Nadia Heninger (nadiah at cis dot upenn.edu, 464 Levine GRW)
Wednesday 3-6 pm, Towne 307
This course is a research seminar on selected topics in cryptography, both applied and theoretical. A tentative list of topics includes:
For the research project, you should try to do something nontrivial but tractable. If you're more applied, an implementation or experiments are fine; if you're more theoretical, you can understand a difficult area or try to prove an extension of existing work. You will write a research report describing the papers you read, what you tried to do, and any results, in the format of a conference paper. 10-15 pages if you're working alone, 15-20 pages if you're working with a partner.
You should come talk to me for help identifying a suitable project.
Project reports are due December 11.
|8/28||Introduction; practical cryptography overview: stream ciphers, block ciphers, hash functions||Optional additional references:|
When you visit a https web site, look at the connection and certificate information and make a note of what ciphers and key sizes are being used.
Try installing Wireshark, capturing some of your traffic, and inspecting a few cryptographic protocols (https, ssh, etc.).
|9/4||Practical cryptography overview continued: message authentication codes, public-key cryptography, digital signatures||
|9/11||Guest lecture: Brett Hemenway on oblivious transfer and multiparty computation|
|9/18||Factoring and discrete log algorithms||
||Install CADO-NFS and try your hand at factoring some large numbers.|
|9/25||How is SSL broken? Let us count the ways: MD5, BEAST, RC4...||
||Use HashClash to construct your own MD5 collision.|
||Use a memory extracting tool to dump the contents of your RAM to a file. Then browse through it to see what you can find. You can try the strings utility or the tools here.|
|10/9||Random number generation; entropy failures||