cs216: program and data representation university of virginia computer science spring 2006 david...
DESCRIPTION
CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans. Lecture 5: Logs and Trees. http://www.cs.virginia.edu/cs216. Menu. Ron Rivest’s talk Mixnets and voting Public-key cryptography (dynamic programming) Trees PS1. MIXes. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/1.jpg)
CS216: Program and Data RepresentationUniversity of Virginia Computer Science
Spring 2006 David Evans
Lecture 5:Logs and
Trees
http://www.cs.virginia.edu/cs216
![Page 2: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/2.jpg)
2UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Menu• Ron Rivest’s talk
– Mixnets and voting– Public-key cryptography (dynamic
programming)• Trees• PS1
![Page 3: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/3.jpg)
3UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
MIXes
C1
C2
C3
C4
M1
M2
M3
M4Random, secret permutation
Encrypted Votes Decrypted Votes
![Page 4: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/4.jpg)
4UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Security PropertiesC1C2
C3
C4
M1M2M3M4
1. Voters must be able to create votes, but not decrypt them.
2. Observer should be able to verifythat output votes correspond toinput votes, but not match up votes.
![Page 5: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/5.jpg)
5UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Public-Key Cryptography• Private procedure: E• Public procedure: D• Identity: E (D (m)) = D (E (m)) = m• Secure: cannot determine E from D• Concept stated by Whitfield Diffie and
Martin Hellman in 1976, but didn’t know how to find suitable E and D
![Page 6: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/6.jpg)
6UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
RSAThe era of “electronic mail” [Potter1977] may soon be upon us; we must ensure that two important properties of the current “paper mail” system are preserved: (a) messages are private, and (b) messages can be signed.
R. Rivest, A. Shamir and L. Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Jan 1978.
![Page 7: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/7.jpg)
7UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Publicencryption function
Privateencryption function
We will not attempt to explain whyit works and is (probably) secure inCS216. See links to paper and slides.
![Page 8: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/8.jpg)
8UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Implementing RSAdef RSAencrypt (M, e, n): if e == 0: return 1 else: return (M * RSAencrypt (M, e - 1, n)) % n
Note: this actually “works” in Python even though RSA needs 100+-digit values (but not in Java) because integers are not limited to a fixed size. We’ll consider number representations later in the class.
200-digit number
![Page 9: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/9.jpg)
9UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Result … File "C:\cs216\workspace\ps2\RSA.py", line 17, in RSAencrypt return (M * RSAencrypt (M, e - 1, n)) % n File "C:\cs216\workspace\ps2\RSA.py", line 17, in RSAencrypt return (M * RSAencrypt (M, e - 1, n)) % n File "C:\cs216\workspace\ps2\RSA.py", line 17, in RSAencrypt return (M * RSAencrypt (M, e - 1, n)) % nRuntimeError: maximum recursion depth exceeded
![Page 10: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/10.jpg)
10UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Analyzing RSAdef RSAencrypt (M, e, n): if e == 0: return 1 else: return (M * RSAencrypt (M, e - 1, n)) % n
How many recursive calls?The value of the e parameter(scales as O(2e) size of e)
Can we use dynamic programming(and math) to make this faster?
![Page 11: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/11.jpg)
11UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Fast Exponentiationa9 = a a a a a a a a
a9
a4 a4 a
a2 a2
a a a a
a2 a2
a a a a
Multiplicationis associative
![Page 12: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/12.jpg)
12UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Fast Exponentiationdef square (x): return x * xdef RSAencrypt (M, e, n): if e == 0: return 1 elif e % 2 == 0: return square(RSAencrypt (M, e/2, n)) % n else: return (M * RSAencrypt (M, e - 1, n)) % n
![Page 13: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/13.jpg)
13UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Analysis
• How many recursive calls?
def square (x): return x * xdef RSAencrypt (M, e, n): if e == 0: return 1 elif e % 2 == 0: return square(RSAencrypt (M, e/2, n)) % n else: return (M * RSAencrypt (M, e - 1, n)) % n
a9
a8 a
a4
a2
aWorst case: e = 2q – 12q calls (log2 e)
![Page 14: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/14.jpg)
14UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Logarithms Review• Logarithm is inverse of exponential
• Bases– Is log2 f(x) O (log3 f(x))?– Is log2 f(x) Ω (log3 f(x))?
x = logb bx = blogb x
![Page 15: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/15.jpg)
15UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Changing Basesx = blogb x
loga x = loga (blogb x)
loga x = loga b loga (logb x)1 = loga b / loga x logb xlogb x = loga x / loga b
So, within O, Θ, Ω the base doesn’t matter
![Page 16: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/16.jpg)
16UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Logs and Trees• Many tree algorithms have running
time log(N) where N is the number of nodes in the tree, since for a well balanced tree
N = bh+1 + 1h ~ logb(N)
![Page 17: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/17.jpg)
17UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Implementing RSA
• Recursive calls (log2 e)• Running time (log2 e) if multiplication
time is O(1)
def square (x): return x * xdef RSAencrypt (M, e, n): if e == 0: return 1 elif e % 2 == 0: return square(RSAencrypt (M, e/2, n)) % n else: return (M * RSAencrypt (M, e - 1, n)) % n
a9
a8 a
a4
a2
a
Note that this cannot really be true!
