CIS 798. Applied Cryptology, Fall 2000.

General course information:

• Captain's log: see what was convered when;
• schedule of in-class presentations;
• implementation projects; due on Wednesday, November 29 (extended).
• midterm take-home exam;
• Java programs illustrating number-theoretic concepts that we apply in cryptographic systems;
• course assignments.
• This course is an instance of CIS798 "Topics in Computer Science". It is held in the Fall 1999 in Nichols Hall 122 on MWF from 11:30 A.M. - 12:20 P.M.
• course prerequisites and expected outcomes; to be posted;
• syllabus;
• lecture notes used as text book for this course are available at the KSU Union Copy Center;

Ancillary material: (subject to change)

• Chapter 2:
  • a simple "secure" communication protocol and an attack;
  • RSA public-key cryptographic system;
  • Miller-Rabin algorithm;
  • Witness function for Miller-Rabin algorithm;
  • The groups Z_n and Z_n^*;
  • Square roots of 1;
  • How to compute inverses of units: the Extended Euclid Algorithm;
  • Two key exchange protocols;
• Chapter 3:
  • the secure hash standard;
  • an example of padding in the secure hash standard;
• Chapter 4:
  • the digital signature standard;
  • secure login protocols;
  • secret-sharing protocol;
  • Knowledge inference;
  • Woo-Lam protocol;
  • secure information flow in programs;
• First course segment:
  • To get a quick overview of what this course is about, you may want to read Gary Kessler's survey paper An Overview of Cryptography which also contains plenty of pointers to possible topics you may want to present in class.
  • If you are interested, the ECPP home page features an approach to generating primes that is alternative to the one presented in our lecture notes: a testing algorithm outputs an actual certificate of a number being prime, provided that it has been classified as a being prime; this certificate can then be verified algorithmically. On the more practical side, see the RSA Laboratories documents on public-key cryptology standards.
  • our topic impacts and is impacted by politics; see
    • an International Survey of Encryption Policy by the Electronic Privacy Information Center in Washington, DC,
    • Dorothy Denning's homepage;
• Second course segment:
  • COMPUTER SECURITY STANDARDS AND GUIDELINES by the National Institute of Standards and Technology (NIST) contains a host of standards, guidelines, and current projects for computer security. The ones you may want to implement are
    • Data Encryption Standard, "Federal Information Processing Standards Publication 46-2", supersedes FIPS PUB 46-1; see also the guidelines for implemeting and using the NBS Data Encryption Standard, "Federal Information Processing Standard (FIPS) 74, Guidelines for Implemeting and Using the NBS Data Encryption Standard", and a document on the security of cryptographic modules, "Federal Information Processing Standard (FIPS) 140-1, Security Requirements for Cryptographic Modules";
    • Proposed new standard using triple DES, "Draft Federal Information Processing Standard (FIPS) 46-3, Data Encryption Standard (DES), and Request for Comments";
    • DES Modes of Operation, Federal Information Processing Standards Publication 81 (here you are asked to implement only that mode, or those modes, which are required, or allowed, for implementing the secure hash, DES, and the digital signature standards below);
    • Secure Hash Standard, "Federal Information Processing Standards Publication 180-1";
    • Digital Signature Standard, "Federal Information Processing Standards Publication 186-1" (you need to be able to read a ".pdf" file).
• Third course segment: The following is a list of papers and web sites which you may use for choosing a project and a presentation (this list is by no means meant to be exhaustive):
  • Counterpane's self-study course in Block Cipher Cryptanalysis.
  • Counterpane Systems offers an index of cryptography papers available online; sorted by year or author.
  • Papers on the analysis of cryptographic protocols from the Naval Research Laboratory, Information Technology Division.
  • Papers on the formal verification of security protocols from the Workshop on Formal Methods and Security Protocols, June 25th, 1998, Indianapolis, Indiana.
  • Martin Abadi's page of publications at Compaq Research contains several papers which are worth reading: Notably "A calculus for cryptographic protocols: The spi calculus"; "Reasoning about cryptographic protocols in the spi calculus"; and "Strengthening passwords".
  • Here you can down-load a retyped version of Claude E. Shannon's ground-breaking paper "A Mathematical Theory of Communication".
  • Papers from the Information Hiding Workshop held during the Newton Institute for Math. Sciences Programme on Computer Security, Cryptology and Coding Theory.
  • Verifying Security Protocols Using Isabelle is a project by L. Paulson from Cambridge University which uses a theorem prover and an inductive approach to verify security protocols.
  • Elliptic Curve Discrete Logarithm Problem is a nice web site by Robert Hofer from the Technical University in Graz, Austria, which explains an improvement of cryptographic methods based on the Discrete Logarithm Problem. The improvement comes from the use of elliptic curves over finite fields. See also a tutorial on integer factirozation based on elliptic curves by Eric W. Weisstein.
  • Counterpane's list of cryptography courses.
  • John C. Mitchell's home page is definitely worth a look.

  ---

  Michael Huth (huth@cis.ksu.edu)