Posted on Categories:Cryptography, 密码学, 数学代写

## avatest™帮您通过考试

avatest™的各个学科专家已帮了学生顺利通过达上千场考试。我们保证您快速准时完成各时长和类型的考试，包括in class、take home、online、proctor。写手整理各样的资源来或按照您学校的资料教您，创造模拟试题，提供所有的问题例子，以保证您在真实考试中取得的通过率是85%以上。如果您有即将到来的每周、季考、期中或期末考试，我们都能帮助您！

•最快12小时交付

•200+ 英语母语导师

•70分以下全额退款

## 数学代写|密码学CryptographyTheory代考|RSA digital signature scheme with message recovery

We now describe an RSA digital signature scheme based on the second approach identified in Section 7.3.3. Before we describe this scheme, it is worth identifying what advantages this second approach might offer.
ADVANTAGES OF DIGITAL SIGNATURE SCHEMES WITH MESSAGE RECOVERY
There are a couple of disadvantages with the digital signature schemes with appendix approach:

1. It requires the use of a hash function, so it might be advantageous to design schemes where no hash function is required.
2. Both the data and the digital signature need to be sent to the verifier. This involves a degree of message expansion, since the message sent is necessarily longer than the underlying data that is digitally signed.

The reasons we discussed for hashing, rather than signing the data directly, primarily applied to ‘long’ data which needs to be split into more than one block for direct processing using RSA. However, if the data to be signed is less than one RSA block in length (in other words, less than the length of the RSA modulus), then the case for hashing before signing is not so strong. Digital signature schemes with message recovery are typically proposed for precisely this situation. This is why they are sometimes also referred to as digital signature schemes for short messages.

Recall from Section 7.3.3 that if the data does not accompany the digital signature, then the verifier faces the problem of recognising the correct data associated with the digital signature. Digital signature schemes with message recovery address this problem by adding redundancy to the data before it is signed, in order to later make it recognisable to a verifier. The data to be digitally signed must therefore be sufficiently short that it remains less than one RSA block in length after this redundancy has been added.

## 数学代写|密码学CryptographyTheory代考|Enforced trust

REDUNDANCY TECHNIQUES
Exactly what should the predefined redundancy that we add during the digital signature creation process look like? Simple examples of redundancy, which serve only as illustrations, include:

• repeating the data twice, with the second copy concatenated to the first;
• adding a fixed data string;
• adding a counter specifying the length of the data; and
• adding a hash of the data.
Any of these techniques could be used in theory, so long as the technique is agreed upon by all potential users of the digital signature scheme. However, just like in other areas of cryptography, it is vital appropriate standards are consulted before adopting a technique for adding redundancy. There have been sophisticated attacks against cryptosystems which exploit poor redundancy processes, and so advice should be sought on what the current recommendations are for suitable methods of adding redundancy.

## MATLAB代写

MATLAB 是一种用于技术计算的高性能语言。它将计算、可视化和编程集成在一个易于使用的环境中，其中问题和解决方案以熟悉的数学符号表示。典型用途包括：数学和计算算法开发建模、仿真和原型制作数据分析、探索和可视化科学和工程图形应用程序开发，包括图形用户界面构建MATLAB 是一个交互式系统，其基本数据元素是一个不需要维度的数组。这使您可以解决许多技术计算问题，尤其是那些具有矩阵和向量公式的问题，而只需用 C 或 Fortran 等标量非交互式语言编写程序所需的时间的一小部分。MATLAB 名称代表矩阵实验室。MATLAB 最初的编写目的是提供对由 LINPACK 和 EISPACK 项目开发的矩阵软件的轻松访问，这两个项目共同代表了矩阵计算软件的最新技术。MATLAB 经过多年的发展，得到了许多用户的投入。在大学环境中，它是数学、工程和科学入门和高级课程的标准教学工具。在工业领域，MATLAB 是高效研究、开发和分析的首选工具。MATLAB 具有一系列称为工具箱的特定于应用程序的解决方案。对于大多数 MATLAB 用户来说非常重要，工具箱允许您学习应用专业技术。工具箱是 MATLAB 函数（M 文件）的综合集合，可扩展 MATLAB 环境以解决特定类别的问题。可用工具箱的领域包括信号处理、控制系统、神经网络、模糊逻辑、小波、仿真等。

Posted on Categories:Cryptography, 密码学, 数学代写

## avatest™帮您通过考试

avatest™的各个学科专家已帮了学生顺利通过达上千场考试。我们保证您快速准时完成各时长和类型的考试，包括in class、take home、online、proctor。写手整理各样的资源来或按照您学校的资料教您，创造模拟试题，提供所有的问题例子，以保证您在真实考试中取得的通过率是85%以上。如果您有即将到来的每周、季考、期中或期末考试，我们都能帮助您！

•最快12小时交付

•200+ 英语母语导师

•70分以下全额退款

## 数学代写|密码学CryptographyTheory代考|Asymmetric trust relationships

A simpler example of MACs being used to provide non-repudiation arises in situations where the signer and the verifier are in very different positions regarding their perceived level of trust. For example, suppose the signer is the client of a major bank, who is the verifier. The client ‘signs’ data using a MAC based on a MAC key, which in turn was generated by the bank and issued to the client on a smart card. We assume the bank in control of the underlying key management of this system has a strong reputation for honesty and integrity with respect to its underlying infrastructure.

Now suppose the client tries to deny ‘signing’ (generating a MAC on) some data on which there appears to be a valid MAC. If the MAC algorithm is strong and the underlying security architecture is properly implemented, then the client’s only defence can be that the bank must have created this MAC and is trying to ‘frame’ the client. However, how likely is it that a judge will rule in favour of the client in this case? Even though both entities could, in theory, have generated the MAC, the bank is a more powerful entity in this scenario and one in which there is normally a much greater degree of perceived trust. This could therefore be regarded as a relationship between a relatively untrusted entity (the client) and a trusted entity (the bank). In such cases, it might be arguable a MAC suffices to provide non-repudiation, because one party will never ‘cheat’.

Of course, the above scenario allows plenty of room for debate! In fact, such a debate has played itself out in courtrooms over the years when clients have accused banks of ‘phantom withdrawals’ from automatic teller machines, which utilise symmetric cryptography to protect transactions. It should be clear by now that the cryptography is unlikely to be at fault in such a scenario. Thus, the challenge for the client is to persuade the court that the banking accounting infrastructure is flawed in some way. The bank, on the other hand, will be trying to persuade the court that either the client is lying or, more likely, a genuine transaction took place without the client being aware (the card was ‘borrowed’ by a family member, for example). It is not common in such court cases for anyone to suggest the MACs on the ATM transaction are not true non-repudiation mechanisms and could have been forged by the bank.

