Cryptography - Spring 2000

Dr. Amos Beimel

Webster dictionary defines cryptography as: ``The enciphering and deciphering of messages in secret code or cipher.'' However, cryptography today is a much broader field; it aims to protect honest parties from malicious parties. For example, malicious parties can eavesdrop to the communication on the Internet and try to read messages sent by other parties; they can try to impersonate other parties, or login to computers without permission. Basic topics in cryptography are secure encryption, digital signatures, and fault-tolerant protocols. The course will cover these topics, their realizations, and applications.

This is a 4-credit course, consisting of two weekly 2-hour meetings. It is intended for graduate students and third year undergrad students. Pre-required course is the algorithms course.

Announcements:

Ex 4 is checked. You can come to my office and take it.

Tests

Course Book:

D. R. Stinson. CRYPTOGRAPHY: Theory and Practice. CRC Press. 1995.

Lectures:

Num.	Topic	Date	Handouts, exercises	textbook
1	Introduction. Overview of course	21.2.00	Announcement
2	Classical encryptions and their cryptanalysis.	22.2.00		Chapter 1
3	Perfect encryption: definition, examples, and limitations.	28.2.00		Chapter 2.1
4	Data Encryption Standard (DES).	29.2.00	DES, Ex1	Chapters 3.1-3.3
5	Attacks on DES.	6.3.00		[Matsui]
6	DES modes of operations. Modular Arithmetic.	7.3.00		Chapter 3.4 Chapter 1.1.1
7	More Number Theory.	13.3.00		Chapters 4.2, 4.4
8	Even more Number Theory.	14.3.00	Ex2	Chapter 4.2
9	Arithmetic modulo composites.	27.3.00
10	The RSA public key encryption.	28.3.00		Chapters 4.3, 4.4
11	Attacks on RSA.	3.4.00		[Boneh]
12	Diffie-Hellman Key Exchange, ElGamal Encryption.	4.4.00		Chapters 5.1 (until p. 166), 8.2.2
13	Digital Signatures: Definitions, Rabin's Signature scheme.	10.4.00	Ex3	Chapter 6.1, Chapter 4.7 (modified)
14	ElGamal Signature scheme .	11.4.00		Chapter 6.2
15	DSS Signature scheme .	1.5.00		Chapter 6.3
16	Cryptographic Hash functions.	2.5.00		Chapters 7.1-7.3,7.6
17	Message Authentication Codes (MAC), CBC-MAC.	15.5.00	HMAC [BCK1] (ps) (pdf)	Chapter 3.4.1
18	HMAC and MAC based on universal hashing.	16.5.00	ex4	[BCK2]
19	Secure Socket Layer (SSL).	22.5.00	Slides: (1) (2) (3) (4)	[Stallings,Chapters 14.1, 14.2]
20	SSL (cont.), Brief description of Secure Electronic Transmission (SET).	23.5.00	Slides: (5) (6)	[Stallings,Chapters 14.3 (pages 461-467)]
21	Thershold Secret Sharing Schemes.	29.5.00		[Chapter 11.1]
22	General Secret Sharing Schemes.	5.6.00		[Chapter 11.2]
23	Summary of Course.	6.6.00

[Matsui] M. Matsui. Linear Cryptanalysis Method for DES Cipher. In EUROCRYPT 93, vol. 765 of Lecture Notes in Computer Science, pages 386--397, Springer-Verlag, 1994.
[Boneh] D. Boneh. Twenty years of attacks on the RSA Cryptosystem. In Notices of the American Mathematical Society (AMS), Vol. 46, No. 2, pp. 203--213, 1999.
[BCK1] M. Bellare, R. Canetti, and H. Krawczyk. The HMAC Construction. CryptoBytes, Vol. 2, No 1, pages 12-15, 1996.
[BCK2] M. Bellare, R. Canetti, and H. Krawczyk. Keying Hash Functions for Message Authentication. Abridged version appears in CRYPTO '96, vol. 1109 of Lecture Notes in Computer Science, pages 1-15, Springer-Verlag, 1996.
[Stallings] W. Stallings. Cryptography and Network Security. Second Edition. Prentice Hall. 1998.

Syllabus:

Introduction
- Overview of course
- Classical cryptography [Chapter 1].
Secret Key Encryption
- Perfect Secrecy - One time pads [Chapter 2.1].
- Merkle puzzles.
- Stream ciphers and the Data Encryption Standard (DES) [Chapter 3 (excluding 3.6.2 -3.6.3)].
Public Key Encryption
- Factoring and the RSA encryption [Chapter 4 (excluding 4.5 -4.8)].
- Discrete log. Diffie-Hellman Key Exchange [Chapter 8.4 (only pages 270-273)] . El Gamal encryption [Chapter 5 (only pages 162-164)] .
Digital Signatures [Chapter 6 (excluding 6.5 - 6.6)]
- One-time signatures.
- Rabin and ElGamal signatures schemes.
- Digital Signature Standard (DSS).
Hashing [parts of Chapter 7]
- Motivation and applications.
- Cryptographically Secure Hashing.
- Message Authentication Codes (MAC).
Network Security
- Secure Socket Layer (SSL)
- IPsec
Secret Sharing [Chapter 11.1,11.2,11.3]
- Definition. Shamir's threshold scheme.
- General secret sharing schemes.
- Visual secret sharing schemes.

Other Books:

A. J. Menezes, P. C. van Oorschot and S. A. Vanstone. The Handbook of Applied Cryptography. CRC Press. 1996. Available online.
W. Stallings. Cryptography and Network Security. Second Edition. Prentice Hall. 1998.

Grades:
Final exam, 70%. Students MUST PASS the exam to pass the course.
Homework assignments, 30%. There will be 5 homework assignments.

Information:

Lectures hours: Monday 18-20, Room 201 Building 28
Tuesday 18-20, Room 102 Building 28
Reception hours: Wednesday 13-15, Room 205 Building 58 (Math)
E-mail: beimel at cs.bgu.ac.il
Phone: 647 7858
Course home page: http://www.cs.bgu.ac.il/~beimel/Courses/crypto/crypto.html

Links:

list of cryptography courses

Lectures hours:	Monday 18-20, Room 201 Building 28
	Tuesday 18-20, Room 102 Building 28
Reception hours:	Wednesday 13-15, Room 205 Building 58 (Math)
E-mail:	beimel at cs.bgu.ac.il
Phone:	647 7858
Course home page:	http://www.cs.bgu.ac.il/~beimel/Courses/crypto/crypto.html