Видео

bro's german is very understandable , but huge respect sir , super , Es hat mir viel Spaß gemacht, aber der Vortrag ist okay

I love the way he speaks because he sounds German. It's like i'm learning from the military in ww2 XD

## My notes ### Group Ring Field Group +-, Ring +-*, Field +-*/ Group has operations "+", null element, additive inverse Ring has what group has on the operation + AND it has an operation * where it is a monoid (associativity and null element) AND distrubtivity Field is a Ring with * almost being a group, except on the + element's null element has no inverse ### Finite Fields Finite fields (FF, also called Galois Field - GF, "Endlicher Körper") is a field over a finite set. Theorem: Finite fields can only exist with p^m elements, where p is a prime. Finite fields are denoted with GF(p^m). For example GF(256) Which is used in AES! Prime field is a GF(p^m) with m=1 Extension field is GF(p^m) with m!=1 ### Prime Field Arithmetic do +,-,* N modulo p^m (.)^-1 is tricky - Extended Euclidian aglorithm to compute it. ### Extension Fields A representation of the extension field is with polynomials where the coeffs are elements of the primefield and the max degree is p^m-1 For p = 2 and m=8 the elements of the field can be represented on 9 bits! (a_i /in {0,1}) - Addition is regular polinomial addition mod p^m. This is an "XOR" in case of p=2. - additive inverse is regular poynomial multiplied by (-1) mod p^m. In case p=2, it is bitflips. - multiplication is normal mulitplication then reducing recursively by an irreducible polynomial in the field. // I do not understand this part. This part requires a deeper knowledge of algebra? - multiplicative inverse, perform extended euclidian algo ### Extended Euclidian algo (prime fields remark) #### About Euclidian algo It is used to calculate GDC (Greatest Common Divisor) of two numbers a and b. = Greatest number that divides both a and b. Let a>=b, do a/b and have r_0 as the remainder. In each of the following steps divide the smaller number by the remainder to get the new remainder. In the case above b / r_0 will get r_1 The GDC is gonna divide all remainders bcs at any step: r_n / r_n+1 = d * r_n+1 + r_n+2 . By induction r_n and r_n+1 are divisble by GDC, d* r_n+1 is also ( r_n+1 is) so is also divisible by GDC r_n+2. The last remainder in the algo before 0 is the GDC. #### Extended Euclidian algo helps finding x and y numbers so that ax + by = gdc(a,b). This is called Bezeut's identity Basically you have to do the Euclidian algo's proof backward to find x and y.

Are there advancements or new material that you would include today that were not included 10 years ago?

annoying students, they can't stop talking for 90 minutes.

One dangerous hardware fact : Most computer architecture implementations are able to only use 3% of the capability of the CPU, Imagine if they find a way to use 100% of the CPU capability, doesn't this means that all encryption algorithms are breakable by just Brute Force?

@17:52 In definition of confusion, it should be relation between key and ciphertext obsured.

"now go back to sleep ,okay"

U can go home or go to sleep, But just don't talk, It's rule number 1 and number 2 to be a good cryptographer. 🙃

good luck finding an algorithm that can stop atlastoby

Great lectures and Great professor, the problem is I didn't get it at all 🤣.

Go back to sleep 🙃.

Why the factorial of 26! ? why not 26 to the power of the letters ? just like in binary 2 to the power of the number of the bits ?

Thanks for the great explanation since I am looking for the answer about AES GCM message authentication ❤

Clocks are actually infinite sets that just increment the day by 1 every time the base of 24 is satisfied. And we are just truncating the incrementing day value. A better example of a modular set would be the alphabet, since once you get to the end of the set, it doesn't increment a higher place value. If a clock is a modular set then it follows that the decimal system's 1s place is a modular set if you don't show the tens place.

Zank yew fau zis lektur! Schnitzel-dwaf!

where is subtitles?????????????

Thanks for uploading teacher

Thank you for your excellent cryptography lectures. They have been incredibly helpful for my studies. Could you please consider making videos on the new chapters about SHA-3 and post-quantum cryptography from the latest edition of your book?

Prof. Christof Paar in Cryptography = Prof. Gilbert Strang in Linear Algebra (I really hope Prof. Paar reads this comment 🥺)

I love those boards...............................

14 years after the recording of this video, It is still perfect

Thanks so much!!

how come most learning for cryptography online is quite dated? most the lectures and courses are from years ago, this one is a decade old, alot are years old and talking about stuff like dvd and blu ray encryption, is this stuff becoming too top secret for open learning now?

I love the way he says "that's it for today thank you very much"

56:35 anybody knows what a "cupa cubana" is?

I love these and thank you for sharing them. I will say I disagree about the statement at 17:25 though about AES being generally secure because the agencies use it. What was later found since this time period was that AES has this property where some keys are strong and others are weak. There were certain attacks possible with poorly chosen keys and of course the NSA requires their own use of AES to get keys provided from a central key authority within the NSA. This key authority then only provides strong keys for their internal use and if laymen use AES they lack the knowledge of how to select these extra strong keys. Now that future attacks such as Invariant Subspace were discovered we can see how clever this was. So the statement at 17:25 I highly disagree with and we learned that this kind of logic fails with new side-channel and mathematical attacks. The simple use of an algorithm by the government means nothing unless you also can use their key selection processes. They are willing to bless subpar implementations and utilize those weaknesses against others while shielding themselves. Otherwise excellent lecture.

Thank you for this wonderful lecture, Mr. Paar.

24:30

boring lecture

Rule number one for a teacher: Never assume that everyone is on the same page!

at 29:13 when defining the set the number to the right of 12 shoukd be 17 not 15

I think the combinations for the permutations at 54:54 are wrong.if you are considering capital letters - which looks to be true . So the combinations are really 52 * 51 * 50 * 49. Good lecture though otherwise.

noob question. if there's a secure channel to exchange keys. why not just use that channel to transfer the data?

What kind of filming is this? I've never seen the board move like I'm on a boat before. It works though. Thanks for publishing these!

Great lectures ♥

Sir which book were you refering to in class?

9:12 Did he just glance at his watch and say "3 months ago"?

In the encryption, we have IP in the beginning and IP^-1 in the end which means that the initial permutation has been sort of cancelled by the inverse of initial permutation. Why do we need IP and IP^-1 in the decryption if the effect of permutation has been nullified during the encryption? Maybe I am missing something here. Thanks for your time in reading my question (and hopefully answering it).😃

i can't believe how disrespectful these students are. Great lecture.

Thank you so much, you make learning this fun and so interesting and not easy but much easier!

Please somebody make subtitles for the videos.

Where have you been this whole time!

Thank you for the lecture

Zee Proffesor I should have had in my Computer Science Klass.

Thanks professor for this amazing lecture !

I don't know if I miss something because of my English skill but In book, it said " If two inputs to an S-box differ in exactly one bit, their outputs must differ in at least two bits". I tried it by inputting two 100110 and 100101. Even though they differ only one bit and outputs are same (8 = 1000). This happen in S box 1.

Preciate it brother

your sound is more faster then the video

Professor Christof Paar is an international treasure.