CO 487: Applied Cryptography (Winter 2015)

Instructor: David Jao, djao@math, MC 5032
Office hours: MWF 10:00am-11:30am

Teaching assistants:

Kenwrick Mayo	kamayo	MC 6011	Office hours: WTh 11:30-12:30
Luis Ruiz-Lopez	laruizlo	MC 5497	Office hours: WF 12:30-1:30pm
Anirudh Sankar	asankara	MC 5133	Office hours: F 1:00-2:00pm
Chris Leonardi	cfoleona	MC 5481	Office hours: M 3:30-4:30pm, T 1:00-2:00pm

It is highly recommended that students join the Google+ community (https://plus.google.com/communities/107377900372235365251) for CO 487 to keep up to date with online discussions of assignment problems and administrative issues.

Course materials

• Course outline (https:../../wiki/images/c/cc/CO487-2015-outline.pdf)
• Handbook of Applied Cryptography, (http://www.cacr.math.uwaterloo.ca/hac/) by A. J. Menezes, P. C. van Oorschot and S. A. Vanstone.
• Midterm problems from past years (https:../../wiki/images/c/ce/CO487-2015-midterm-practice.pdf)
• More midterm problems from past years (https:../../wiki/images/7/7e/CO487-2015-midterm2-practice.pdf)
• Final exam problems from past years (https:../../wiki/images/e/e0/CO487-2015-final.pdf)

Schedule

The (tentative) schedule for the course is as follows:

• Assignment 1 (https:../../wiki/images/4/40/Co487-2015-a1.pdf) (due Monday, January 19)
  • Vigenère ciphertexts for problem 1
  • Ciphertext c₁ (https:../../a1/enc1.txt) for problem 2
  • Ciphertext c₂ (https:../../a1/enc2.txt) for problem 2
  • One-time-pad encryption and decryption oracle (https://djao.math.uwaterloo.ca/cgi-bin/otp.cgi) for problem 2
  • Solutions (https:../../wiki/images/d/da/Co487-2015-s1.pdf) for assignment 1
• Assignment 2 (https:../../wiki/images/8/88/Co487-2015-a2.pdf) (due Monday, February 2)
  • A Tutorial on Linear and Differential Cryptanalysis (https://dx.doi.org/10.1080/0161-110291890885) (required reading)
    • To download, click on "Download full text", then "Shibboleth", and enter your login.
  • Ciphertexts for linear cryptanalysis for problem 2
  • Ciphertexts for differential cryptanalysis for problem 3
  • Solutions (https:../../wiki/images/8/8a/Co487-2015-s2.pdf) for assignment 2
• Midterm Examination #1 (https:../../wiki/images/d/d5/CO487-2015-midterm1.pdf) (Monday, February 9, in class)
• Assignment 3 (https:../../wiki/images/6/68/Co487-2015-a3.pdf) (due Monday, February 23 Wednesday, February 25)
  • Ciphertexts (https:../../a3/rc4-ciphertexts.txt) for problem 1
  • Solutions (https:../../wiki/images/3/3b/Co487-2015-s3.pdf) for assignment 3
• Assignment 4 (https:../../wiki/images/0/08/Co487-2015-a4.pdf) (due Monday, March 9)
  • Solutions (https:../../wiki/images/4/48/Co487-2015-s4.pdf) for assignment 4
• Midterm Examination #2 (https:../../wiki/images/e/e1/CO487-2015-midterm2.pdf) (Monday, March 16, in class)
• Assignment 5 (https:../../wiki/images/9/9f/Co487-2015-a5.pdf) (due Monday, March 30 Wednesday, April 1)
  • Solutions (https:../../wiki/images/b/b9/Co487-2015-s5.pdf) for assignment 5