## 数学代写|密码学CryptographyTheory代考|Enforced trust

A third scenario where MACs could provide non-repudiation is where all cryptographic computations take place in hardware security modules (HSMs). These are special trusted hardware devices which have protection against tampering and are discussed in more detail in Section 10.5.3. We can then use MACs generated using keys which are only valid for MAC creation by one signer and MAC verification by one verifier (but not the other way around). For example:

• the MAC key $K_{A B}$ is only allowed to be used by Alice’s HSM to create MACs which can be verified by Bob’s HSM; or
• a separate MAC key $K_{B A}$ is only allowed to be used by Bob’s HSM to create MACs which can be verified by Alice’s HSM.
So long as these usage rules are enforced by the HSMs, a judge will be able to decide if some data and an accompanying MAC were generated by the alleged signer. If Alice tries to deny generating some data on which a valid MAC using $K_{A B}$ has been found, the judge will rule against her since the HSMs are trusted to enforce the usage rule that only Alice’s HSM creates MACs using $K_{A B}$. This judgement also relies on the belief that although Bob’s HSM contains $K_{A B}$, it only uses it to verify MACs sent to it by Alice, never to create MACs. In this way, we have turned a symmetric key into the type of secret parameter only known by the signer that is necessary for non-repudiation.

## 数学代写|密码学CryptographyTheory代考|Enforced trust

mac可以提供不可抵赖性的第三种场景是，所有加密计算都在硬件安全模块(hsm)中进行。这些是特殊的可信硬件设备，具有防止篡改的保护，在第10.5.3节中有更详细的讨论。然后，我们可以使用使用密钥生成的MAC，这些密钥只对一个签名者创建MAC和一个验证者验证MAC有效(而不是相反)。例如:

MAC密钥$K_{A B}$只允许被Alice的HSM用来创建可以被Bob的HSM验证的MAC;或

## MATLAB代写

MATLAB 是一种用于技术计算的高性能语言。它将计算、可视化和编程集成在一个易于使用的环境中，其中问题和解决方案以熟悉的数学符号表示。典型用途包括：数学和计算算法开发建模、仿真和原型制作数据分析、探索和可视化科学和工程图形应用程序开发，包括图形用户界面构建MATLAB 是一个交互式系统，其基本数据元素是一个不需要维度的数组。这使您可以解决许多技术计算问题，尤其是那些具有矩阵和向量公式的问题，而只需用 C 或 Fortran 等标量非交互式语言编写程序所需的时间的一小部分。MATLAB 名称代表矩阵实验室。MATLAB 最初的编写目的是提供对由 LINPACK 和 EISPACK 项目开发的矩阵软件的轻松访问，这两个项目共同代表了矩阵计算软件的最新技术。MATLAB 经过多年的发展，得到了许多用户的投入。在大学环境中，它是数学、工程和科学入门和高级课程的标准教学工具。在工业领域，MATLAB 是高效研究、开发和分析的首选工具。MATLAB 具有一系列称为工具箱的特定于应用程序的解决方案。对于大多数 MATLAB 用户来说非常重要，工具箱允许您学习应用专业技术。工具箱是 MATLAB 函数（M 文件）的综合集合，可扩展 MATLAB 环境以解决特定类别的问题。可用工具箱的领域包括信号处理、控制系统、神经网络、模糊逻辑、小波、仿真等。

Posted on Categories:Cryptography, 密码学, 数学代写

## avatest™帮您通过考试

avatest™的各个学科专家已帮了学生顺利通过达上千场考试。我们保证您快速准时完成各时长和类型的考试，包括in class、take home、online、proctor。写手整理各样的资源来或按照您学校的资料教您，创造模拟试题，提供所有的问题例子，以保证您在真实考试中取得的通过率是85%以上。如果您有即将到来的每周、季考、期中或期末考试，我们都能帮助您！

•最快12小时交付

•200+ 英语母语导师

•70分以下全额退款

## 数学代写|密码学CryptographyTheory代考|Does symmetric encryption provide data origin authentication?

Consider the following active attacks on a message:

1. unauthorised changing of part of a message;
2. unauthorised deletion of part of a message;
3. unauthorised sending of a false message; and
4. trying to persuade the receiver that the message came from someone other than it did.
In most secure environments, these are attacks we would clearly like to prevent (or more realistically to detect in the event they have occurred). It is often believed that if Alice and Bob share a symmetric key $K$ and Alice encrypts a message and sends it to Bob, then these attacks are prevented. After all, from Bob’s perspective, Alice is the only other person who knows the key $K$, so surely nobody else could have tampered with the message in any way since it is encrypted. But is this argument valid?
Probably the most accurate answer to this question is that it might be, but it is certainly not always valid. Here are three situations which illustrate this:

ECB mode. Suppose Alice and Bob use ECB mode (see Section 4.6.1) to encrypt their message (which is perhaps not the wisest choice). An attacker who intercepts the ciphertext on its way to Bob cannot determine the plaintext because he does not know key $K$. However, the attacker could rearrange the ciphertext blocks into a different order, or delete one or more of the ciphertext blocks. If the message is a sentence in English, then there is a good chance Bob might notice something odd when he decrypts the modified ciphertext block sequence, although there is certainly a chance he might not. However, if the ciphertext consists of a sequence of database entries, one for each block, it may not be so easy to detect.

Stream cipher. Suppose Alice uses a stream cipher to encrypt her message to Bob. An attacker knows that changing one bit (bit flipping) of the ciphertext will change the corresponding bit of the plaintext. Although the attacker will not normally know the exact impact of making this change to the plaintext, there are many applications where the attacker may have a reasonable idea of what the impact is likely to be. For example, if the attacker knows that the first part of the message is a date, then flipping the ciphertext bit has a reasonable chance of changing this to an alternative date.

## 数学代写|密码学CryptographyTheory代考|MAC properties

In essence, a MAC is a cryptographic checksum which is sent along with a message in order to provide an assurance of data origin authentication. The basic model of a MAC is shown in Figure 6.7. In this model, the sender and receiver share a symmetric key $K$. The MAC takes as input the message and the key $K$. The sender transmits the message accompanied by the MAC. Note we will assume this message is sent in the clear, since we are only trying to provide data origin authentication, not confidentiality. If confidentiality is also required, then the message will need to be encrypted. This raises some additional issues we will not consider until Section 6.3.6.

Upon receipt of the message and the MAC, the receiver inputs the received message and the key into the MAC algorithm and recomputes the MAC. The receiver then checks whether this freshly recomputed MAC matches the MAC sent by the sender. If they do match, then the receiver accepts the message and regards data origin authentication as having been provided. We will discuss precisely why this is appropriate in Section 6.3.3. Just as in the basic model of a cryptosystem discussed in Section 1.4.3, we will always assume an attacker knows the MAC algorithm but is unaware of the MAC key.

Note that if the MAC computed by the receiver does not match the MAC sent by the sender, the receiver cannot determine whether it is the message that has been altered or whether it is the origin that has been falsified. Nor do they know whether the message has been altered accidentally or deliberately. The receiver just knows that for some reason one of these events must have occurred.

