CS 255 Syllabus
(Winter 1998)
This course is an introduction to the basic theory and practice of
cryptographic techniques used in computer security. The course is intended
for advanced undergraduates and graduate students.
Topic by lecture  tentative
Introduction

History. Overview of cryptography. Attack models.
Secret Key Encryption

Information theoretic security. One time pad. Unbreakability of one time
pad. How to break a one time pad. Stream ciphers.

Feistel networks. DES. Modes of operation (+ DESX). LubyRackoff.

Vulnerabilities: Timespace tradeoffs, Differential & Linear cryptanalysis,
Meetinthemiddle.

Key distribution using Trusted Third Parties.
Merkle puzzels.
Public Key Encryption

Arithmetic modulo primes. Algorithms: bignum arithmetic, repeated squaring.

Discrete log. DiffieHellman Key Exchange. ElGamal. Random self reduction.

Arithmetic modulo composites.

RSA (CRT). Rabin. Bit security.

Vulnerabilities: Factoring, Small private key, broadcast, Random padding.
Timing attacks.
Hashing

Motivation, applications (e.g. virus protection). Message Authentication
Codes (MAC).

Cryptographically Secure Hashing.
Digital Signatures

How to sign using RSA (BellareRogaway). The Digital Signature Standard
(DSS).

Signature schemes. Lamport and Merkle schemes. Certificates.
Real world crypto
 Trust management. Certificate chains, cross certification.
 PGP, PEM, SSL, SKIP, ISAKMP/Oakley.
 Secure file systems. CFS.
 Key Recovery/escrow.
Authentication

UNIX/NT Passwords, salts. One time passwords, S/Key.
Encrypted Key Exchange (EKE). Challenge response authentication.

Definition of zero knowledge proof of knowledge, examples. The FiatShamir
protocol.

Kerberos V4. The NeedhamSchroeder protocol.
Digital Cash

Anonymous cash. Online vs. Offline schemes.

Micropayments: Millicent, payword, micromint. Real Systems: Mondex, VisaCash.
Final Lecture
Last update: Dec, 21, 1997 by
Dan Boneh