Upload
sonja
View
28
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Lecture 8 Overview. Analysis of Algorithms. Algorithms Time Complexity Space Complexity An algorithm whose time complexity is bounded by a polynomial is called a polynomial-time algorithm. An algorithm is considered to be efficient if it runs in polynomial time. Time and Space. - PowerPoint PPT Presentation
Citation preview
Analysis of Algorithms
• Algorithms– Time Complexity– Space Complexity
• An algorithm whose time complexity is bounded by a polynomial is called a polynomial-time algorithm. – An algorithm is considered to be efficient if it runs
in polynomial time.
CS 450/650 Lecture 8: Algorithm Background 2
Time and Space
• Should be calculated as function of problem size (n)– Sorting an array of size n, – Searching a list of size n, – Multiplication of two matrices of size n by n
• T(n) = function of n (time)• S(n) = function of n (space)• relative rates of growth – 1000n vs. n2
3CS 450/650 Lecture 8: Algorithm Background
Definitions T(n) = O(f(n)): T is bounded above by fThe growth rate of T(n) <= growth rate of f(n)
T(n) = (g(n)): T is bounded below by gThe growth rate of T(n) >= growth rate of g(n)
T(n) = (h(n)): T is bounded both above and below by hThe growth rate of T(n) = growth rate of h(n)
T(n) = o(p(n)): T is dominated by pThe growth rate of T(n) < growth rate of p(n)
4CS 450/650 Lecture 8: Algorithm Background
Time Complexity C O(n) O(log n) O(nlogn) O(n2) … O(nk)
O(2n) O(kn) O(nn)
5CS 450/650 Lecture 8: Algorithm Background
Polynomial
ExponentialO(2log n)
P, NP, NP-hard, NP-complete• A problem belongs to the class P if the problem can be
solved by a polynomial-time algorithm
• A problem belongs to the class NP if the correctness of the problem’s solution can be verified by a polynomial-time algorithm
• A problem is NP-hard if it is as hard as any problem in NP– Existence of a polynomial-time algorithm for an NP-hard
problem implies the existence of polynomial solutions for every problem in NP
• NP-complete problems are the NP-hard problems that are also in NP
6CS 450/650 Lecture 8: Algorithm Background
Relationships between different classes
NP
P NP-complete
NP-hard
7CS 450/650 Lecture 8: Algorithm Background
Lecture 9Rivest-Shamir-Adelman (RSA)
CS 450/650
Fundamentals of Integrated Computer Security
Slides are modified from Hesham El-Rewini
RSA• Invented by Cocks (GCHQ), independently, by
Rivest, Shamir and Adleman (MIT)• Two keys e and d used for Encryption and
Decryption– The keys are interchangeable • M = D(d, E(e, M) ) = D(e, E(d, M) )
– Public key encryption
• Based on problem of factoring large numbers– Not in NP-complete– Best known algorithm is exponential
9CS 450/650 Lecture 9: RSA
RSA
• To encrypt message M compute– c = Me mod N
• To decrypt ciphertext c compute– M = cd mod N
10CS 450/650 Lecture 9: RSA
• Let p and q be two large prime numbers• Let N = pq
• Choose e relatively prime to (p1)(q1)– a prime number larger than p-1 and q-1
• Find d such that ed mod (p1)(q1) = 1
Key Choice
11CS 450/650 Lecture 9: RSA
RSA
• Recall that e and N are public
• If attacker can factor N, he can use e to easily find d – since ed mod (p1)(q1) = 1
• Factoring the modulus breaks RSA• It is not known whether factoring is the only
way to break RSA12CS 450/650 Lecture 9: RSA
Does RSA Really Work?
• Given c = Me mod N we must show – M = cd mod N = Med mod N
• We’ll use Euler’s Theorem– If x is relatively prime to N then x(N) mod N =1• (n): number of positive integers less than n that are
relatively prime to n.• If p is prime then, (p) = p-1
13CS 450/650 Lecture 9: RSA
Does RSA Really Work?
• Facts: – ed mod (p 1)(q 1) = 1– ed = k(p 1)(q 1) + 1 by definition of mod– (N) = (p 1)(q 1)– Then ed 1 = k(p 1)(q 1) = k(N)
• Med = M(ed-1)+1 = MMed-1 = MMk(N) = M(M(N)) k mod N = M1 k mod N
= M mod N 14CS 450/650 Lecture 9: RSA
Example
• Select primes p=11, q=3.• N = p* q = 11*3 = 33
• Choose e = 3
• check gcd(e, p-1) = gcd(3, 10) = 1 – i.e. 3 and 10 have no common factors except 1
• check gcd(e, q-1) = gcd(3, 2) = 1• therefore gcd(e, (p-1)(q-1)) = gcd(3, 20) = 1
15CS 450/650 Lecture 9: RSA
Example (cont.)
• p-1 * q-1 = 10 * 2 = 20 • Compute d such that
e * d mod (p-1)*(q-1) = 13 * d mod 20 = 1
d = 7
Public key = (N, e) = (33, 3)Private key = (N, d) = (33, 7)
16CS 450/650 Lecture 9: RSA
Example (cont.)
• Now say we want to encrypt message m = 7
• c = Me mod N = 73 mod 33 = 343 mod 33 = 13– Hence the ciphertext c = 13
• To check decryption, we computeM' = cd mod N = 137 mod 33 = 7
17CS 450/650 Lecture 9: RSA
More Efficient RSA• Modular exponentiation example– 520 = 95367431640625 = 25 mod 35
• A better way: repeated squaring – Note that 20 = 2 10, 10 = 2 5, 5 = 2 2 + 1, 2 = 1 2– 51= 5 mod 35– 52= (51) 2 = 52 = 25 mod 35– 55= (52) 2 51 = 252 5 = 3125 = 10 mod 35– 510 = (55) 2 = 102 = 100 = 30 mod 35– 520 = (510) 2 = 302 = 900 = 25 mod 35
• No huge numbers and it’s efficient!
CS 450/650 Lecture 9: RSA 18
RSA key-length strength
• RSA has challenges for different key-lengths– RSA-140• Factored in 1 month using 200 machines in 1999
– RSA-155 (512-bit)• Factored in 3.7 months using 300 machines in 1999
– RSA-160• Factored in 20 days in 2003
– RSA-200• Factored in 18 month in 2005
– RSA-210, RSA-220, RSA-232, … RSA-204819CS 450/650 Lecture 9: RSA
Symmetric vs AsymmetricSecret Key (Symmetric) Public Key (Asymmetric)
Number of keys 1 2
Protection of key Must be kept secret One key must be kept secret; the other can be freely exposed
Best uses Cryptographic workhorse; secrecy and integrity of datasingle characters to blocks of data, messages, files
Key exchange, authentication
Key distribution Must be out-of-band Public key can be used to distribute other keys
Speed Fast Slow; typically, 10,000 times slower than secret key
CS 450/650 Fundamentals of Integrated Computer Security 20