## MATLAB代写

MATLAB 是一种用于技术计算的高性能语言。它将计算、可视化和编程集成在一个易于使用的环境中，其中问题和解决方案以熟悉的数学符号表示。典型用途包括：数学和计算算法开发建模、仿真和原型制作数据分析、探索和可视化科学和工程图形应用程序开发，包括图形用户界面构建MATLAB 是一个交互式系统，其基本数据元素是一个不需要维度的数组。这使您可以解决许多技术计算问题，尤其是那些具有矩阵和向量公式的问题，而只需用 C 或 Fortran 等标量非交互式语言编写程序所需的时间的一小部分。MATLAB 名称代表矩阵实验室。MATLAB 最初的编写目的是提供对由 LINPACK 和 EISPACK 项目开发的矩阵软件的轻松访问，这两个项目共同代表了矩阵计算软件的最新技术。MATLAB 经过多年的发展，得到了许多用户的投入。在大学环境中，它是数学、工程和科学入门和高级课程的标准教学工具。在工业领域，MATLAB 是高效研究、开发和分析的首选工具。MATLAB 具有一系列称为工具箱的特定于应用程序的解决方案。对于大多数 MATLAB 用户来说非常重要，工具箱允许您学习应用专业技术。工具箱是 MATLAB 函数（M 文件）的综合集合，可扩展 MATLAB 环境以解决特定类别的问题。可用工具箱的领域包括信号处理、控制系统、神经网络、模糊逻辑、小波、仿真等。

Posted on Categories:Cryptography, 密码学, 数学代写

## avatest™帮您通过考试

avatest™的各个学科专家已帮了学生顺利通过达上千场考试。我们保证您快速准时完成各时长和类型的考试，包括in class、take home、online、proctor。写手整理各样的资源来或按照您学校的资料教您，创造模拟试题，提供所有的问题例子，以保证您在真实考试中取得的通过率是85%以上。如果您有即将到来的每周、季考、期中或期末考试，我们都能帮助您！

•最快12小时交付

•200+ 英语母语导师

•70分以下全额退款

## 数学代写|密码学CryptographyTheory代考|Attacking hash functions in theory

In Section 6.2.1, we noted that, from the attacker’s perspective, finding collisions is normally the ‘easiest’ attack to conduct. In fact, it is protection against collisions that primarily determines the output lengths of practical hash functions. Thus, we will focus on finding collisions during our discussion of hash function attacks.

We will focus on the question: how many bits long should the hash of a message be in order for it to be regarded as secure? Since we are really worried about collision resistance, this question could be phrased as: how long does a hash have to be before finding collisions is hard?

Throughout this discussion we will keep in mind that, as we will see in Section 7.3.4, a popular application of hash functions is to apply them before creating a digital signature on a message. In other words, the digital signature is on the hash of the message and not the message itself. The consequences of finding a collision are serious for this type of application since if two messages can be found with the same hash, then a badly behaving user could sign one message and then claim the signature was on the other.
THE DANGERS OF AVERY SMALL HASH
Clearly, a very small hash is a bad idea. For example, suppose that before digitally signing the message Bruce owes Sheila \$10, we hash it using a 2-bit hash function. There are only four possible values for the resulting hash of this message:$00,01,10$, or 11 . Sheila now receives this digitally signed message, and being the manipulative type, she decides to change the message to Bruce owes Sheila \$100. Of course, Sheila does not have the correct signature key, so she cannot digitally sign this message. However, because there are only four possible hashes, there is a $25 \%$ chance the hash of the modified message is exactly the same as the hash of the original message. If it is, Sheila does not have to do anything further to conduct her attack. Since:
$$h(\text { Bruce owes Sheila } \ 10)=h(\text { Bruce owes Sheila } \ 100) \text {, }$$
the signature on the message Bruce owes Sheila $\$ 100$is exactly the same as the signature on the message Bruce owes Sheila \$10. So now Sheila claims she received the second message, and Bruce is in financial trouble. Consequently, the output length of a hash function must be sufficiently long that ‘getting lucky’ with the hash is not a reasonable attack strategy.

## 数学代写|密码学CryptographyTheory代考|Hash functions in practice

We have discussed at some length the various properties a hash function should have and looked at several different applications of hash functions. We now discuss some of the hash functions used in practice.
HASH FUNCTION DESIGN
We will not discuss any particular hash function designs in detail, since hash functions are often relatively complex cryptographic primitives to describe, but the following notes present a brief indication of how hash functions have traditionally been designed.

• One popular design technique is to build iterated hash functions. Hash functions of this type are designed to operate in rounds, very much like a block cipher. Each round takes an input of a fixed size (typically a combination of the most recent message block and the output of the last round) and applies a compression function to produce an output of the required hash length. This process is repeated for as many rounds as are required to hash the entire message.
• The Merkle-Damgard construction is a particular type of iterated hash function which many modern hash functions are based on. This design has proved popular because it is possible to show that if the security properties we want our hash function to have apply to the compression function used in each round, then these same security properties hold for the whole hash function.
• Hash functions can either be dedicated designs (meaning they are designed explicitly as hash functions) or can be based on block ciphers. The latter constructions typically employ a block cipher in the design of a compression function, which is then iterated, as described above.
ABRIEF HISTORY OF MODERN HASH FUNCTIONS
Before we discuss some specific examples of hash functions, it is worth recalling that the birthday attack provides the benchmark attack on a hash function. The birthday attack tells us that, on average, collisions for an $n$-bit hash function are more likely than not to be found after around $2^{\frac{n}{2}}$ hash function computations. Thus, any attack which can find collisions using fewer computations will be of interest. If the attack can find collisions using significantly fewer than $2^{\frac{n}{2}}$ computations, then it may even be prudent to advise the hash function should no longer be used.
We now briefly review some of the more well-known (families of) hash functions.

