Course Syllabus
Winter 2014
Optional reading can be found in two texts listed below (KL and HAC). Only one of these books is needed and KL is a much better fit for the class. Students opting for a free book can find some of the material in HAC.
- KL: Introduction to Modern Cryptography by J. Katz and Y. Lindell.
- HAC: (free) Handbook of Applied Cryptography by A. Menezes, P. Van Oorschot, S. Vanstone.
Syllabus
Lecture 1:
1/ 6/14
|
History and overview of cryptography
|
Lecture 2:
1/ 8/14
|
Identification protocols
[pdf]
Password protocols, salts, PBKDF2; one time passwords (S/Key and SecurID);
Reading:
HAC Ch. 10.
challenge response authentication. |
Basic symmetric-key encryption | |
Lecture 3:
1/13/14
|
One time pad and stream ciphers
perfect secrecy and the one time pad.
Reading:
KL 29-40, 61-77 ; HAC 20-21, 191-194.
semantic security and stream ciphers. |
Lecture 4:
1/15/14
|
Block ciphers
Case studies: Feistel networks, DES, 3DES, and AES.
Reading:
KL 159-187; HAC 233-237, 250-259
basic modes of operation: CBC and counter mode. |
Lecture 5:
1/20/14
|
Block cipher abstractions: PRPs and PRFs
[pdf]
Pseudo Random Permutations (PRP); Pseudo Random Functions (PRF);
Reading:
KL 86-88, 94-102 ; HAC 228-230
security against chosen plaintext attacks (CPA); nonce-based CBC encryption and nonce-based counter mode. |
Holiday: 1/22/14 |
MLK: no classes |
Lecture 6:
1/27/14
|
Attacks on block ciphers
exhaustive search, time-space tradeoffs,
Reading:
KL 82-85, 89-90
differential & linear cryptanalysis, meet in the middle, side channels. |
Message integrity | |
Lecture 7:
1/29/14
|
Message integrity: definition and applications
CBC-MAC and PMAC.
Reading:
KL 111-126
|
Lecture 8:
2/ 3/14
|
Collision resistant hashing
Merkle-Damgard and Davies-Meyer. MACs from collision resistance.
Reading:
KL 127-143 ; HAC 333-335, 339-341, 348
Case studies: SHA and HMAC. |
Lecture 9:
2/ 5/14
|
Authenticated encryption: security against active attacks
also: intro to session setup using a key distribution center (KDC).
Reading:
KL 148-154
|
Public key cryptography | |
Lecture 10:
2/10/14
|
Arithmetic modulo primes
Summary of relevant facts: pdf. |
Lecture 11:
2/12/14
|
Cryptography using arithmetic modulo primes
vanilla key exchange (Diffie-Hellman);
the CDH and discrete-log assumptions
Reading:
KL 315-339, 364-368
|
Lecture 12:
2/17/14
|
Public key encryption
semantically secure ElGamal encryption;
CCA security
Reading:
KL 315-339, 364-368
|
Holiday: 2/19/14 |
President's day: no classes. |
Lecture 13:
2/24/14
|
Arithmetic modulo composites
[pdf]
RSA and Rabin functions.
Reading:
KL 355-364 how to encrypt with trapdoor permutations. Summary of relevant facts: pdf. |
Digital signatures | |
Lecture 14:
2/26/14
|
Digital signatures: definitions and applications
How to sign using RSA.
Reading:
KL 421-432
|
Lecture 15:
3/ 3/14
|
More signature schemes
Lamport and Merkle schemes.
Reading:
KL 432-453
overview of signatures based on discrete-log. certificates and trust management. |
Final topics | |
Lecture 16:
3/ 5/14
|
Real world crypto: SSL/TLS and IPsec
record protocol. key exchange. password-based key exchange.
Reading:
None.
|
Lecture 17:
3/10/14
|
The EMV payment protocol
[pdf]
|
Lecture 18:
3/12/14
|
Advanced topics. TBD
|