Exploring: Learning, Reading, Understanding Core Concepts (Week 2)

Mar 03, 2019

After the first week of extensive introductory reading with the MIT paper on “mental poker” and various other links, I spent this week reviewing core concepts of cryptography. In this time, I throughly reviewed different forms of cryptography (asymmetric and symmetric) and then looked at various implementations. Looking at the MIT paper, we will have to implement an asymmetric cryptography solution, in order for the data to remain oblivious and secure.

Following that, I proceeded to watch a presentation by renowned cryptographer and computer scientist, Dr. Moti Yung (https://www.youtube.com/watch?v=-UwJ2Hr1OA8). Along with his detailed explanation of the fundamentals and possible use cases of the mental poker theories, he also presented useful information regarding product development. He explained how computer science theory is useful only when it can directly converted into application, and that theoretical analysis is only 10% of the work in a project. That is a good reminder to computer science researchers like myself to delve into theory as well as evaluate into feasibility and usability of it. As coding enthusiasts, it is easy to drift away into our own “cyberspace” and dream all interesting mathematical and computational puzzles, but we must know how to use them in real life.

In addition, Yung also talked about homomorphic and commutative encryption functions. At first, these topics seemed foreign, so I spent the next day learning more about them. Reading https://eprint.iacr.org/2008/356.pdf, I understood that commutative encryption uses mathematical functions that ensure that f(g(x))=g(f(x)). Looking at the previous MIT paper, I realized that this is essential to the project, as given values can only be authenticated and verified if this is true. Many implementations use prime numbers and modulo functions, and I have seen that they play an indispensable role to cryptography in general. Scrolling through https://crypto.stackexchange.com/questions/26845/are-there-transitive-ciphers-either-symmetric-and-asymmetric/32881, I found many implementations of this, each having their own pros and cons. I intend to revisit this and look closely into relevant ciphers. I also looked at http://web.mit.edu/6.857/OldStuff/Fall02/handouts/L15-voting.pdf (written by the ‘R’ of RSA), detailing homomorphic encryption. I learnt that this is a tool that ensures that outputs of particular function given raw input and encrypted input are identical. It talks about malleability, which is the measure to how much “malleable” or “reversible” a certain algorithm is without all the necessary keys/authenticators. With this, one knows that this can cause a problem with passwords, as stealing even the encrypted data would yield the same result, allowing the hacker to infiltrate and login into the victim’s account. However, we might be able to use this homomorphic encryption with its “blind signatures” that allow for data to be anonymized while staying relevant.

Looking at various papers and articles, I have learnt a lot regarding different encryption concepts and theories. This has taught me valuable lessons regarding the fundamentals. I will take these concepts along with me to the next week and evaluate each component for my final demo application.

6 Replies to “Exploring: Learning, Reading, Understanding Core Concepts (Week 2)”

  1. Arshia says:

    This sounds interesting! Just out of curiosity, what’s asymmetric cryptography solution?

    1. Vidur G. says:

      Hi Arshia,

      In cryptography, there are two ways one can encrypt/decrypt data. These two ways are asymmetric and symmetric.

      In asymmetric, there is a separate public key (exposed to the world) for encrypting data and a separate private key (exposed to only you) for decrypting the data. For example, in PGP encrypted emails, anyone can send an encrypted email to the receiver, but only the receiver can decrypt it.

      On the other hand, in symmetric, there is one key that does both decryption and encryption, so you can only share that with others you trust.

      Please let me know if you have additional questions.

  2. Mrs, Bhattacharya says:

    Cite your resources of the papers you have read.

    1. Vidur G. says:

      Hi Mrs. Bhattacharya, thanks for your comments.

      I have added the relevant references.

  3. Mario Goranov says:

    What will your demo presentation consist of?

    1. Vidur G. says:

      Hi Mario,

      I will be creating a .jar JAVA library that can hopefully be connected to any application with full implementation. For the demo project, I will be trying to make a authentication application using that library that can work across client computers (without any middle servers – intranet or internet).

      Please let me know if you have additional questions.

Leave a Reply

Your email address will not be published. Required fields are marked *