Welcome to Unit 7. This is the conclusion of the class.
I hope everyone's enjoyed it and learned a lot about cryptography.
I'll summarize the class briefly, and then I will talk about one new protocol
and one new application of cryptography to do secure computation.
One important point that I want to make today that I haven't made throughout the class enough
is that cryptography is very different from security.
When we're thinking about cryptography, these are very abstract things.
We're thinking about whether we can use math to solve problems.
On the other hand, security depends on a lot more than just cryptography.
Security is really mostly about people.
No matter how good your math is,
if someone picks "123456" for their password, it doesn't matter.
You're not going to have security.
Security is also about the systems and how they interface with each other.
Many of the security problems are because of misunderstanding the connections between systems.
In this class, we've largely focused on cryptography
and not addressed the broader issues about security.
But if you want to build secure systems, well these issues are very important.
It's not just about the math.
Cryptography is all about secrets,
and we've seen lots and lots of ways to use secrets to solve problems.
We started in Unit 1, looking at the one-time pad,
where we could XOR a message with a key.
And we saw that that provides perfect secrecy in a strong theoretical sense
that an eavesdropper who intercepts this message can learn nothing at all about the message.
But that it requires a perfectly random key that's never re-used that's as long as the message.
So it doesn't work well in practice.
It also has all sorts of other problems like the malleability of the one-time pad.
This led us in Unit 2 to look at some ways to use practical symmetric ciphers
to provide nothing close to perfect secrecy, but something useful for many purposes.
We saw that we could amplify the security provided by a small shared key
to obtain a secure channel for sending long messages.
And we've talked about modes of operation that can do that with different levels of security.
And then we talked about cryptographic hash functions,
which provide a way to map a message to a smaller value that provides pre-image resistance
so it's hard to find a message that hashes that value as well as collision resistance.
And this is usual for authentication as well as lots of other purposes that we've seen.
The big limitation of symmetric ciphers is they require a shared secret between the two parties.
In Unit 3, we talked about key distribution focusing on the Diffie-Hellman protocol for key agreement.
And that allows the 2 parties to establish a shared secret starting from an insecure channel.
That led to asymmetric cryptosystems,
in particular RSA as an example of a public key cryptosystem.
That provide the additional functionality where the encryption function
doesn't reveal the decryption function.
This enables lots of interesting uses of cryptography.
In Unit 5, we saw how to use public key combined with symmetric ciphers to provide authentication.
And we focused in particular on the TLS protocol
that's used as the basis for electronic commerce on the web.
In Unit 6, we looked at protocols for anonymous routing, voting, and digital cash -
all of which combined a mix of asymmetric and symmetric cryptosystems.
So I hope you've enjoyed this tour of cryptography.
We've seen lots of different things that can be built from a few simple primitives.
I'm going to cover one more protocol in this unit, which is looking at secure computation.
And it uses many of the tools that we've seen in all of these previous units.
