CS 555 Class

These files are for the use of students in CS 555 Spring, 2013, at Purdue University

Instructor: Samuel S. Wagstaff, Jr.

Phone: 49-46022; E-mail: ssw@cerias.purdue.edu

Prerequisites: CS 251, CS 381, CS 426 and MA 351.

The real prerequisites for CS 555.

Text: Introduction to Modern Cryptography by J. Katz and Y. Lindell, Chapman and Hall/CRC Press, 2008, ISBN 978-1-58488-551-1. See also the errata here.

Reference: Cryptanlysis of Number Theoretic Ciphers, by Samuel S. Wagstaff, Jr., Chapman and Hall/CRC Press, 2003. ISBN 1-58488-153-4. See also the errata here.

Recommended additional reading: Applied Cryptography (2nd edition), by Bruce Schneier, Wiley, 1996. See also the errata here.

See also here for the new Advanced Encryption Standard algorithm Rijndael.

The overall course policies are the same as Spaf's.

Link to a list of web sources on cryptography and security.

Location and Time: LWSN B134, TR noon-1:15.

Office: LWSN 1167; Office hours: Tuesday 2-3 PM, Thurdsay 3-4 PM.

Grading: Homework: 20%; Midterm exam 20%; Project 20%; Final exam 40%.

Teaching Assistant: Jaewoo Lee, Email: jaewoo@purdue.edu .

Office hours of Teaching Assistant: Wednesday 1:00-2:00 PM in LWSN 2149 (#14). (But 3 PM Wednesday, February 27.)

Day-by-day list of topics covered.

Please use a word processor like Latex or MS Word to format your homework solution. Use at least 12 point type. If we can't read your answer, then it is wrong!

All regrading of homework, midterm exam and the project must be done within two weeks after the work is returned to the class.

Solution to homework and a summary of your grades on the midterm. (Works only from domain .purdue.edu .)

Sample Final exam. Try to do it in 50 minutes with no references.

Homework # 1, due Thursday, January 31, 2013, noon, on paper, in class. In question 2, your reasoning is much more important than the numbers you give as the answers. Unsupported guesses are worthless. Text of the questions.

Homework # 2, due Thursday, February 7, 2013, noon, on paper, in class. In question 1, your reasoning is much more important than the numbers you give as the answers. Unsupported guesses are worthless. Text of the questions.

Homework # 3, due Thursday, February 14, 2013, noon, on paper, in class. Text of the questions.

Homework # 4, due Thursday, February 21, 2013, noon, on paper, in class. Text of the questions.

Homework # 5, due Thursday, February 28, 2013, noon, on paper, in class. Text of the questions.

Homework # 6, due Thursday, March 21, 2013, noon, on paper, in class. Text of the questions.

Homework # 7, due Thursday, March 28, 2013, noon, on paper, in class. Text of the questions.

Homework # 8, due Thursday, April 4, 2013, noon, on paper, in class. Text of the questions.

Homework # 9, due Thursday, April 11, 2013, noon, on paper, in class. Text of the questions.

2013 project assignment.

slides from an old lecture.

2009 slides, part 1.

2009 slides, part 2.

Block, stream ciphers, LFSRs, meet-in-the-middle attacks.

An LFSR with 4 bits.

DES (by Prof Kak).

AES and Rijndael.

Rijndael, the new AES.

More about AES in comics.

Divisibility, Arithmetic with large integers, GCD.

Examples of the Extended Euclidean Algorithm and the Chinese Remainder Theorem

Prime numbers.

Congruences: Definition and single linear ones.

2009 slides, part 3.

Congruences for fun and profit.

Fermat, Euler, fast exponentiation, finding large primes.

Diffie-Hellman key exchange, discrete logs, P-H, RSA, ElGamal, Massey-Omura ciphers, RSA signatures, ElGamal public-key cryptosystem, Mental poker and quadratic residues.

2009 slides, part 4.

2009 slides, part 5.

Chinese remainder theorem, Solving quadratic congruences, Oblivious transfer and Zero-knowledge proofs.

Chinese remainder theorem, Solving quadratic congruences, Oblivious transfer and Zero-knowledge proofs. II.

MACs and Hash functions.

Hash and other one-way functions.

More about hash functions.

Threshold schemes, Digital Signature Standard and Subliminal Channels.

More about threshold schemes.

Large primes via Pocklington-Lehmer.

Elliptic curves.

Signing contracts by e-mail.

Digital cash.

Electronic voting.

Construction of large primes.

2009 slides, part 6.

Key exchange algorithms.

Kerberos.

Random number generation.

Midterm Exam, Tuesday, March 5, 2013, noon, in Room LWSN B134, Do not bring cell phones, laptop computers, or any other device that communicates to the exam.

Final Exam, Tuesday, April 30, 2013, 1-3 PM, Room LWSN B151. Do not bring cell phones, laptop computers, or any other device that communicates to the exam.

Ph.D. Qualifying Exam Supplement, Tuesday, April 30, 2013, 3:30 -4:30 PM, Room LWSN 1106. Do not bring cell phones, laptop computers, or any other device that communicates to the exam.

Transposition ciphers and substitution ciphers, IC.

Substitution ciphers, product ciphers.

P-H, RSA, ElGamal, Massey-Omura ciphers, signatures.

ElGamal public-key cryptosystem.

Diffie-Hellman key exchange, discrete logs.

Mental poker and quadratic residues.

Euler's Criterion, Legendre symbol.

Caesar cipher, CRT.

Quadratic congruences, Oblivious transfer, Zero-knowledge proofs.

MD5 and SHA.

The Birthday paradox.

Threshold schemes.

Digital Signature Standard.

Subliminal channels; the one in DSA.

Some old slides you might enjoy.

Information theory: Definition of entropy.

Information theory: Rate, perfect secrecy.

Key equivocation, unicity distance.

Transposition ciphers and substitution ciphers, IC.

Synchronous and self-synchronous stream ciphers, CBC.

Congruences: CSR, XEuclid, multiplicative inverses.

Fermat, Euler, fast exponentiation, finding large primes.

Digital cash.

More about Digital cash.

IDEA.

Entropy question and proposed solution.

Alice and Bob

Substitution ciphers, product ciphers.

PGP.

Send e-mail to Sam Wagstaff

(This page last modified April 22, 2013)