|
|
Administrative
| Lectures: |
Th, 3:15 - 5:05, Gates 159 |
| Instructor: |
Ilya Mironov |
| Prerequisite: |
CS255 |
| Grading: |
CR/NC or letter |
| Work load: |
Project |
Topics
Advanced topics class on cryptanalysis of symmetric and public-key
primitives and protocols. We will cover recent collision-finding attacks
on hash functions, differential and linear cryptanalysis of block ciphers,
number-theoretic and lattice-based methods of attacking public-key
cryptosystems. CS255 is a prerequisite, although most of the lectures will
be self-contained.
Here is a tentative plan of the course. It will be updated as the
quarter progresses:
| Sep 29: |
Hash functions. Attacks exploiting the Merkle-Damgard structure (poisoned block, Joux's attack), review of recent collision-finding attacks on MD4,MD5,SHA-0,1. Dobbertin's attack on MD4.
|
| Survey: |
Hash functions: Theory, attacks, and applications.
|
| Demo: |
Example of two .ps files colliding under MD5 (based on M. Daum and S. Lucks files): taxes.ps and broccoli.ps. MD5 calculator is here.
|
| Oct 6: |
Birthday paradox: non-uniform case, memoryless algorithms (Floyd, Brent cycle-finding algorithms), parallelization. Random mapping statistics.
Time-memory tradeoffs: permutation, Hellman's, distinguished points, stream ciphers, Fiat-Naor analysis. |
| Oct 13: |
Differential & linear cryptanalyses of DES. Differentials, characteristics, Matsui's piling-up lemma, structures. |
| Oct 20: |
Perfectly non-linear functions. Decorrelation module. Boomerang attack. Non-linearity of inversion. |
| Oct 27: |
AES. BES. XSL. |
| Nov 3: |
Stream ciphers. LFSRs. Berlekamp-Massey algorithm. Correlation attack. Combiners: Geffe's, summation. Shrinking generator. |
| Reading: |
James L. Massey, "Shift-register synthesis and BCH decoding," IEEE Trans. on Information Theory, vol. 15(1), pp. 122-127, Jan 1969.
|
| Nov 10: |
Dlog and factoring: generic algorithms (baby-step giant-step, Pollard's rho and lambda), index calculus, quardratic sieve. TWINKLE and mesh-based algebraic step. |
| Nov 17: |
Cryptanalysis of public-key cryptosystems: lattices, Bleichenbacher's attack, short RSA exponent. |
| Nov 24: |
Thanksgiving! |
| Dec 1: |
Side-channel attacks: timing attacks against RSA, AES; acoustic attack). Fault attacks: RSA, LFSR. |
| Dec 8: |
Project presentations. |
|
