CSC507/609-C: Cryptography
Prof. B. Rosenberg
Fall Semester, 2007-8 (082)
MWF 10:10-11:00
Memorial Building, Room 115
Exams:
- Midterm:
- Final: Tue, May 6, 8-10:30 (take home exam)
Announcements
Class Notes
- Introduction
- Hand ciphers
- Substitution
- Vignere
- Playfair
- Transposition
- Enigma
- Number theory
- The Data Encryption Standard
- Public Key Cryptography and Complexity based cryptography
- Primarlity testing and factoring
- Fermat test and Carmichael numbers
- Miller-Rabin test
- Quadratic Sieve
- p-1 method (homework)
-
Pollard's Rho
(wikipedia)
- RSA is as hard as factoring by an RP reduction
- Discrete Logs
- Generators and primitive roots (section 3.7)
- Quadratic residues and the Legendre symbol
- programs
- Pohlig-Hellman
- Bit security of discrete logs
- Shanks algorithm (big step, little step)
- Index calculus
- Public key encryption
- Diffie-Hellman Key Exchange
- ElGamal encryption
- Bit commitment
- Treaty verification
- Optimal Asymmetric Encryption Padding (OAEP)
- Hash functions
- cyptographic strength: pre-image, strongly and weakly collision-free
- Chaum-van Heijst-Pftzmann hashing (solving ax=b(n) when gcd(a,n)!=1)
- Merkle-Damgard construction
- SHA-1
- Random oracle model
- cyphertext indistiguishability (semantic security)
- Signatures
- Preimage and collision resistance.
- RSA and El Gamal.
- DSA and subgroups.
Homework
- One
- Two
- Chapter 2, problems 1-8, 13, 14, 15, 19 and 20. Due Monday Feb 11.
- Start learning Python, or Javascript/DHTML, your choice. We will be using this for computer experiments.
- Is there anyone reading the Codes and Cryptography book?
- Three
- Section 3.13 exercises 1, 2, 3, 4, 12, 13, 15.
- Section 3.14 problems 1, 2, 4, 5. (Write in Python)
- Write GCD, extended GCD, and fast exponentiation in Python.
- Due: Monday 25 February.
- Four
- Section 4.9 exercises, 1, 2, 4 and 5.
- Section 6.9 problems 2, 4, 6 and 7.
- Due: Monday 3 March.
- Five
- Section 3.13 exercises 25, 26, 29.
- Section 3.13, exercise 20. (challenge problem!)
- Setion 3.14 problems 8, 11 and 12. (Write in Python)
- Due: Monday 17 March.
- Six
- Section 7.6, exercises 1, 2, 3 and 4.
- Section 7.7, problems 1,2 and 3.
- Section 8.8, exercises 1,2 and 3.
- Due: Monday, 31 March
- Seven
- Section 9.6, exercises 2, 3, 4 and 5.
- Section 11.2, exercises 1, 2 and 4.
- Section 12.3, exercise 3, 7 and 8.
- Section 12.4, problem 2.
- Due: Monday, 21 April
- Final
- Section 9.7, problems 1 and 2.
- Setion 13.3, exercises 1 and 2.
- Section 14.3, exercises 2 and 4.
- Section 16.8, problems 1, 2, 3, 4 and 5.
Books
Other resources
References
- Biham, Eli,
Cryptanalysis
of multiple modes of operation ,
J. Cryptology
11:1
(1998) 45-58.
- Biham, Eli,
Cryptanalysis of triple modes of operation,
J. Cryptology
12:3
(1999) 161-184.
- Cramer, Gennaro, Schoenmakers, A secure
and optimally efficient mutli-authority election scheme, Eurocrypt 97.
- Jens
Groth, Extracting
witnesses from proofs of knowledge in the random oracle model
- Cramer, Damgard, Schoenmakers, Proofs
of partial knowledge and simplified design of witness hiding
protocosl, Crypto 94
- Michael Ben-Or, Shafi Goldwasser, Avi Wigderson, Completeness
theorems for non-cryptographic fault-tolerant distributed computation,
Proc. 20-th ACM Symposium on Theory of Computing, 1988. pp 1-10.
- Philippe Oechslin, Making a faster cryptanalytic time-memory trade-off, Crypto 03. (cached)
- M. Bellare, P. Rogaway. Optimal Asymmetric Encryption -- How to encrypt with RSA. Extended abstract in Advances in Cryptology - Eurocrypt '94 Proceedings, Lecture Notes in Computer Science Vol. 950, A. De Santis ed, Springer-Verlag, 1995. (full version (pdf))
- RSA Labs FAQ:
OAEP
Cryptographic Games
- MIT 6.876, Course
in Cryptographic Game Theory.
- The Knowledge Complexity of Interactive Proof-Systems
(PDF)
- Proofs that Yield Nothing But Their Validity,
or All Languages in NP Have Zero-Knowledge Proof Systems
(PDF)
- How To Play Any Mental Game
(PDF)
- Equivalence between two flavours of oblivious transfers
(PDF)
- Completeness Theoerms for Fault Tolerant Distributed Computing
(PDF)
- Parallel Reducibility for Information-Theoretically Secure Computation
(PDF)
SliceOfLife