# Cryptography - Spring 2002

### Dr. Amos Beimel

Webster dictionary defines cryptography as: ``The enciphering and deciphering of messages in secret code or cipher.'' However, modern cryptography is a much broader field; it provides algorithms and protocols which protect honest parties from malicious parties. Malicious parties can, for example, eavesdrop to the communication on the Internet and try to read messages sent by other parties; they can try to impersonate other parties, or login to computers without permission. Basic topics in cryptography include secure encryption, digital signatures, and authentication.

In this course I will discuss these topics, their realizations, and applications. The material covers cryptosystems that are both practical and theoretically interesting. To achieve this goal, I'll also teach some background in number theory that is necessary to understand modern cryptosystems such as RSA. This is a 4-credit course, consisting of two weekly 2-hour meetings. It is intended third year undergraduate students as well as for graduate students. Pre-required course is the algorithms course.

## Course Book:

1. D. R. Stinson. CRYPTOGRAPHY: Theory and Practice. CRC Press. 1995.

## Lectures:

All chapters refer to the above book. Some parts are not covered by the book, references appear below. All lectures are two hours unless indicated otherwise.

 Num. Topic Date Handouts, exercises textbook 1 Introduction. Classic Encryption Systems 11.3.02 Announcement 2 Classic encryptions (continued); their cryptanalysis. 12.3.02 Frequency Table 1 3 Perfect encryption systems. 18.3.02 2.1 4 Data Encryption Standard (DES). 19.3.02 DES, Ex. 1 (ps) (word) cryptogram 3.1-3.3 5 Attacks on DES. Linear Cryptanalysis. 8.4.02 [Matsui] 6 Modes of Operations. Advanced Encryption Standard (AES). 9.4.02 Ex 2 (ps) (word) 3.4 Fips 197 7 (3 hrs) Introduction to Number Theory: modular arithmetic, Euclid's algorithm. 22.4.02 1.1.1, 4.2, 4.4 8 (3 hrs) Number Theory: Chinese remainder theorem, structure of Zp, Quadratic Residues in Zp 23.4.02 4.2 9 (3 hrs) Structure of Zp*q. The RSA public key encryption. 29.4.02 Ex 3 (ps) (word) 4.3, 4.4 10 (3 hrs) RSA: Implementations and Attacks. Intro to Diffie-Hellman Key Exchange, ElGamal Encryption. 30.4.02 [Boneh] 5.1 (until p. 166), 8.2.2 11 (3 hrs) Diffie-Hellman Key Exchange, ElGamal Encryption. 6.5.02 5.1 (until p. 166), 5.1.2 8.2.2 12 (3 hrs) Digital Signatures: Definitions,   Rabin's Signature scheme. 7.5.02 6.1,   4.7 (modified) 13 (3 hrs) ElGamal Signature scheme. Cryptographic Hash functions. 13.5.02 Ex 4 (ps) (word) 6.2 7.1-7.2 14 (3 hrs) Cryptographic Hash functions. Message Authentication Codes (MAC), CBC-MAC. 14.5.02 7.1-7.3,7.53.4.1. 15 (3 hrs) HMAC. Threshold Secret Sharing. 20.5.02 [BCK1] (ps) (pdf) [BCK1] [BCK2] 11.1 16 (3 hrs) Secure Socket Layer (SSL). 21.5.02 Slides: (1)  (2) (3)  (4) (5) [Stallings, 14.1, 14.2] 17 Example questions 9.7.02

[Matsui] M. Matsui. Linear Cryptanalysis Method for DES Cipher. In EUROCRYPT 93, vol. 765 of Lecture Notes in Computer Science, pages 386--397, Springer-Verlag, 1994.
[Boneh] D. Boneh. Twenty years of attacks on the RSA Cryptosystem. In Notices of the American Mathematical Society (AMS), Vol. 46, No. 2, pp. 203--213, 1999.
[BCK1] M. Bellare, R. Canetti, and H. Krawczyk. The HMAC Construction (ps) (pdf). CryptoBytes, Vol. 2, No 1, pages 12-15, 1996.
[BCK2] M. Bellare, R. Canetti, and H. Krawczyk. Keying Hash Functions for Message Authentication. Abridged version appears in CRYPTO '96, vol. 1109 of Lecture Notes in Computer Science, pages 1-15, Springer-Verlag, 1996.

## Other Books:

1. A. J. Menezes, P. C. van Oorschot and S. A. Vanstone. The Handbook of Applied Cryptography. CRC Press. 1996. Available online.
2. W. Stallings. Cryptography and Network Security. Second Edition. Prentice Hall. 1998.

Final exam, 70%. Students MUST PASS the exam to pass the course.
Homework assignments, 30%. There will be about 5 homework assignments. These assignments do not include any programming.

## Information:

 Lectures hours: Monday 18-20, Room 136 Building 90 Tuesday 18-20, Room 109 Building 34 Reception hours: Tuesday 16-18, Room 205 Building 58 (Math and CS) E-mail: beimel at cs.bgu.ac.il Phone: 647 7858

## Syllabus

All chapters refer to the book of Stinson. Some parts are not covered by the book.
1. Introduction
• Overview of course.
• Classical cryptography [parts of Chapter 1].
2. Secret Key Encryption
• Perfect Secrecy - One time pads [Chapter 2.1].
• Stream ciphers and the Data Encryption Standard (DES) [Chapter 3 (excluding 3.6)].
3. Public Key Encryption
• Factoring and the RSA encryption [Chapter 4.1 - 4.4].
• Discrete log. Diffie-Hellman Key Exchange [Chapter 8.4 (only pages 270-273)].
ElGamal encryption [Chapter 5 (only pages 162-164)] .
4. Digital Signatures [Chapter 6 (excluding 6.5 - 6.6)]
• One-time signatures.
• Rabin and ElGamal signatures schemes.
• Digital Signature Standard (DSS).
5. Hashing
• Motivation and applications. Cryptographically Secure Hashing. [Chapter 7.1-7.3,7.6]
• Message Authentication Codes (MAC). CBC-MAC, HMAC.
6. Network Security
• Secure Socket Layer (SSL).
• IPsec.
7. Secret Sharing
• Definition. Shamir's threshold scheme [Chapter 11.1].
• Visual secret sharing schemes.

## Old Exams (in Hebrew)

1. Spring 2000 - Moed A
2. Spring 2000 - Moed B
3. Spring 2001 - Moed A (ps file) (word file)
4. Spring 2001 - Moed B (ps file) (word file)