## 数学代写|密码学CryptographyTheory代考|Attacking hash functions in theory

$$h(\text { Bruce owes Sheila } \ 10)=h(\text { Bruce owes Sheila } \ 100) \text {, }$$

C=P^e \bmod n .
C=P^e \bmod n .
$$一个观察C并了解e和n(但不了解d)的攻击者需要计算出P的值是多少。从C, e计算P，而n被认为是一个难题(幸运的是!)，因此RSA的加密函数被认为是单向函数。 ## 数学代写|密码学CryptographyTheory代考|RSA in practice 与我们讨论的大多数加密原语一样，为了强调主要的设计方面，我们对RSA的解释进行了简化。RSA在任何实际实现中都不能完全按照我们所描述的方式进行部署，这一点很重要。相反，应参考并遵循相关标准中概述的最新最佳实践指南。在实践中，对RSA“教科书”版本最关键的改变可能是在加密过程中引入随机化。现在我们来看看为什么这很重要。 概率加密 我们在5.2.2节中介绍的RSA版本是确定性加密的一个例子，这意味着每次使用相同的公钥加密相同的明文时，产生的密文将是相同的。 确定性公钥加密的一个显著缺点是可能出现以下攻击。假设发送给已知接收者的密文已被攻击者观察到，然后攻击者进行如下操作: 攻击者对明文的值进行知情猜测; 攻击者使用已知接收者的公钥加密猜测的明文;和 如果结果与观察到的密文匹配，那么猜测是正确的;如果没有，则攻击者尝试对明文进行另一次猜测。 这种攻击在明文选项有限的情况下特别有效(例如，如果明文是来自有限范围的数据库条目)。我们将把这种攻击称为知情详尽明文搜索。 注意，这种攻击不适用于对称加密。这是因为加密密钥是保密的。即使攻击者知道明文来自一小部分潜在值(甚至可能只有两个)，攻击者也无法进行这种攻击，因为任何加密密钥都可能被窃取 数学代写|密码学代写Cryptography代考 请认准UprivateTA™. UprivateTA™为您的留学生涯保驾护航。 ## 微观经济学代写 微观经济学是主流经济学的一个分支，研究个人和企业在做出有关稀缺资源分配的决策时的行为以及这些个人和企业之间的相互作用。my-assignmentexpert™ 为您的留学生涯保驾护航 在数学Mathematics作业代写方面已经树立了自己的口碑, 保证靠谱, 高质且原创的数学Mathematics代写服务。我们的专家在图论代写Graph Theory代写方面经验极为丰富，各种图论代写Graph Theory相关的作业也就用不着 说。 ## 线性代数代写 线性代数是数学的一个分支，涉及线性方程，如：线性图，如：以及它们在向量空间和通过矩阵的表示。线性代数是几乎所有数学领域的核心。 ## 博弈论代写 现代博弈论始于约翰-冯-诺伊曼（John von Neumann）提出的两人零和博弈中的混合策略均衡的观点及其证明。冯-诺依曼的原始证明使用了关于连续映射到紧凑凸集的布劳威尔定点定理，这成为博弈论和数学经济学的标准方法。在他的论文之后，1944年，他与奥斯卡-莫根斯特恩（Oskar Morgenstern）共同撰写了《游戏和经济行为理论》一书，该书考虑了几个参与者的合作游戏。这本书的第二版提供了预期效用的公理理论，使数理统计学家和经济学家能够处理不确定性下的决策。 ## 微积分代写 微积分，最初被称为无穷小微积分或 “无穷小的微积分”，是对连续变化的数学研究，就像几何学是对形状的研究，而代数是对算术运算的概括研究一样。 它有两个主要分支，微分和积分；微分涉及瞬时变化率和曲线的斜率，而积分涉及数量的累积，以及曲线下或曲线之间的面积。这两个分支通过微积分的基本定理相互联系，它们利用了无限序列和无限级数收敛到一个明确定义的极限的基本概念 。 ## 计量经济学代写 什么是计量经济学？ 计量经济学是统计学和数学模型的定量应用，使用数据来发展理论或测试经济学中的现有假设，并根据历史数据预测未来趋势。它对现实世界的数据进行统计试验，然后将结果与被测试的理论进行比较和对比。 根据你是对测试现有理论感兴趣，还是对利用现有数据在这些观察的基础上提出新的假设感兴趣，计量经济学可以细分为两大类：理论和应用。那些经常从事这种实践的人通常被称为计量经济学家。 ## MATLAB代写 MATLAB 是一种用于技术计算的高性能语言。它将计算、可视化和编程集成在一个易于使用的环境中，其中问题和解决方案以熟悉的数学符号表示。典型用途包括：数学和计算算法开发建模、仿真和原型制作数据分析、探索和可视化科学和工程图形应用程序开发，包括图形用户界面构建MATLAB 是一个交互式系统，其基本数据元素是一个不需要维度的数组。这使您可以解决许多技术计算问题，尤其是那些具有矩阵和向量公式的问题，而只需用 C 或 Fortran 等标量非交互式语言编写程序所需的时间的一小部分。MATLAB 名称代表矩阵实验室。MATLAB 最初的编写目的是提供对由 LINPACK 和 EISPACK 项目开发的矩阵软件的轻松访问，这两个项目共同代表了矩阵计算软件的最新技术。MATLAB 经过多年的发展，得到了许多用户的投入。在大学环境中，它是数学、工程和科学入门和高级课程的标准教学工具。在工业领域，MATLAB 是高效研究、开发和分析的首选工具。MATLAB 具有一系列称为工具箱的特定于应用程序的解决方案。对于大多数 MATLAB 用户来说非常重要，工具箱允许您学习应用专业技术。工具箱是 MATLAB 函数（M 文件）的综合集合，可扩展 MATLAB 环境以解决特定类别的问题。可用工具箱的领域包括信号处理、控制系统、神经网络、模糊逻辑、小波、仿真等。 Posted on Categories:Cryptography, 密码学, 数学代写 ## 数学代写|密码学代写Cryptography Theory代考|Elliptic Curve Cryptography 如果你也在 怎样密码学Cryptography Theory 这个学科遇到相关的难题，请随时右上角联系我们的24/7代写客服。密码学Cryptography Theory 是对存在对抗行为的安全通信技术的实践和研究。 更广泛地说，密码学是关于构建和分析防止第三方或公众阅读私人信息的协议；信息安全的各个方面，如数据保密性、数据完整性、认证和不可抵赖性是现代密码学的核心。现代密码学存在于数学、计算机科学、电子工程、通信科学和物理学等学科的交叉点。密码学的应用包括电子商务、基于芯片的支付卡、数字货币、计算机密码和军事通信。 密码学Cryptography Theory 在现代很大程度上是基于数学理论和计算机科学实践的；密码学算法是围绕计算硬度假设设计的，这使得这种算法在实际操作中很难被任何对手破解。虽然在理论上有可能破解一个设计良好的系统，但在实际操作中这样做是不可行的。因此，这种方案，如果设计得好，被称为 “计算安全”；理论上的进步（例如，整数分解算法的改进）和更快的计算技术要求这些设计被不断地重新评估，如果有必要的话，要进行调整。信息理论上的安全方案，即使有无限的计算能力也无法被破解，如一次性密码键盘，在实践中比理论上可被破解但计算上安全的最佳方案更难使用。 密码学Cryptography Theory 代写，免费提交作业要求， 满意后付款，成绩80\%以下全额退款，安全省心无顾虑。专业硕 博写手团队，所有订单可靠准时，保证 100% 原创。 最高质量的密码学Cryptography Theory 作业代写，服务覆盖北美、欧洲、澳洲等 国家。 在代写价格方面，考虑到同学们的经济条件，在保障代写质量的前提下，我们为客户提供最合理的价格。 由于作业种类很多，同时其中的大部分作业在字数上都没有具体要求，因此密码学Cryptography Theory 作业代写的价格不固定。通常在专家查看完作业要求之后会给出报价。作业难度和截止日期对价格也有很大的影响。 ## avatest™帮您通过考试 avatest™的各个学科专家已帮了学生顺利通过达上千场考试。我们保证您快速准时完成各时长和类型的考试，包括in class、take home、online、proctor。写手整理各样的资源来或按照您学校的资料教您，创造模拟试题，提供所有的问题例子，以保证您在真实考试中取得的通过率是85%以上。如果您有即将到来的每周、季考、期中或期末考试，我们都能帮助您！ 在不断发展的过程中，avatest™如今已经成长为论文代写，留学生作业代写服务行业的翘楚和国际领先的教育集团。全体成员以诚信为圆心，以专业为半径，以贴心的服务时刻陪伴着您， 用专业的力量帮助国外学子取得学业上的成功。 •最快12小时交付 •200+ 英语母语导师 •70分以下全额退款 想知道您作业确定的价格吗? 免费下单以相关学科的专家能了解具体的要求之后在1-3个小时就提出价格。专家的 报价比上列的价格能便宜好几倍。 我们在数学Mathematics代写方面已经树立了自己的口碑, 保证靠谱, 高质且原创的数学Mathematics代写服务。我们的专家在密码学Cryptography Theory 代写方面经验极为丰富，各种密码学Cryptography Theory 相关的作业也就用不着 说。 ## 数学代写|密码学CryptographyTheory代考|Elliptic Curve Cryptography Elliptic Curve Cryptography (ECC) is a phrase used to describe a suite of cryptographic primitives and protocols whose security is based on special versions of the discrete logarithm problem. Instead of using the numbers modulo p, ECC is based on different sets of numbers. These numbers are associated with mathematical objects called elliptic curves. There are rules for adding and computing multiples of these numbers, just as there are for numbers modulo p. We will not concern ourselves here with any of the details of elliptic curves or how to combine the points on such a curve. ECC includes a number of variants of cryptographic primitives which were first designed for modular numbers. As well as variants of ElGamal encryption, these include an elliptic-curve-based variant of the Diffie-Hellman key agreement protocol (see Section 9.4.2), and an elliptic-curve-based variant of the Digital Signature Algorithm (see Section 7.3.6). The advantage of switching from numbers modulo p to points on an elliptic curve is that it is believed the discrete logarithm problem is much harder when applied to points on an elliptic curve. The important implication is that an equivalent security level can be obtained for shorter keys if we use elliptic-curve-based variants. We will show the approximate extent of this reduction in Section 5.4. The many advantages of shorter keys, both in terms of key management and efficient computation (see Section 