This course is an introduction to the basic
theory and practice of cryptographic techniques used in computer
security. The course is intended for advanced undergraduates and
The following is a tentative list of topics. Next to each
topic we list some related readings in the textbook.
means pages 31 to 34 in the second edition of
S31-34 refers to the third edition.
Note: Students are responsible for all
the material covered during the lectures. The textbooks do not cover
everything said in class.
Topics - tentative
- History. Overview of cryptography. S1-13, S25-34
Basic Secret Key Encryption (security against
- Information theoretic security. One time pad. Perfect secrecy.
Stream ciphers. RC4.
- Feistel networks. DES. Using block ciphers (basic modes of operation).
- Strengthening DES: DESX and 3DES.
Attacks on block ciphers: Time-space tradeoffs, Differential &
Linear cryptanalysis, Meet-in-the-middle. The AES cipher.
- Semantic security. Pseudo Random Permutations.
Luby-Rackoff. Analysis of counter mode.
Message Integrity (Hashing)
- Non keyed hash functions. Motivation and applications.
Merkle-Damgard and Davies-Meyer.
- Message Authentication Codes (MAC).
Constructions: CBC-MAC, HMAC.
More Secret Key Stuff
- Secure channels: properly combining basic encryption and
How not to do it: 802.11b encryption
Other problems with 802.11b encryption.
Basic key distribution using online Trusted Third Parties.
Public Key Encryption
- Arithmetic modulo primes. Algorithms: bignum arithmetic,
- Cryptography using arithmetic modulo primes:
Discrete log. Diffie-Hellman Key Exchange.
ElGamal encryption. Random self reductions.
- Arithmetic modulo composites.
- RSA and Rabin encryption. PKCS1 vs. OAEP vs. OAEP+.
Performance of RSA. How to use RSA. Hybrid encryption.
- Vulnerabilities: Unpadded RSA is insecure. Small private key.
Random padding. Timing attacks. Fault attacks.
- Definition of secure signature schemes. Lamport and Merkle schemes.
- How to sign using RSA. Brief overview of the Digital
Signature Standard (DSS).
Crypto in the Real World
- Trust management: Certificates. Certificate chains. Cross
certification. Certificate revocation.
- SSL, SSH, IPsec.
Authentication and Key Exchange
- UNIX/NT Passwords, salts. One time passwords.
S/Key and SecurID.
Challenge response authentication.
Encrypted Key Exchange (EKE).
- Kerberos. The Needham-Schroeder protocol.
A bit of Zero knowledge proofs of knowledge.