- "Handbook of Applied Cryptography" by Menezes, van Oorschot, and Vanstone. CRC Press, 1996. ISBN: 0-8493-8523-7.
- "Cryptography: Theory and Practice" by Stinson. CRC Press, 1996, The Fourth Printing. ISBN: 0-8493-8521-0.

- J.P. Anderson. Computer Security Technology Planning Study. ESD-TR-73-51, ESD/AFSC, Hanscom AFB, Bedford, MA (Oct. 1972) [NTIS AD-758 206].
- M. Bishop's History of Computer Security Web Site at UC Davis.
- O. Goldreich. "Modern Cryptography, Probabilistic Proofs and Pseudo-randomness." Springer-Verlag, 1999. ISBN: 3-540-64766-X.
- O. Goldreich. Foundations of Cryptography (Fragments of a Book).
- B. Schneier. "Applied Cryptography : Protocols, Algorithms, and Source Code in C." John Wiley & Sons, 1995. ISBN: 0471117099.
- Ron Rivest's Cryptography and Security Page at MIT.
- The Cypherpunks Home Page at UC Berkeley.
- Crypto FAQ site at RSA Security.
- M. Matsui. Linear cryptanalysis method for DES cipher. In: Advances in Cryptology, Eurocrypt '93, Lecture Notes in Computer Science 765, pages 386-397, Springer-Verlag, 1993.
- M. Matsui. The first experimental cryptanalysis of the data encryption standard. In: Advances in Cryptology, Crypto '94, Lecture Notes in Computer Science 839, pages 1-11, Springer-Verlag, 1994.
- J. Clark and J. Jacob. A Survey of Authentication Protocol Literature. Version 1.0, November, 1997.
- R. Kemmerer, C. Meadows, and J. Millen. Three Systems for Cryptographic Protocol Analysis. Journal of Cryptology, Vol. 7, no. 2, 1994.
- J.C. Mitchell, M. Mitchell, and U. Stern. Automated Analysis of Cryptographic Protocols Using Murphi, IEEE Symp. Security and Privacy, Oakland, 1997, pages 141-153.

- CNN Interactive coverage on November 5, 1999 of
DVD encryption hacked.

- Basic Concepts of Cryptology, Substitution Ciphers, Permutation Ciphers,
Vigenere Cipher, Rotor Machines, Attack Models, Needham-Schroeder Key Exchange
Protocol.
- Overview of Probability Theory: Probability Distribution, Random Variable,
Conditional Probability, Bayes Theorem, Expected Value.
- Symmetric Ciphers, Block Ciphers, One-Time Pad, Information-Theoretic
Properties of One-Time Pad, Perfect Secrecy, Misuses of One-Time Pad,
Malleability.
- Stream Ciphers, Linear Feedback Shift Register, Golomb's Randomness
Postulates, Linear Complexity, Non-linear Filters, Knapsack Keystream
Generator.
- Feistel Networks, Data Encryption Standard, S-boxes, Key Schedule,
DES Properties, DES Modes of Operation, Message Authentication Code,
Exhaustive Search Attack, Triple DES, DESX, Matsui's Linear Cryptanalysis
of DES.
- Public-Key Cryptography Overview, Merkle Puzzles.
- Introduction to Number Theory:
G.C.D., Euler's Phi Function, Fermat's Little Theorem and Euler's
Generalization, Chinese Remainder Theorem, Modular Exponentiation by
Repeated Squaring, Prime Factors of
*(b^n) - 1*. Finite Fields, Existence of Generators, Polynomial Rings, Splitting Fields, Existence and Uniqueness of Finite Fields with Prime Power Number of Elements. Roots of Unity, Quadratic Residues, Legendre Symbol, Jacobi Symbol, Law of Quadratic Reciprocity, Computation of Square Roots Modulo*p*. - Diffie-Hellman Key Exchange, Person-in-the Middle Attack. Discrete
Logarithm, Random Self-Reduction, Giant-Step Baby-Step Algorithm,
Pohlig-Hellman Algorithm, ElGamal Public-Key Cryptosystem.
- RSA Public-Key Cryptosystem, Attacks on RSA: Pollard's
*p - 1*Algorithm, Low Private Exponent, Low Public Exponent. - Digital Signatures, Selective Forgery, Existential Forgery,
Signature Schemes Based on RSA: PKCS #1, Signature Schemes Based on Discrete
Logarithm: ElGamal Signature Scheme, Digital Signature Standard.
- Hash Functions, Preimage Resistance, Second Preimage Resistance,
Collision Resistance, Compression Functions, Merkle-Damgard Iteration
Construction, Cryptographic Message Authentication Code, Information-Theoretic
Message Authentication Code.
- Key Distribution and Authentication Protocols: TMN Protocol, Kerberos,
Wide-Mouthed Frog, Woo-Lam, Yahalom.
*Guest Lecture.*Alfred Maneki: Strand Spaces.*Guest Lecture.*Sylvan Pinsky: Secure Composition Problem.*Guest Lecture.*Catherine Meadows: Formal Methods in the Analysis of Cryptographic Protocols.*Guest Lecture.*James P. Anderson: 35 years of computer security "progress".- Probabilistic Tests for Primality: Solovay-Strassen Test, Miller-Rabin
Test.

- Stinson, pp. 39-40, Exercise 1.1 (b).
- Stinson, p. 67, Exercises 2.1 and 2.3.
- Stinson, pp. 110-111, Exercises 3.2, 3.3, 3.4, and 3.5.

- Using the Fundamental Theorem of Arithmetic, prove that the product
of
*(1 - 1/p)*over all primes*p*is zero. - Prove that if
*(2^n) - 1*is a prime, then*n*is a prime, and if*(2^n) + 1*is a prime, then*n*is a power of*2*. The first type of prime is called a Mersenne prime, and the second type is called a Fermat prime. - Show that there exists a natural number
*N*such that whenever*p*is a Fermat prime or a Mersenne prime, discrete logarithm in*F_p*is computable in*O((log^N)(p))*bit operations. Show that this implies that breaking the Diffie-Hellman Key Exchange Protocol is easy for Fermat primes and Mersenne primes. - Stinson, pp. 159-160, Exercises 4.8 and 4.9.
- Stinson, p. 230, Exercise 6.4.