CO 487 - Winter 2011

Applied Cryptography

Instructor: David Jao
Office hours: Mon. & Wed. 2-3

Teaching assistants:

Fidel Barrera-Cruz	`fbarrera`	MC 6224	Office hours: Thurs. 3:00-4:00
Edward Knapp	`eknapp`	DC 3142	Office hours: Thurs. 12:30-1:30
Vladimir Soukharev	`vsoukhar`	DC 3142	Office hours: Tue. 3:00-4:00

Course materials

Course outline (https:../../wiki/images/3/34/Co487-2011-outline.pdf)
Handbook of Applied Cryptography, (http://www.cacr.math.uwaterloo.ca/hac/) by A. J. Menezes, P. C. van Oorschot and S. A. Vanstone.

Exams

No notes, calculators, or aids are permitted for examinations.
The midterm examination is scheduled for Wednesday, March 2 from 4:30 to 6:30 pm in HH 1101. There is no class on March 2. In lieu of class, office hours will be held from 10:30 to 12:30.
Sample midterms:
- 2010 (https:../../wiki/images/e/e7/Co487-midterm1.pdf) exam and solutions (https:../../wiki/images/b/bd/Co487-midterm1-solns.pdf)
- 2009 (https:../../wiki/images/2/23/Co487-midterm2.pdf) exam (no solutions available)
The following topics will be represented on the midterm examination:
- Symmetric key encryption
- Hash functions
- Message authentication codes
- RSA encryption and signatures
Solutions (https:../../wiki/images/4/4d/Co487-2011-midterms.pdf) for the midterm
Practice problems (https:../../wiki/images/7/70/Co487-sample-final.pdf) for the final

Assignments

The (tentative) assignment schedule is as follows:

Assignment 1 (https:../../wiki/images/d/de/Co487-2011-a1.pdf) (due January 24)
- Vigenère ciphertexts for problem 1
- Vigenère encryption and decryption applet (https://math.ucsd.edu/~crypto/java/EARLYCIPHERS/Vigenere.html) for problem 1
- Ciphertext $c 1$ (https:../../a1/enc1.txt) for problem 4
- Ciphertext $c 2$ (https:../../a1/enc2.txt) for problem 4
- One-time-pad encryption and decryption oracle (https://djao.math.uwaterloo.ca/cgi-bin/otp.cgi) for problem 4
- Solutions (https:../../wiki/images/4/4e/Co487-2011-s1.pdf) for assignment 1
Assignment 2 (https:../../wiki/images/6/6a/Co487-2011-a2.pdf) (due February 14)
- Solutions (https:../../wiki/images/a/ac/Co487-2011-s2.pdf) for assignment 2
Assignment 3 (https:../../wiki/images/c/cb/Co487-2011-a3.pdf) (due March 7)
- Solutions (https:../../wiki/images/3/33/Co487-2011-s3.pdf) for assignment 3
Assignment 4 (https:../../wiki/images/f/f7/Co487-2011-a4.pdf) (due ~~March 28~~ March 30)
- Solutions (https:../../wiki/images/4/49/Co487-2011-s4.pdf) for assignment 4

Lectures

Course overview
- Introduction (https:../../wiki/images/6/61/Co487-2011-lecture01.pdf)
Symmetric key encryption
- Definitions and classical examples (https:../../wiki/images/5/5c/Co487-2011-lecture02.pdf)
- One-time-pads and stream ciphers (https:../../wiki/images/4/49/Co487-2011-lecture03.pdf)
  - Required reading: Sections 1, 2, 3, 4.1, 4.2, 6 of Intercepting mobile communications: The insecurity of 802.11 (https://www.cs.berkeley.edu/~daw/papers/wep-mob01.pdf) by Nikita Borisov, Ian Goldberg and David Wagner.
- Block ciphers, Feistel networks, DES (https:../../wiki/images/d/d6/Co487-2011-lecture04.pdf)
- Attacks on NDS and DES (https:../../wiki/images/a/a7/Co487-2011-lecture05.pdf)
  - A chosen-plaintext attack on NDS (https:../../wiki/images/f/f7/Co487-2011-NDS.pdf)
- Multiple encryption (https:../../wiki/images/1/17/Co487-2011-lecture06.pdf)
- Block cipher modes of operation (https:../../wiki/images/1/16/Co487-2011-lecture07.pdf)
- Advanced Encryption Standard (https:../../wiki/images/f/ff/Co487-2011-lecture08.pdf)
Hash functions
- Definitions (https:../../wiki/images/4/4f/Co487-2011-lecture09.pdf)
- Iterated hash functions (https:../../wiki/images/1/1a/Co487-2011-lecture10.pdf)
- Exploiting hash collisions (https:../../wiki/images/7/76/Co487-2011-lecture11.pdf)
- Message authentication codes (https:../../wiki/images/9/9c/Co487-2011-lecture12.pdf)
- Kerberos network authentication (https:../../wiki/images/1/18/Co487-2011-lecture13.pdf)
Public-key cryptography
- Introduction (https:../../wiki/images/5/5f/Co487-2011-lecture14.pdf)
- RSA public key cryptosystem
- RSA concepts and example (https:../../wiki/images/c/c3/Co487-2011-lecture15.pdf)
- PKCS #1 v1.5 padding
- RSA signature security (https:../../wiki/images/b/bc/Co487-2011-lecture16.pdf)
- Integer factorization (https:../../wiki/images/7/72/Co487-2011-lecture17.pdf)
- Crypto patents (https:../../wiki/images/e/ef/Co487-2011-lecture18.pdf)
Discrete logarithm cryptography
- Diffie-Hellman key exchange and Elgamal encryption
- Discrete logarithms, Diffie-Hellman, and DHIES
- Digital Signature Algorithm
- Baby-step giant-step
Protocols
- Electronic cash (https:../../wiki/images/f/ff/Co487-2011-lecture19.pdf)
  - Optional reading: Untraceable electronic cash (https://www4.informatik.tu-muenchen.de/lehre/seminare/hs/WS0203/security/Lit/chaum_fiat_naor_ecash.pdf) by David Chaum, Amos Fiat, and Moni Naor
- Electronic voting
  - Optional reading:
    - A secure and optimally efficient multi-authority election scheme (https://www.win.tue.nl/~berry/papers/euro97.pdf) by Ronald Cramer, Rosario Gennaro, and Berry Schoenmakers
    - ThreeBallot (https://en.wikipedia.org/wiki/ThreeBallot) by Ron Rivest
- Pseudorandom bit generation (https:../../wiki/images/f/f2/Co487-2011-lecture20.pdf)
Elliptic curves
- Definition
- Addition law and group structure
- Discrete logarithm problem
- Protocols: Elgamal, ECIES, ECDSA
Security infrastructure
- SSL/TLS and PKI (https:../../wiki/images/d/d4/Co487-2011-lecture21.pdf)
- Internet security (https:../../wiki/images/d/d5/Co487-2011-lecture22.pdf)

Retrieved from "http://djao.math.uwaterloo.ca/w/CO_487_-_Winter_2011"