![Page 18: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/18.jpg)
18UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Public-Key Applications: Privacy
• Alice encrypts message to Bob using Bob’s Private Key
• Only Bob knows Bob’s Private Key only Bob can decrypt message
Encrypt DecryptPlaintext Ciphertext Plaintext
Alice Bob
Bob’s Public Key Bob’s Private Key
![Page 19: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/19.jpg)
19UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Signatures
• Bob knows it was from Alice, since only Alice knows Alice’s Private Key
• Non-repudiation: Alice can’t deny signing message (except by claiming her key was stolen!)
• Integrity: Bob can’t change message (doesn’t know Alice’s Private Key)
Encrypt DecryptPlaintextSigned
Message PlaintextAlice Bob
Alice’s Private Key Alice’s Public Key
![Page 20: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/20.jpg)
20UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
MIXes
C1
C2
C3
C4
M1
M2
M3
M4Random, secret permutation
Encrypted Votes Decrypted Votes
Mux keys: KUM, KRM
C1 = EKUM[“Kerry”]M = EKRM[C]
Opps…doesn’t work: anyone can use public key to compute EKUM[M] for outputsand compare to inputs.
![Page 21: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/21.jpg)
21UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
MIXes
C1
C2
C3
C4
M1
M2
M3
M4Random, secret permutation
Encrypted Votes
Mux keys: KUM, KRM
C1 = EKUM[“Kerry” + R1]M = left part of EKRM[C]
Random, secretvalue picked byvoter
![Page 22: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/22.jpg)
22UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Voting ApplicationC1
C2
C3
C4
M1M2M3M4
Republicrat Party
DemocricanParty
OrangeParty
C = EKUR [EKUD [EKUG [“Badnarik” || R1] R2] R3]Each mux decrypts with private key and removes R
![Page 23: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/23.jpg)
23UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Voting ApplicationC1
C2
C3
C4
M1M2M3M4
Republicrat Party
DemocricanParty
OrangeParty
“Nader”“Nader”“Nader”“Nader”
How to verify muxes?
![Page 24: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/24.jpg)
24UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Voting Caveat• Real problems with voting have very
little to do with cryptography or mixes…
![Page 25: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/25.jpg)
25UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Trees
![Page 26: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/26.jpg)
26UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Tree Node Operations• getLeftChild (Node)• getRightChild (Node)• getInfo (Node)
def isLeaf (self): return self.getLeftChild () == None and self.getRightChild () == None
![Page 27: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/27.jpg)
27UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Calculating Heightdef height (self): if self.isLeaf (): return 0 else: return 1 + max(self.getLeftChild().height(), self.getRightChild().height())
Height of a Node: length of the longest path from that node to a leaf
![Page 28: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/28.jpg)
28UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Analyzing Height• What is the asymptotic running time
or our height procedure?def height (self): if self.isLeaf (): return 0 else: return 1 + max(self.getLeftChild().height(), self.getRightChild().height())
![Page 29: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/29.jpg)
29UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Tree Preorder Traversal
B
A
C
J
E
KH
D
I
F
L
G
M
![Page 30: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/30.jpg)
30UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Preorder Traversaldef preorder (t): print t.info() for c in t.children(): c.preorder ()
N is number of nodes in tRunning time: Θ(N) Space use: worst case: O(N)
well-balanced case: O(log N)
![Page 31: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/31.jpg)
31UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
PS1
Returned in section today
![Page 32: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/32.jpg)
32UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Deductive Analysis• Goals of CS216:
– Connect high level code to bits in machine– Connect theory to practice
• This is unusual and hard! – Questions 4-6: use concrete experiments
to guess theoretical properties and then concrete properties of an implementation
– Question 9: predict how long • Lots of answers like ~21000
![Page 33: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/33.jpg)
33UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
CS216 PS Grading ScaleGold Star – Excellent Work. You got
everything I wanted on this PS. Green Star – Better than good workBlue Star – Good Work. You got most
things on this PS, but some answers could be better.
Silver Star – Some problems. Make sure you understand the comments.
Red Star – Serious problems and lack of effort. PS1 Average:
![Page 34: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/34.jpg)
34UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
No upper limit - Double Gold Star: exceptional work! Better
than I expected anyone would do.- Triple Gold Star: Better than I thought
possible- Quadruple Gold Star: You have broken
important new ground in CS which should be published in a major journal! (e.g., invented a alignment algorithm better than BLAST)
- Quintuple Gold Star: You deserve a Turing Award! (find an O(nk) solution to finding optimal phylogenies)
![Page 35: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/35.jpg)
35UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Question 11• Complaints about not being
“straightforward” what you are expected to do
![Page 36: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/36.jpg)
36UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Philosophy“This generation of students got into Harvard by doing exactly and precisely what teacher wants. If teacher is vague about what he [sic] wants, they work a lot harder to figure out what they want and whether or not it is good. The vaguer the directions, the more likely the opportunity for serendipity to happen. It drives them nuts!”
Harvard Professor John Stilgoe (on 60 Minutes, 4 January 2004)
![Page 37: CS216: Program and Data Representation University of Virginia Computer Science Spring 2006 David Evans](https://reader036.vdocuments.site/reader036/viewer/2022062521/56816828550346895dddb98e/html5/thumbnails/37.jpg)
37UVa CS216 Spring 2006 - Lecture 5: Logs and Trees
Charge• Today and tomorrow:
– Sections in Thorton D classrooms• Wednesday: PS2 is Due!