[Home |
Coding Theory Course Outline]
##
Cryptography Course

Text: Handbook of Applied Cryptography

Duration: 35 1-hour lectures (12 weeks, 3hrs/week)

(1 lecture for midterm makes total 36)

[Resources
| Optional Topics
| Project Suggestions]

**Lecture 1: Overview and Introduction to Cryptography**

Text: 1.1-1.4

course overview
discuss "big picture"
basic definitions (e.g., alphabets, plaintext, key, etc)
**Lecture 2: Mathematical Background I**

Text: 2.6, 14.3

gcd, a|b, euclidean algorithm, extended euclidean algorithm
introduce congruences, modular arithmetic
**Lecture 3: Mathematical Background II**

Text: 2.4

Chinese Remainder Theorem
residue classes, reduced residue systems
**Lecture 4: Mathematical Background III**

Text: 2.5

Abelian Groups
**Lecture 5: Symmetric Cryptosystems**

Text: 1.5, 7.1-7.3

definitions (e.g., symmetric, perfect secrecy)
security, types of attacks (e.g., chosen-plaintext, ciphertext-only, ...),
cryptanalysis (e.g., frequency analysis)
classic examples (substitution ciphers, vigenere, one-time pad)
**Lecture 6: Stream Ciphers **

Text: ch. 6

Basic Definitions and Framework
Stream ciphers: using a pseudorandom bit generator to generate a keystream.
The RC4 stream cipher: key scheduling algorithm and keystream generator.
**Lecture 7: Block Ciphers, Feistel Ciphers**

Text: ch. 7

Definition of Block Ciphers,
how classic examples from lecture 5 work as block ciphers
modes of operation for Block Ciphers
definition, examples of Feistel Ciphers
**Lecture 8: Multiple Encryption**

Text: 2.1, 7.2-7.3

The birthday paradox
Double-encryption
Meet-in-the-middle attacks
Triple-encryption
**Lecture 9: DES/AES**

Text: 7.4

high-level description of DES
attacks
discuss AES
**Lecture 10: Hash Functions**

Text: ch. 9

description, construction and properties
keyed vs. unkeyed
attacks
**Lecture 11: More on Hash Functions**

Text: ch. 9

iterated hash functions
advanced attacks on hash functions
**Lecture 12: Data Integrity, Authentication, MAC**

Text: 9.5 - 9.7

Definition of a secure MAC algorithm.
Applications of MAC algorithms (data integrity, data origin authentication).
Generic attacks on MAC algorithms
**Lecture 13: Assymmetric Cryptosystems**

Text: ch. 8

definitions, overview and introduction
exponential ciphers
**Lecture 14: Algorithmic Number Theory**

Text: 2.3

input size
running time of an algorithm, big-O notation
polynomial time
running time for basic integer operations
**Lecture 15: Number Theory Background**

Text: 2.4, 4.6

Generator of Z_{n}*, where n is prime.
The Euler phi function.
Number of elements of order t in Z_{p}*.
**Lecture 16: Probabilistic Primality Testing**

Text: 4.1 - 4.2

Fermat Test
Miller-Rabin Test
Carmichael Numbers
**Lecture 17: True Primality Testing**

Text: 4.3

Mersenne numbers
prime test using factorization of n-1
Prime number generation (random search, strong primes)
**Lecture 18: Factoring Integers I**

Text: 3.2

trial division
quadratic sieve, running time
multiple polynomial variant
parallization
**Lecture 19: Factoring Integers II**

Text: 3.2

Pollard's rho algorithm
Pollard's p-1 algorithm
**Lecture 20: Introduction to RSA**

Text: 8.1 - 8.2, 11.3

key-pair generation
encryption scheme
signature scheme
**Lecture 21: Security of RSA Encryption**

Text: 3.3, 8.2

The RSA problem (RSAP) and its relation to factoring
Chosen-ciphertext attack on Basic RSA
Forward search attack on Basic RSA
**Lecture 22: Security of RSA Key Generation**

Text: 11.3

security of the key generation process
**Lecture 23: Discrete Logarithm Cryptographic Schemes**

Text: 3.6, 11.5

The discrete logarithm problem
The digital signature algorithm (DSA)
**Lecture 24: Diffie-Hellman, ElGamal**

Text: 3.7, 8.4, 11.5, 12.6

Diffie-Hellman key exchange
ElGamal Cryptosystem and signature scheme
**Lecture 25: Diffie-Hellman, ElGamal CONT'D**

finish covering topics of lecture 24
**Lecture 26: Key Establishment**

Text: ch. 12

framework
key transport (symmetric)
key agreement (symmetric)
analysis of key establishment protocols
**Lecture 27: Identification Protocols**

Text: ch. 10

passwords (weak)
challenge-response (strong)
attacks
**Lecture 28: Digital Signatures**

Text: 11.2, 11.6, 11.8

framework (section 11.2 of text)
one time digital signatures
signatures with additional functionality
**Lecture 29: Public Key Management I**

Text: 13.1 - 13.4

basic concepts
Authentication trees
**Lecture 30: Public Key Management II**

Text: 13.4, 13.6 - 13.8

Certification authorities.
Public-key infrastructure.
The certification process.
Trust models (cross certification).
**Lecture 31: Wireless Security, 802.11**

Text: -- External source required --

Wired Equivalent Privacy (WEP) security protocol.
Security goals of WEP (confidentiality, data integrity, access control).
Description of the WEP protocol.
Note: this lecture will require use of some papers on 802.11 as
it is not covered in the textbook
**Lecture 32: Analysis of 802.11 security**

Text: -- External source required --

Confidentiality is not provided (since IV collisions can be found)
Data integrity is not provided (since the checksum is linear)
Access control is not provided (since the integrity function is unkeyed)
Devastating attack by Fluhrer, Mantin and Shamir
Key recovery by a passive adversary
Script kiddies: Airsnort, WEPCrack. (Definition of a script kiddie)
**Lecture 33: Internet Security**

Text: 15.3.5, external source also required

IPsec and Virtual private networks (VPNs)
Web security (SSL/TLS)
**Lecture 34: Current Events **

Text: -- External source required --

choose a recent, relevant security topic
security news and cryptographic journals should provide
plenty of topics
**Lecture 35: Overflow Lecture/Review**

This lecture is unplanned in order to leave room for
some other lecture to require 2 sessions
or a holiday will cause a lecture day to be missed
if this is not necessary, a final exam review is useful for students
[Top]

**Resources**

Cryptography Seminar
CO 487
Encryption web course
Cryptography papers available
online
**Additional Optional Topics**

use of elliptic curves in cryptography
quantum cryptography
DNA encryption
patents and licensing, Canada's laws about cryptography
**Project Suggestions**

research paper (students choose topic, provide list of suggestions)
computer-based project: implement simple attacks to be tested on
messages written by prof, or implement simple cryptosystem, or implement
prime number generator