Lectures

1. Introduction (https:../../wiki/images/3/3d/CO487-2015-slides01.pdf) (January 5)
2. Symmetric-key encryption (https:../../wiki/images/9/97/CO487-2015-slides02.pdf) (January 7)
   • Claude Shannon, A Mathematical Theory of Communication (https://cm.bell-labs.com/cm/ms/what/shannonday/shannon1948.pdf) (optional reading)
3. Design of symmetric key cryptosystems (https:../../wiki/images/d/d0/CO487-2015-slides03.pdf) (January 9)
4. Data Encryption Standard (https:../../wiki/images/6/61/CO487-2015-slides04.pdf) (January 12)
5. Advanced Encryption Standard (https:../../wiki/images/e/e0/CO487-2015-slides05.pdf) (January 14)
   • AES animation (https://www.formaestudio.com/rijndaelinspector/archivos/Rijndael_Animation_v4_eng.swf) by Enrique Zabala
6. Security definitions for symmetric-key encryption (https:../../wiki/images/d/d5/CO487-2015-slides06.pdf) (January 16)
   • Claude Shannon, Communication Theory of Secrecy Systems (https://netlab.cs.ucla.edu/wiki/files/shannon1949.pdf) (optional reading)
7. Linear cryptanalysis (https:../../wiki/images/5/5d/CO487-2015-slides07.pdf) (January 19)
   • A Tutorial on Linear and Differential Cryptanalysis (https://dx.doi.org/10.1080/0161-110291890885) (required reading)
     • To download, click on "Download full text", then "Shibboleth", and enter your login.
8. Differential cryptanalysis (https:../../wiki/images/b/b2/CO487-2015-slides08.pdf) (January 23)
9. Stream ciphers (https:../../wiki/images/7/70/CO487-2015-slides09.pdf) (January 26)
10. Wireless (in)security (https:../../wiki/images/3/31/CO487-2015-slides10.pdf) (January 28)
    • N. Borisov, I. Goldberg, and D. Wagner, Intercepting Mobile Communications: The Insecurity of 802.11 (https://www.isaac.cs.berkeley.edu/isaac/mobicom.pdf) (optional)
    • S. Fluhrer, I. Mantin, and A. Shamir, Weaknesses in the Key Scheduling Algorithm of RC4 (https://wiki-files.aircrack-ng.org/doc/technique_papers/rc4_ksaproc.pdf) (optional)
11. Hash functions (https:../../wiki/images/9/92/CO487-2015-slides11.pdf) (January 30)
12. Finding collisions in hash functions (https:../../wiki/images/0/07/CO487-2015-slides12.pdf) (February 2)
13. Collisions in iterated hash functions (https:../../wiki/images/f/fe/CO487-2015-slides13.pdf) (February 4)
14. Exploiting hash collisions (https:../../wiki/images/9/91/CO487-2015-slides14.pdf) (Feburary 11)
15. Cryptography and law (https:../../wiki/images/e/e4/CO487-2015-slides15.pdf) (Feburary 13)
16. Message authentication codes (https:../../wiki/images/e/ee/CO487-2015-slides16.pdf) (Feburary 23)
17. Hash-based MACs (https:../../wiki/images/f/fb/CO487-2015-slides17.pdf) (Feburary 25)
18. Authenticated encryption (https:../../wiki/images/9/91/CO487-2015-slides18.pdf) (February 27)
19. Public-key cryptography (https:../../wiki/images/f/f0/CO487-2015-slides19.pdf) (March 2)
20. RSA encryption (https:../../wiki/images/8/8c/CO487-2015-slides20.pdf) (March 4)
    • R. Rivest, A. Shamir, and L. Adleman, A Method for Obtaining Digital Signatures and Public-Key Cryptosystems (https://people.csail.mit.edu/rivest/Rsapaper.pdf) (optional)
    • Cryptographic communications system and method (https://www.google.com/patents/US4405829), US patent 4405829 (optional)
21. Security definitions for public-key encryption (https:../../wiki/images/5/51/CO487-2015-slides21.pdf) (March 6)
22. Diffie-Hellman and Elgamal (https:../../wiki/images/2/24/CO487-2015-slides22.pdf) (March 9)
    • W. Diffie and M. Hellman, New Directions in Cryptography (https://www-ee.stanford.edu/~hellman/publications/24.pdf) (optional)
    • Cryptographic apparatus and method (https://www.google.com/patents/US4200770), US patent 4200770 (optional)
23. Hybrid encryption (https:../../wiki/images/1/14/CO487-2015-slides23.pdf) (March 11)
24. Computational complexity (https:../../wiki/images/8/89/CO487-2015-slides24.pdf) (March 13)
25. Digital signatures (https:../../wiki/images/a/ab/CO487-2015-slides25.pdf) (March 18)
26. Elliptic curve cryptography (https:../../wiki/images/4/4f/CO487-2015-slides26.pdf) (March 20)
27. Public-key infrastructure (https:../../wiki/images/7/73/CO487-2015-slides27.pdf) (March 23)
28. Bitcoin (https:../../wiki/images/4/40/CO487-2015-slides28.pdf) (March 25)
    • S. Nakamoto, Bitcoin: A peer-to-peer electronic cash system (https://bitcoin.org/bitcoin.pdf) (optional)
29. Side-channel attacks (https:../../wiki/images/5/57/CO487-2015-slides29.pdf) (March 27)
30. Hardware implementations (https:../../wiki/images/b/bc/CO487-2015-slides30.pdf) (March 30)
31. Quantum cryptography (https:../../wiki/images/f/f6/CO487-2015-slides31.pdf) (April 1)