

This course is an introduction to the basic
theory and practice of cryptographic techniques used in computer
security. The course is intended for advanced undergraduates and
graduate students.
Topics  tentative
Introduction
 History. Overview of cryptography. Attack models.
Secret Key Encryption
 Information theoretic security. One time pad.
Unbreakability of one time pad. How to break a one time
pad. Stream ciphers.
 Feistel networks. DES. Modes of operation (+ DESX).
LubyRackoff.
 Vulnerabilities: Timespace tradeoffs, Differential &
Linear cryptanalysis, Meetinthemiddle.
 Key distribution using Trusted Third Parties.
 Merkle puzzels.
Public Key Encryption
 Arithmetic modulo primes. Algorithms: bignum arithmetic,
repeated squaring.
 Discrete log. DiffieHellman Key Exchange. ElGamal.
Random self reduction.
 Arithmetic modulo composites.
 RSA (CRT). Rabin. Bit security.
 Vulnerabilities: Factoring, Small private key, broadcast,
Random padding. Timing attacks.
Hashing
 Motivation, applications (e.g. virus protection). Message
Authentication Codes (MAC).
 Cryptographically Secure Hashing.
Digital Signatures
 How to sign using RSA (BellareRogaway). The Digital
Signature Standard (DSS).
 Signature schemes. Lamport and Merkle schemes.
Certificates.
Real world crypto
 Trust management. Certificate chains, cross
certification.
 PGP, SSL, ISAKMP/Oakley.
 Secure file systems. CFS.
 Key Recovery/escrow.
Authentication
 UNIX/NT Passwords, salts. One time passwords, S/Key.
Encrypted Key Exchange (EKE). Challenge response
authentication.
 Definition of zero knowledge proof of knowledge,
examples. The FiatShamir protocol.
 Kerberos V4. The NeedhamSchroeder protocol.
Digital Cash
 Anonymous cash. Online vs. Offline schemes.
 Micropayments: Millicent, payword, micromint. Real
Systems: Mondex, VisaCash.
Final Lecture
