价值报告.pdf
- 房地产培训 -营销总每天在干嘛.pptx
- 黄色简约实用介绍_汇报PPT模板.pptx
- 嵌入式系统原理及应用:第三章 ARM编程简介_3.pdf
- 多媒体应用系统.pptx
- 黄灰配色简约设计精美大气商务汇报PPT模板.pptx
- 用matlab绘制差分方程Z变换-反变换-zplane-residuez-tf2zp-zp2tf-tf2sos-sos2tf-幅相频谱等等.docx
- 网络营销策略-网络营销团队的建立.docx
- 电子商务示范企业申请报告.doc
- 淡雅灰低面风背景完整框架创业商业计划书PPT模板.pptx
- 计算模型与算法技术:10-Iterative Improvement.ppt
- 计算模型与算法技术:9-Greedy Technique.ppt
- 计算模型与算法技术:6-Transform-and-Conquer.ppt
- 云服务安全风险分析研究.pdf
- 软件工程笔记(完整版).doc
- 电子商务网项目实例规划书.doc
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0