10.2), make elliptic-curve-based variants highly attractive for many application environments. ECC primitives are being increasingly adopted, especially in resource-constrained environments. ## 数学代写|密码学CryptographyTheory代考|Popularity of RSA Historically there is no doubt RSA has been by far the most popular public-key cryptosystem. There are several possible reasons for this: Maturity. RSA was one of the first public-key cryptosystems to be proposed and was the first to gain widespread recognition. Thus, in many senses, RSA is the brand leader. Less message expansion. ElGamal involves message expansion by default, which makes its use potentially undesirable. The ‘textbook’ version of RSA has no message expansion, and RSA-OAEP has limited message expansion. Marketing. The use of RSA was marketed from an early stage by a commercial company. Indeed, it was at one stage subject to patent in certain parts of the world. ElGamal has not had such successful commercial backing. However, ECC does, and there are a number of patents on ECC primitives. ## 密码学代写 ## 数学代写|密码学CryptographyTheory代考|Elliptic Curve Cryptography 椭圆曲线密码学(ECC)是一个短语，用于描述一套加密原语和协议，其安全性基于离散对数问题的特殊版本。而不是使用数字模p， ECC是基于不同的数字集。这些数字与称为椭圆曲线的数学对象有关。这些数字的加法和计算倍数是有规则的，就像以p为模的数字一样。我们在这里不考虑椭圆曲线的任何细节，也不考虑如何将椭圆曲线上的点组合起来。 ECC包含许多最初为模数设计的密码原语变体。与ElGamal加密的变体一样，这些变体包括基于椭圆曲线的Diffie-Hellman密钥协议变体(参见第9.4.2节)和基于椭圆曲线的数字签名算法变体(参见第7.3.6节)。 从数字模p切换到椭圆曲线上的点的好处是，人们相信离散对数问题在应用于椭圆曲线上的点时要困难得多。重要的含义是，如果我们使用基于椭圆曲线的变体，则可以获得较短密钥的等效安全级别。我们将在第5.4节中显示这种减少的大致程度。 在密钥管理和高效计算方面(参见10.2节)，短密钥的许多优点使得基于椭圆曲线的变体对许多应用程序环境都非常有吸引力。越来越多地采用ECC原语，特别是在资源受限的环境中。 ## 数学代写|密码学CryptographyTheory代考|Popularity of RSA 从历史上看，RSA无疑是迄今为止最流行的公钥密码系统。这有几个可能的原因: 成熟。RSA是最早提出的公开密钥密码系统之一，也是第一个获得广泛认可的密码系统。因此，在许多意义上，RSA是品牌的领导者。 更少的消息扩展。ElGamal默认包含消息扩展，这使得它的使用可能不受欢迎。“教科书”版本的RSA没有消息扩展，RSA- oaep有有限的消息扩展。 市场营销。RSA的使用从一开始就由一家商业公司推向市场。事实上，在世界某些地区，它曾一度受到专利保护。ElGamal还没有获得如此成功的商业支持。但是，ECC可以，并且有许多关于ECC原语的专利。 数学代写|密码学代写Cryptography代考 请认准UprivateTA™. UprivateTA™为您的留学生涯保驾护航。 ## 微观经济学代写 微观经济学是主流经济学的一个分支，研究个人和企业在做出有关稀缺资源分配的决策时的行为以及这些个人和企业之间的相互作用。my-assignmentexpert™ 为您的留学生涯保驾护航 在数学Mathematics作业代写方面已经树立了自己的口碑, 保证靠谱, 高质且原创的数学Mathematics代写服务。我们的专家在图论代写Graph Theory代写方面经验极为丰富，各种图论代写Graph Theory相关的作业也就用不着 说。 ## 线性代数代写 线性代数是数学的一个分支，涉及线性方程，如：线性图，如：以及它们在向量空间和通过矩阵的表示。线性代数是几乎所有数学领域的核心。 ## 博弈论代写 现代博弈论始于约翰-冯-诺伊曼（John von Neumann）提出的两人零和博弈中的混合策略均衡的观点及其证明。冯-诺依曼的原始证明使用了关于连续映射到紧凑凸集的布劳威尔定点定理，这成为博弈论和数学经济学的标准方法。在他的论文之后，1944年，他与奥斯卡-莫根斯特恩（Oskar Morgenstern）共同撰写了《游戏和经济行为理论》一书，该书考虑了几个参与者的合作游戏。这本书的第二版提供了预期效用的公理理论，使数理统计学家和经济学家能够处理不确定性下的决策。 ## 微积分代写 微积分，最初被称为无穷小微积分或 “无穷小的微积分”，是对连续变化的数学研究，就像几何学是对形状的研究，而代数是对算术运算的概括研究一样。 它有两个主要分支，微分和积分；微分涉及瞬时变化率和曲线的斜率，而积分涉及数量的累积，以及曲线下或曲线之间的面积。这两个分支通过微积分的基本定理相互联系，它们利用了无限序列和无限级数收敛到一个明确定义的极限的基本概念 。 ## 计量经济学代写 什么是计量经济学？ 计量经济学是统计学和数学模型的定量应用，使用数据来发展理论或测试经济学中的现有假设，并根据历史数据预测未来趋势。它对现实世界的数据进行统计试验，然后将结果与被测试的理论进行比较和对比。 根据你是对测试现有理论感兴趣，还是对利用现有数据在这些观察的基础上提出新的假设感兴趣，计量经济学可以细分为两大类：理论和应用。那些经常从事这种实践的人通常被称为计量经济学家。 ## MATLAB代写 MATLAB 是一种用于技术计算的高性能语言。它将计算、可视化和编程集成在一个易于使用的环境中，其中问题和解决方案以熟悉的数学符号表示。典型用途包括：数学和计算算法开发建模、仿真和原型制作数据分析、探索和可视化科学和工程图形应用程序开发，包括图形用户界面构建MATLAB 是一个交互式系统，其基本数据元素是一个不需要维度的数组。这使您可以解决许多技术计算问题，尤其是那些具有矩阵和向量公式的问题，而只需用 C 或 Fortran 等标量非交互式语言编写程序所需的时间的一小部分。MATLAB 名称代表矩阵实验室。MATLAB 最初的编写目的是提供对由 LINPACK 和 EISPACK 项目开发的矩阵软件的轻松访问，这两个项目共同代表了矩阵计算软件的最新技术。MATLAB 经过多年的发展，得到了许多用户的投入。在大学环境中，它是数学、工程和科学入门和高级课程的标准教学工具。在工业领域，MATLAB 是高效研究、开发和分析的首选工具。MATLAB 具有一系列称为工具箱的特定于应用程序的解决方案。对于大多数 MATLAB 用户来说非常重要，工具箱允许您学习应用专业技术。工具箱是 MATLAB 函数（M 文件）的综合集合，可扩展 MATLAB 环境以解决特定类别的问题。可用工具箱的领域包括信号处理、控制系统、神经网络、模糊逻辑、小波、仿真等。 Posted on Categories:Cryptography, 密码学, 数学代写 ## 数学代写|密码学代写Cryptography Theory代考|Setting up RSA 如果你也在 怎样密码学Cryptography Theory 这个学科遇到相关的难题，请随时右上角联系我们的24/7代写客服。密码学Cryptography Theory 是对存在对抗行为的安全通信技术的实践和研究。 更广泛地说，密码学是关于构建和分析防止第三方或公众阅读私人信息的协议；信息安全的各个方面，如数据保密性、数据完整性、认证和不可抵赖性是现代密码学的核心。现代密码学存在于数学、计算机科学、电子工程、通信科学和物理学等学科的交叉点。密码学的应用包括电子商务、基于芯片的支付卡、数字货币、计算机密码和军事通信。 密码学Cryptography Theory 在现代很大程度上是基于数学理论和计算机科学实践的；密码学算法是围绕计算硬度假设设计的，这使得这种算法在实际操作中很难被任何对手破解。虽然在理论上有可能破解一个设计良好的系统，但在实际操作中这样做是不可行的。因此，这种方案，如果设计得好，被称为 “计算安全”；理论上的进步（例如，整数分解算法的改进）和更快的计算技术要求这些设计被不断地重新评估，如果有必要的话，要进行调整。信息理论上的安全方案，即使有无限的计算能力也无法被破解，如一次性密码键盘，在实践中比理论上可被破解但计算上安全的最佳方案更难使用。 密码学Cryptography Theory 代写，免费提交作业要求， 满意后付款，成绩80\%以下全额退款，安全省心无顾虑。专业硕 博写手团队，所有订单可靠准时，保证 100% 原创。 最高质量的密码学Cryptography Theory 作业代写，服务覆盖北美、欧洲、澳洲等 国家。 在代写价格方面，考虑到同学们的经济条件，在保障代写质量的前提下，我们为客户提供最合理的价格。 由于作业种类很多，同时其中的大部分作业在字数上都没有具体要求，因此密码学Cryptography Theory 作业代写的价格不固定。通常在专家查看完作业要求之后会给出报价。作业难度和截止日期对价格也有很大的影响。 ## avatest™帮您通过考试 avatest™的各个学科专家已帮了学生顺利通过达上千场考试。我们保证您快速准时完成各时长和类型的考试，包括in class、take home、online、proctor。写手整理各样的资源来或按照您学校的资料教您，创造模拟试题，提供所有的问题例子，以保证您在真实考试中取得的通过率是85%以上。如果您有即将到来的每周、季考、期中或期末考试，我们都能帮助您！ 在不断发展的过程中，avatest™如今已经成长为论文代写，留学生作业代写服务行业的翘楚和国际领先的教育集团。全体成员以诚信为圆心，以专业为半径，以贴心的服务时刻陪伴着您， 用专业的力量帮助国外学子取得学业上的成功。 •最快12小时交付 •200+ 英语母语导师 •70分以下全额退款 想知道您作业确定的价格吗? 免费下单以相关学科的专家能了解具体的要求之后在1-3个小时就提出价格。专家的 报价比上列的价格能便宜好几倍。 我们在数学Mathematics代写方面已经树立了自己的口碑, 保证靠谱, 高质且原创的数学Mathematics代写服务。我们的专家在密码学Cryptography Theory 代写方面经验极为丰富，各种密码学Cryptography Theory 相关的作业也就用不着 说。 ## 数学代写|密码学CryptographyTheory代考|Setting up RSA All the real work in RSA occurs during key generation. This should not be surprising since the ‘clever’ part of any public-key cryptosystem is in designing a relationship between two keys which allows one to reverse the effect of the other, while allowing one of them to be publicly known. Note we do not have to be quite so mathematically clever when generating symmetric keys, which ‘just’ requires an ability to randomly generate numbers (see Section 8.1). The wider issues associated with key generation are discussed in more detail in Section 10.3. GENERATING AN RSAKEYPAIR We are now ready to generate an RSA key pair. The ‘we’ in this case is anyone who is setting up an RSA key pair. This could be someone generating a key pair for themselves, or a trusted key centre generating a key pair for a client. If we wish to set up a network of users who may want to communicate with one another using RSA, then every user in the network will need to run this key pair generation process, or have the trusted key centre run it for them. We proceed as follows: Generating the modulus. Let n be the product of two large primes p and q. In other words, let n=p q. By large, we typically mean a minimum of 512 bits long, preferably even longer. Thus, p and q are very large primes, and n is an even larger number. Finding primes of this size is not straightforward, but there are known processes for generating them. The number n produced in this step is usually referred to as an RSA modulus. Generating e. We select a ‘special’ number e. The number e cannot be just any number. For example, it must be greater than 1 and less than (p-1)(q-1). The precise mathematical property that e must have is there must be no numbers dividing neatly into e and into (p-1)(q-1) except for 1 . The mathematical term for this property is that e and (p-1)(q-1) are coprime. Consider the following simple example: • Let p=3 and q=7. In this case, (p-1)(q-1)=2 \times 6=12. Any suitable choice of e must have the property there are no numbers neatly dividing into e and 12 , except for 1. • e=2 is no good, since 2 is a factor of both 2 and 12. For a similar reason, we canalso rule out all multiples of 2 , namely, e=4, e=6 \cdot e=8, and e=10. • e=3 is no good, since 3 is a factor of both 3 and 12. For a similar reason, we can also rule out all multiples of 3 , namely, e=6 and e=9 • The remaining choices are e=5, e=7, and e=11. Since in each case there is no number dividing into these choices of e and 12 , other than 1 , all these choices of e are valid. Unlike in this ‘toy’ example, for the sizes of p and q we tend to use in real RSA implementations, we will find many numbers less than (p-1)(q-1) which have the right property to be used as e. ## 数学代写|密码学CryptographyTheory代考|Generating the private key Generating the private key. We compute the private key d from p, q, and e. The private key d is uniquely determined by the public key (n, e), meaning that given an n and an e, there can only ever be one possible value d. This is essentially the clever part of RSA, since it is the mathematical relationship between e and d which makes RSA work. We thus have to be precise about how to find this value d. In mathematical terminology, the private key d is the inverse of e modulo (p-1)(q-1) (see the Mathematics Appendix for more details). What this means is that d is the unique number less than (p-1)(q-1) which, when multiplied by e, is equal to 1 modulo (p-1)(q-1). Written mathematically (which is much simpler), this relationship is expressed by:$$
e d=1 \bmod (p-1)(q-1) .
$$It is sufficient just to accept that, if we choose e correctly, such a d exists and is unique. Conveniently, there is a simple algorithm to compute d. This algorithm is known as the Extended Euclidean Algorithm, which takes as input p, q, and e, and outputs d. The Extended Euclidean Algorithm can be computed in polynomial time by anyone who knows p and q. However, anyone who does not know p and q cannot run it to find d. This is why it is important that n=p q is difficult to factor. If n was easy to factor, then an attacker could compute p and q and then run the Extended Euclidean Algorithm to obtain d. It is worth providing an example of RSA key generation, just to make sure the process is clear. This example will, of course, use numbers which are far too small to be used in practice. Just keep in mind that the primes we use are just six bits long, rather than the thousands of bits long often recommended for RSA implementations. ## 密码学代写 ## 数学代写|密码学CryptographyTheory代考|Setting up RSA RSA中所有的实际工作都发生在密钥生成过程中。这并不奇怪，因为任何公钥密码系统的“聪明”之处在于设计两个密钥之间的关系，允许一个密钥反转另一个密钥的效果，同时允许其中一个密钥被公开。注意，在生成对称密钥时，我们不需要在数学上如此聪明，这只需要随机生成数字的能力(参见8.1节)。与密钥生成相关的更广泛的问题将在第10.3节中更详细地讨论。 生成rsakepair 现在我们准备好生成RSA密钥对了。在这种情况下，“我们”是建立RSA密钥对的任何人。这可以是某人为自己生成密钥对，也可以是可信的密钥中心为客户端生成密钥对。如果我们希望建立一个使用RSA相互通信的用户网络，那么网络中的每个用户都需要运行这个密钥对生成过程，或者让受信任的密钥中心为他们运行这个过程。我们的程序如下: 生成模数。设n是两个大质数p和q的乘积。换句话说，让n=p q。总的来说，我们通常指的是至少512位长，最好更长。因此，p和q是非常大的质数，n是一个更大的数。找到这么大的质数并不简单，但已知的生成质数的过程是存在的。在这个步骤中产生的数字n通常被称为RSA模数。 生成e。我们选择一个“特殊”号码e。数字e不能是任意的数字。例如，它必须大于1且小于(p-1)(q-1)。e必须具有的精确的数学性质是，除了1之外，不能有数字整齐地分成e和(p-1)(q-1)。这个性质的数学术语是e和(p-1)(q-1)是互素数。考虑下面这个简单的例子: 让p=3和q=7。在本例中为(p-1)(q-1)=2 \times 6=12。任何合适的e选择都必须具有以下属性:除了1之外，没有数字可以整齐地分成e和12。 e=2 不行，因为2是2和12的因数。出于类似的原因，我们也可以排除2的所有倍数，即e=4, e=6 \cdot e=8和e=10。 e=3 不行，因为3是3和12的因数。出于类似的原因，我们也可以排除3的所有倍数，即e=6和 e=9 剩下的选项是e=5, e=7和e=11。因为在每种情况下，除了1之外，没有数字可以分成e和12这两个选项，所以所有这些e选项都是有效的。 与这个“玩具”示例不同，对于我们倾向于在实际RSA实现中使用的p和q的大小，我们会发现许多小于(p-1)(q-1)的数字具有用作e的正确属性。 ## 数学代写|密码学CryptographyTheory代考|Generating the private key 生成私钥。我们从p, q和e计算私钥d。私钥d由公钥(n, e)唯一地确定，这意味着给定n和e，只能有一个可能的值d。这本质上是RSA的聪明之处，因为它是e和d之间的数学关系，使RSA工作。因此，我们必须精确地找到这个值d。 在数学术语中，私钥d是e模(p-1)(q-1)的倒数(有关详细信息，请参阅数学附录)。这意味着d是唯一小于(p-1)(q-1)的数，当乘以e时，等于1模(p-1)(q-1)。用数学方法(更简单)来表示这种关系:$$
e d=1 \bmod (p-1)(q-1) .


