This course is an introduction to the basic
theory and practice of cryptographic techniques used in computer
security. The course is intended for advanced undergraduates and
The following is a tentative list of topics. Next to each
topic we list some related readings in the textbooks. R31-34
means pages 31 to 34 in Stinson's Red book
means pages 45 to 49 in Stallings Blue book.
Note: Students are responsible for all
the material covered during the lectures. The textbooks do not cover
everything said in class.
Topics - tentative
- History. Overview of cryptography. Attack models. R1-13,
Secret Key Encryption
- Information theoretic security. One time pad. Stream ciphers. R44-51,
- Feistel networks. DES. DESX. 3DES. Luby-Rackoff. The AES cipher.
- Vulnerabilities: Time-space tradeoffs, Differential &
Linear cryptanalysis, Meet-in-the-middle. R86-97,
- Key distribution using online Trusted Third Parties. B141-149.
Public Key Encryption
- Arithmetic modulo primes. Algorithms: bignum arithmetic,
repeated squaring. R114-123,
- Cryptography using arithmetic modulo primes: Discrete log. Diffie-Hellman Key Exchange.
Random self reductions. R162-176,
- Arithmetic modulo composites. B226-227.
- RSA encryption. Rabin. Bit security. PKCS1 vs. OAEP.
Performance of RSA. How to use RSA.
- Vulnerabilities: Unpadded RSA is insecure, Small private key, broadcast,
Random padding. Timing attacks. R138-144.
- Non keyed hash functions. Motivation and applications.
Merkle-Damgard and other constructions. R232-246,
Authentication Codes (MAC). Applications.
- Definition of secure signature schemes. Lamport and Merkle schemes.
- How to sign using RSA. Brief overview of the Digital
Signature Standard (DSS). B299-313,
Crypto in the real world
- Trust management: Certificates. Certificate chains. Cross
certification. Revocation. B341-349.
- PGP, SSL, IPsec. B356-373,
- Secure file systems. CFS. Key Recovery/escrow.
- UNIX/NT Passwords, salts. One time passwords, S/Key.
Encrypted Key Exchange (EKE). Challenge response
- Zero knowledge proofs of knowledge,
examples. The Fiat-Shamir protocol.
- Kerberos V4. The Needham-Schroeder protocol. B323-340.
- Attacks based on buffer overflows, simple timing attacks, TEMPEST.
- Denial of Service attacks (DoS and DDos), covert channels.