CS 255 Syllabus
(Winter 1998)
This course is an introduction to the basic theory and practice of
cryptographic techniques used in computer security. The course is intended
for advanced undergraduates and graduate students.
Topic by lecture - tentative
Introduction
-
History. Overview of cryptography. Attack models.
Secret Key Encryption
-
Information theoretic security. One time pad. Unbreakability of one time
pad. How to break a one time pad. Stream ciphers.
-
Feistel networks. DES. Modes of operation (+ DESX). Luby-Rackoff.
-
Vulnerabilities: Time-space tradeoffs, Differential & Linear cryptanalysis,
Meet-in-the-middle.
-
Key distribution using Trusted Third Parties.
Merkle puzzels.
Public Key Encryption
-
Arithmetic modulo primes. Algorithms: bignum arithmetic, repeated squaring.
-
Discrete log. Diffie-Hellman Key Exchange. ElGamal. Random self reduction.
-
Arithmetic modulo composites.
-
RSA (CRT). Rabin. Bit security.
-
Vulnerabilities: Factoring, Small private key, broadcast, Random padding.
Timing attacks.
Hashing
-
Motivation, applications (e.g. virus protection). Message Authentication
Codes (MAC).
-
Cryptographically Secure Hashing.
Digital Signatures
-
How to sign using RSA (Bellare-Rogaway). The Digital Signature Standard
(DSS).
-
Signature schemes. Lamport and Merkle schemes. Certificates.
Real world crypto
- Trust management. Certificate chains, cross certification.
- PGP, PEM, SSL, SKIP, ISAKMP/Oakley.
- Secure file systems. CFS.
- Key Recovery/escrow.
Authentication
-
UNIX/NT Passwords, salts. One time passwords, S/Key.
Encrypted Key Exchange (EKE). Challenge response authentication.
-
Definition of zero knowledge proof of knowledge, examples. The Fiat-Shamir
protocol.
-
Kerberos V4. The Needham-Schroeder protocol.
Digital Cash
-
Anonymous cash. Online vs. Offline schemes.
-
Micropayments: Millicent, payword, micromint. Real Systems: Mondex, VisaCash.
Final Lecture
Last update: Dec, 21, 1997 by
Dan Boneh