## MATLAB代写

MATLAB 是一种用于技术计算的高性能语言。它将计算、可视化和编程集成在一个易于使用的环境中，其中问题和解决方案以熟悉的数学符号表示。典型用途包括：数学和计算算法开发建模、仿真和原型制作数据分析、探索和可视化科学和工程图形应用程序开发，包括图形用户界面构建MATLAB 是一个交互式系统，其基本数据元素是一个不需要维度的数组。这使您可以解决许多技术计算问题，尤其是那些具有矩阵和向量公式的问题，而只需用 C 或 Fortran 等标量非交互式语言编写程序所需的时间的一小部分。MATLAB 名称代表矩阵实验室。MATLAB 最初的编写目的是提供对由 LINPACK 和 EISPACK 项目开发的矩阵软件的轻松访问，这两个项目共同代表了矩阵计算软件的最新技术。MATLAB 经过多年的发展，得到了许多用户的投入。在大学环境中，它是数学、工程和科学入门和高级课程的标准教学工具。在工业领域，MATLAB 是高效研究、开发和分析的首选工具。MATLAB 具有一系列称为工具箱的特定于应用程序的解决方案。对于大多数 MATLAB 用户来说非常重要，工具箱允许您学习应用专业技术。工具箱是 MATLAB 函数（M 文件）的综合集合，可扩展 MATLAB 环境以解决特定类别的问题。可用工具箱的领域包括信号处理、控制系统、神经网络、模糊逻辑、小波、仿真等。

