Math 690 Fall 2000, MW 12-1:30 DRL 4C8
Mathematical Foundations of Computer Security
Office: Room 4E6 in David Rittenhouse Laboratory
Telephone: eight five nine eight three
( Math. Dept. Office: eight eight one seven eight )
Fax: three four zero six three
E-mail: lastname at math
Office Hours: By appointment
- "Handbook of Applied Cryptography" by Menezes, van Oorschot, and Vanstone.
CRC Press, 1996. ISBN: 0-8493-8523-7.
- "Cryptography: Theory and Practice" by Stinson. CRC Press, 1996,
The Fourth Printing. ISBN: 0-8493-8521-0.
About This Course
"What is to distinguish a digital dollar when it is as easily reproducible
as the spoken word? How do we converse privately when every syllable is
bounced off a satellite and smeared over an entire continent? How should a
bank know that it really is Bill Gates requesting from his laptop in Fiji
a transfer of $100,000,.....,000 to another bank? Fortunately, the
mathematics of cryptography can help. Cryptography provides techniques
for keeping information secret, for determining that information has not
been tampered with, and for determing who authored pieces of information."
(From the Foreword by R. Rivest to the "Handbook of Applied Cryptography"
by Menezes, van Oorschot, and Vanstone.)
This course will be followed by a course on Advanced Topics
in Mathematical Foundations of Computer Security, Math 691,
in Spring 2001.
Basic Concepts of Cryptology, Substitution Ciphers, Permutation Ciphers,
Vigenere Cipher, Rotor Machines, Attack Models, Needham-Schroeder Key Exchange
Protocol.Overview of Probability Theory: Probability Distribution, Random
Variable, Conditional Probability, Bayes Theorem, Expected Value.
Symmetric Ciphers, Block Ciphers, One-Time Pad, Information-Theoretic
Properties of One-Time Pad, Perfect Secrecy, Misuses of One-Time Pad,
Malleability. Stream Ciphers, Linear Feedback Shift Register, Golomb's
Randomness Postulates, Linear Complexity, Non-linear Filters, Knapsack
Keystream Generator. Feistel Networks, Data Encryption Standard, S-boxes,
Key Schedule, DES Properties, DES Modes of Operation, Message Authentication
Code, Exhaustive Search Attack, Triple DES, DESX, Matsui's Linear Cryptanalysis
of DES. Public-Key Cryptography Overview, Merkle Puzzles.
Introduction to Number Theory: Modular Exponentiation by
Repeated Squaring, Prime Factors of (b^n) - 1, Finite Fields,
Roots of Unity, Quadratic Residues, Legendre Symbol, Jacobi Symbol,
Law of Quadratic Reciprocity, Computation of Square Roots Modulo p,
Probabilistic Tests for Primality: Solovay-Strassen Test, Miller-Rabin Test.
Diffie-Hellman Key Exchange, Person-in-the Middle Attack. Discrete
Logarithm, Random Self-Reduction, Giant-Step Baby-Step Algorithm,
Pohlig-Hellman Algorithm, ElGamal Public-Key Cryptosystem.
RSA Public-Key Cryptosystem, Attacks on RSA: Pollard's p - 1
Algorithm, Low Private Exponent, Low Public Exponent.
Digital Signatures, Selective Forgery, Existential Forgery,
Signature Schemes Based on RSA: PKCS #1, Signature Schemes Based on Discrete
Logarithm: ElGamal Signature Scheme, Digital Signature Standard.
Hash Functions, Preimage Resistance, Second Preimage Resistance,
Collision Resistance, Compression Functions, Merkle-Damgard Iteration
Construction, Cryptographic Message Authentication Code, Information-Theoretic
Message Authentication Code. Key Distribution and Authentication Protocols:
TMN Protocol, Kerberos, Wide-Mouthed Frog, Woo-Lam, Yahalom.
Formal Methods in the Analysis of Cryptographic Protocols.
J.P. Anderson. Computer Security Technology Planning Study.
ESD-TR-73-51, ESD/AFSC, Hanscom AFB, Bedford, MA (Oct. 1972)
[NTIS AD-758 206].
M. Bishop's History of Computer Security Web Site at UC Davis.
- O. Goldreich. "Modern Cryptography, Probabilistic Proofs and
Pseudo-randomness." Springer-Verlag, 1999. ISBN: 3-540-64766-X.
O. Goldreich. Foundations of Cryptography (Fragments of a Book).
- B. Schneier. "Applied Cryptography : Protocols, Algorithms, and Source
Code in C." John Wiley & Sons, 1995. ISBN: 0471117099.
Ron Rivest's Cryptography and Security Page at MIT.
The Cypherpunks Home Page at UC Berkeley.
Crypto FAQ site at RSA Security.
- M. Matsui. Linear cryptanalysis method for DES cipher.
In: Advances in Cryptology, Eurocrypt '93, Lecture Notes in Computer
Science 765, pages 386-397, Springer-Verlag, 1993.
- M. Matsui. The first experimental cryptanalysis of the
data encryption standard. In: Advances in Cryptology, Crypto '94,
Lecture Notes in Computer Science 839, pages 1-11, Springer-Verlag, 1994.
J. Clark and J. Jacob. A Survey of Authentication Protocol Literature.
Version 1.0, November, 1997.
- R. Kemmerer, C. Meadows, and J. Millen. Three Systems for Cryptographic
Protocol Analysis. Journal of Cryptology, Vol. 7, no. 2, 1994.
J.C. Mitchell, M. Mitchell, and U. Stern. Automated Analysis of Cryptographic
Protocols Using Murphi, IEEE Symp. Security and Privacy, Oakland, 1997, pages
In the news ...
Take-Home Midterm Due in DRL 4E6 on Monday, November 6 at 4 p.m.
This is a complete list of assignments due November 6, 2000.
- Stinson, pp. 39-40, Exercises 1.1 (b) and (d).
- Stinson, pp. 67-69, Exercises 2.1, 2.3, 2.4, 2.15, 2.16, and 2.17.
- Stinson, pp. 110-111, Exercises 3.1, 3.2, 3.3, 3.4, and 3.5.
Take-Home Final Exam Due in DRL 4E6 Tuesday, December 19 at 4 p.m.
This is a complete list of assignments due December 19, 2000.
- Using the Fundamental Theorem of Arithmetic, prove that the product
of (1 - 1/p) over all primes p is zero.
- Prove that if (2^n) - 1 is a prime, then n is a prime,
and if (2^n) + 1 is a prime, then n is a power of 2.
The first type of prime is called a Mersenne prime, and the second type
is called a Fermat prime.
- Show that there exists a natural number N such that
whenever p is a Fermat prime or a Mersenne prime,
discrete logarithm in F_p is computable in O((log^N)(p))
bit operations. Show that this implies that breaking the Diffie-Hellman
Key Exchange Protocol is easy for Fermat primes and Mersenne primes.
- Stinson, pp. 159-160, Exercises 4.8 and 4.9.
- Stinson, p. 230, Exercise 6.4.