Seminar program.

Spring 2003.

### Introduction. Monoalphabetic ciphers.

- Content:
- Bibliography, online resources.
- Terms. Cryptography, cryptology, cryptoanalysis. Encryption, decryption. Encoding, decoding, coding. Error-correcting coding. Protocol, algorithm, scheme.
- Mathematical definition of encryption/decryption. Alphabet. Domains of messages, ciphers, keys. Cardinality of domains. Encryption and decryption functions.
- Functions: bijective (one-to-one), surjective (one-to-many), injective (many-to-one), trap-door, one-way.
- Types of cryptosystems: symmetric (block, stream), asymmetric (public-key, signature, key distribution). Characteristics and applications.
- Monoalphabetic ciphers. Definition. Shift ciphers. Affine ciphers. Cardinality of key's domain.
- Exhaustive search (brute force) attack.
- Frequency cryptoanalysis of monoalphabetic ciphers.
- Samples.

- Handout. Typical frequencies of symbols [tiff].
- Assignment. Decrypt monoalphabetical cipher [description rtf pdf].
- Related.

- Content:
### Polyalphabetic ciphers.

- Content:
- Definition. Ciphers: Caesar, Viginer, M-209.
- Cryptoanalysis. Period detection methods: Kasiski, autocorrelation, index coincidence.

- Handouts. Cryptoanalysis of polyalphabetic cipher [rtf pdf].
- Assignment. Decrypt Viginer's cipher [description rtf pdf].
- Related.

- Content:
### Block ciphers. Operation modes.

- Content:
- Application of block ciphers.
- Feistel's scheme. DES. GOST. Basics of differential and linear cryptoanalysis.
- AES (Rijndael).
- Comparison of block ciphers.
- Operation modes (ECB, CBC, OFB, CFB), initialization vector IV.
- Galous' fieds GF(2), GF(2^k). Polynomials. Operations with polynomials (+,*,mod). AES polynomials, operations.

- Handouts.
- Assignment. Operations with polynomials in AES.
- Related.

- Content:
### Number theory.

- Content:
- Modular arithmetics.
- Technique of exponentiation of big integers modulo a number (square and multiply).
- Euclid's algorithm, extended Euclid's algorithm. Inverse numbers.
- Euler's phi-function, Euler's theorem. Fermat's theorem.
- Chinese Remainder Theorem (CRT).
- Groups, rings, fields. Generators. Irreducible polynomials. Ring Z_n. Groups Z_p^*, Z_n^*.
- Prime numbers. Distribution of primes.
- Primality tests: probabilistic (Fermat, Miller-Rabin), deterministic (hindu's algorithm).
- Primes of special forms. Sophie-Germain primes, their application.
- Generation of primes.

- Handouts. Seminar notes (primes, factorization) [ps].
- Assignment.
- Related.

- Content:
### Public-key cryptosystems. Signatures. Hashs. MACs.

- Content:
- Complexity classes (P, NP, NP-complete). Turing's machine. Polynomial and exponential algorithms.
- Number-theoretic problems of most PKCs: factorization, Discrete Logarithm Problem (DLP).
- Factorization methods: Pollard's, Elliptic Curve Sieve (ECS), Number Field Sieve (NFS).
- Key sizes of PKCs based on factorization and DLP.
- Public-key cryptosystems: RSA, ElGamal. Application.
- Hashs.
- Message Authentication Codes (MAC). Application.
- Digital signatures: RSA, ElGamal, DSA/DSS. Application.
- (*) OAEP-RSA. Cramer-Shoup. Random oracle model.

- Handouts.
- Assignment [description ps].
- Sign and verify a message and a signature.
- Factorize numbers.

- Related.
- A Tale of Two Sieves, Carl Pomerance
- Factoring - State of the Art and Predictions, Bruce Schneier
- Selecting Cryptographic Key Sizes, Arjen K. Lenstra, Eric R. Verheul
- SHA-1
- Collision in part of MD5 (the compression function)
- HMAC
- The Evolution of Public Key Cryptography, Video Lecture
- OAEP, RSA Labs OAEP FAQ

- Content:
### User authentication. Key management.

- Content:
- Related.
- One-time passwords and an implementation.
- Cookie Central
- Kerberos
- DNSSEC
- Peter Gutman's presentations [downloaded zip archive]

### User authentication. Key management.

- Content:
- Public-key infrastucture (PKI).
- Certificate chains, X509.3.
- SPKI.
*Certificate chain discovery in SPKI/SDSI*[ps].

- PGP.

- Handouts.
- Assignment.
- Related.

- Content:
### Encrypted channels.

- Content:
- SSL/TLS.
- IP Security Protocol (IPSec).

- Handouts.
- Assignment.
- Related.
- Peter Gutman's presentations [downloaded zip archive]
- TLS, SSL 3.0, Apache-SSL, OpenSSL
- Analysis of the SSL 3.0 protocol by David Wagner and Bruce Schneier.
- IPSec
- A Cryptographic Evaluation of IPsec, N. Ferguson and B. Schneier

- Content:
### Software vulnerabilities. Buffer overflow. Viruses.

- Content:
- Handouts.
- Assignment.
- Do a simple buffer overflow on a server.
- Check OS at home PC for common OS vulnerabilities.

- Related.

### Payment systems. Cards. E-coins. Voting.

- Content:
- Payment systems.
- Electronic money.
- Online voting.
*Practical Multi-Candidate Election System*[pdf].

- Some protocols (???).

- Handouts.
- Assignment.
- Related.

- Content:
### Defence of projects and essays.

- Content:
- Handouts.
- Assignment.
- Related.

- Content:
### Defence of projects and essays.

- Content:
- Handouts.
- Assignment.
- Related.

- Content: