This course is an introduction to the basic
theory and practice of cryptographic techniques used in computer
security. The course is intended for advanced undergraduates and
The following is a tentative list of topics. Next to each
topic we list some related readings in the textbook. S31-34
means pages 31 to 34 in Stinson's book.
Note: Students are responsible for all
the material covered during the lectures. The textbooks do not cover
everything said in class.
Topics - tentative
- History. Overview of cryptography. S1-13, S25-34
Basic Secret Key Encryption (security against
- Information theoretic security. One time pad. Perfect secrecy.
Stream ciphers. RC4.
S45-54, S21-24, S37-38
- Feistel networks. DES. Using block ciphers (basic modes of operation).
- Strengthening DES: DESX and 3DES.
Attacks on block ciphers: Time-space tradeoffs, Differential &
Linear cryptanalysis, Meet-in-the-middle. The AES cipher.
- Semantic security. Pseudo Random Permutations.
Luby-Rackoff. Analysis of CBC mode.
Message Integrity (Hashing)
- Non keyed hash functions. Motivation and applications.
Merkle-Damgard and other constructions.
- Message Authentication Codes (MAC).
Constructions: CBC-MAC, HMAC.
More Secret Key Stuff
- Security against active attacks. Properly combining basic encryption and
How not to do it: 802.11b encryption
Other problems with 802.11b encryption.
Basic key distribution using online Trusted Third Parties.
Public Key Encryption
- Arithmetic modulo primes. Algorithms: bignum arithmetic,
- Cryptography using arithmetic modulo primes:
Discrete log. Diffie-Hellman Key Exchange.
ElGamal encryption. Random self reductions.
- Arithmetic modulo composites.
- RSA and Rabin encryption. PKCS1 vs. OAEP vs. OAEP+.
Performance of RSA. How to use RSA. Hybrid encryption.
- Vulnerabilities: Unpadded RSA is insecure. Small private key.
Random padding. Timing attacks. Fault attacks.
- Definition of secure signature schemes. Lamport and Merkle schemes.
- How to sign using RSA. Brief overview of the Digital
Signature Standard (DSS).
Crypto in the Real World
- Trust management: Certificates. Certificate chains. Cross
- PGP, SSL, SSH, IPsec.
Authentication and Key Exchange
- UNIX/NT Passwords, salts. One time passwords, S/Key.
Encrypted Key Exchange (EKE). Challenge response
- Kerberos. The Needham-Schroeder protocol.
A bit of Zero knowledge proofs of knowledge.