Posted on Categories:Cryptography, 密码学, 数学代写

## avatest™帮您通过考试

avatest™的各个学科专家已帮了学生顺利通过达上千场考试。我们保证您快速准时完成各时长和类型的考试，包括in class、take home、online、proctor。写手整理各样的资源来或按照您学校的资料教您，创造模拟试题，提供所有的问题例子，以保证您在真实考试中取得的通过率是85%以上。如果您有即将到来的每周、季考、期中或期末考试，我们都能帮助您！

•最快12小时交付

•200+ 英语母语导师

•70分以下全额退款

## 数学代写|密码学CryptographyTheory代考|Cipher Feedback mode

An alternative way of providing message dependency is to use Cipher Feedback (CFB) mode. This has broadly similar properties to $\mathrm{CBC}$ mode, but is subtly different in the way it operates.
ENCRYPTION USING CFB MODE
There are several variants of CFB mode. The basic version of CFB mode encryption is illustrated in Figure 4.12. The CFB encryption process proceeds as follows:

1. Put an initialisation vector (IV) into the top register. As in $\mathrm{CBC}$ mode, the $\mathrm{IV}$ has to be known by the sender and receiver (see Section 4.6.2 for a discussion of how this could be facilitated).
2. Encrypt the contents of the top register with the key, and place the result in the bottom register. Note, however, even though we have just performed encryption using the block cipher:
• the ‘plaintext’ block we have just encrypted was not the real plaintext we are trying to encrypt (we have not used this yet); and
• the ‘ciphertext’ block we have just produced is not the final ciphertext (clearly it cannot be, since it was not computed using the real plaintext block).
1. Take the first plaintext block $P_1$ and XOR this to the contents of the bottom register. The result of this is $C_1$, our first block of ciphertext.
2. Send $C_1$ to the receiver, and replace the contents of the top register with $C_1$. We have just fed back the ciphertext!
3. Now repeat from step 2. In other words, encrypt the contents of the top register (which now contains $C_1$ ) with the key; place the result in the bottom register; take the next plaintext block $P_2$, and XOR this to the contents of the bottom register to obtain the next block of ciphertext $C_2$; send $C_2$ to the receiver, and replace the contents of the top register with $C_2$. Continue in this manner until the last plaintext block has been XORed to the contents of the bottom register and passed on to the receiver.

## 数学代写|密码学CryptographyTheory代考|Counter mode

The last of the modes of operation we will describe in full is Counter (CTR) mode.
ENCRYPTION AND DECRYPTION USING CTR MODE
Counter mode can be thought of as a counter-based version of CFB mode without the feedback. The main difference is that we assume both the sender and receiver have access to a reliable counter, which computes a new shared value each time a ciphertext block is exchanged. This shared counter is not necessarily a secret value, but both sides must keep the counter synchronised. Both encryption and decryption in CTR mode are depicted in Figure 4.14.

Encryption can proceed as follows:

1. The initial value in the top register is the initial counter value. This value is the same for both the sender and the receiver and plays the same role as the IV in CFB (and CBC) mode.
2. As in CFB mode, encrypt the contents of the top register (the counter value) with the key, and place the result in the bottom register.
3. As in CFB mode, take the first plaintext block $P_1$, and XOR this to the contents of the bottom register. The result of this is $C_1$, our first block of ciphertext.
4. Send $C_1$ to the receiver and update the counter, placing the new counter value into the top register (thus, the counter update replaces the ciphertext feedback in CFB mode). Now repeat from step 2. Continue in this manner until the last plaintext block has been XORed to the contents of the bottom register and passed on to the receiver. (In fact, this entire process can be parallelised, as we will shortly discuss.)

Thus, CTR mode does not have message dependency (a ciphertext block does not depend on the previous plaintext blocks), but it does have positional dependency since a ciphertext block depends on the position of the current plaintext block within the message.
Decryption, which is similar to encryption, proceeds as follows:

1. Start by placing the initial counter value in the top register.
2. As in CFB mode, encrypt the contents of the top register (the counter value) with the key, and place the result in the bottom register.
3. As in CFB mode, take the first ciphertext block $C_1$, and XOR this to the contents of the bottom register. The result of this is $P_1$, our first block of plaintext.
4. Update the counter, placing the new counter value in the top register.
5. Now repeat from step 6. Continue in this manner until the last ciphertext block has been XORed to the contents of the bottom register to generate the last plaintext block.

## 数学代写|密码学CryptographyTheory代考|Cipher Feedback mode

CFB模式有几种变体。CFB模式加密的基本版本如图4.12所示。CFB加密过程如下:

## MATLAB代写

MATLAB 是一种用于技术计算的高性能语言。它将计算、可视化和编程集成在一个易于使用的环境中，其中问题和解决方案以熟悉的数学符号表示。典型用途包括：数学和计算算法开发建模、仿真和原型制作数据分析、探索和可视化科学和工程图形应用程序开发，包括图形用户界面构建MATLAB 是一个交互式系统，其基本数据元素是一个不需要维度的数组。这使您可以解决许多技术计算问题，尤其是那些具有矩阵和向量公式的问题，而只需用 C 或 Fortran 等标量非交互式语言编写程序所需的时间的一小部分。MATLAB 名称代表矩阵实验室。MATLAB 最初的编写目的是提供对由 LINPACK 和 EISPACK 项目开发的矩阵软件的轻松访问，这两个项目共同代表了矩阵计算软件的最新技术。MATLAB 经过多年的发展，得到了许多用户的投入。在大学环境中，它是数学、工程和科学入门和高级课程的标准教学工具。在工业领域，MATLAB 是高效研究、开发和分析的首选工具。MATLAB 具有一系列称为工具箱的特定于应用程序的解决方案。对于大多数 MATLAB 用户来说非常重要，工具箱允许您学习应用专业技术。工具箱是 MATLAB 函数（M 文件）的综合集合，可扩展 MATLAB 环境以解决特定类别的问题。可用工具箱的领域包括信号处理、控制系统、神经网络、模糊逻辑、小波、仿真等。