CS 555 Class

These files are for the use of students in CS 555 Spring, 2010, at Purdue University

Instructor: Samuel S. Wagstaff, Jr.

Phone: 49-46022; E-mail: ssw@cerias.purdue.edu

Prerequisites: CS 251, CS 381, CS 426 and MA 351.

The real prerequisites for CS 555.

Text: Introduction to Modern Cryptography by J. Katz and Y. Lindell, Chapman and Hall/CRC Press, 2008, ISBN 978-1-58488-551-1. See also the errata here.

Reference: Cryptanlysis of Number Theoretic Ciphers, by Samuel S. Wagstaff, Jr., Chapman and Hall/CRC Press, 2003. ISBN 1-58488-153-4. See also the errata here.

Recommended additional reading: Applied Cryptography (2nd edition), by Bruce Schneier, Wiley, 1996. See also the errata here.

See also here for the new Advanced Encryption Standard algorithm Rijndael.

The overall course policies are the same as Spaf's.

Link to a list of web sources on cryptography and security.

Location and Time: LWSN B134, MWF 9:30-10:20.

Office: LWSN 1167; Office hours: Monday 3:30-4:30 PM, Wednesday 1-2 PM.

Grading: Homework: 20%; Midterm exam 20%; Project 20%; Final exam 40%.

Teaching Assistant: Chenyun Dai, Email: daic@cs.purdue.edu .

Office hours of Teaching Assistant: Monday 1 - 2 PM.

Day-by-day list of topics covered.

Please use a word processor like Latex or MS Word to format your homework solution.

Homework # 1, due Wednesday, February 3, 2010, 9:30 AM, on paper, in class. In question 2, your reasoning is much more important than the numbers you give as the answers. Unsupported guesses are worthless. Text of the questions.

Homework # 2, due Wednesday, February 10, 2010, 9:30 AM, on paper, in class. In question 1, your reasoning is much more important than the numbers you give as the answers. Unsupported guesses are worthless. Text of the questions.

Homework # 3, due Wednesday, February 17, 2010, 9:30 AM, on paper, in class. Text of the questions.

slides from an old lecture.

2009 slides, part 1.

2009 slides, part 2.

Block, stream ciphers, LFSRs, meet-in-the-middle attacks.

AES and Rijndael.

Rijndael, the new AES.

More about AES in comics.

Divisibility, Arithmetic with large integers, GCD.

Prime numbers.

Congruences: Definition and single linear ones.

2009 slides, part 3.

The rest of this page is old and will be changed.

Transposition ciphers and substitution ciphers, IC.

Substitution ciphers, product ciphers.

Congruences for fun and profit.

Fermat, Euler, fast exponentiation, finding large primes.

Diffie-Hellman key exchange, discrete logs, P-H, RSA, ElGamal, Massey-Omura ciphers, RSA signatures, ElGamal public-key cryptosystem, Mental poker and quadratic residues.

Chinese remainder theorem, Solving quadratic congruences, Oblivious transfer and Zero-knowledge proofs.

MACs and Hash functions.

Threshold schemes, Digital Signature Standard and Subliminal Channels.

Project demonstrations will be held in the TA's office on Monday April 13, 9 AM - noon, and on Wednesday, April 15, 10 AM - noon. Please email the TA to make an appointment. If two people did a project, both should attend the demonstration.

2009 project assignment.

Project grading policy.

Examples of the Extended Euclidean Algorithm and the Chinese Remainder Theorem

Large primes via Pocklington-Lehmer.

P-H, RSA, ElGamal, Massey-Omura ciphers, signatures.

ElGamal public-key cryptosystem.

2009 slides, part 4.

Diffie-Hellman key exchange, discrete logs.

2009 slides, part 5.

Mental poker and quadratic residues.

Euler's Criterion, Legendre symbol.

Caesar cipher, CRT.

Quadratic congruences, Oblivious transfer, Zero-knowledge proofs.

Hash and other one-way functions.

More about hash functions.

MD5 and SHA.

Signing contracts by e-mail.

The Birthday paradox.

Threshold schemes.

More about threshold schemes.

Digital Signature Standard.

Subliminal channels; the one in DSA.

Digital cash.

More about Digital cash.

Electronic voting.

Construction of large primes.

Elliptic curves.

2009 slides, part 6.

Key exchange algorithms.

All regrading of homework, midterm exam and the project must be done within two weeks after the work is returned to the class.

Solution to homework and a summary of your grades on the midterm. (Works only from domain .purdue.edu .)

Homework # 4, due Tuesday, February 17, 2009, 3:00 PM, on paper, in class. Text of the questions.

Homework # 5, due Tuesday, March 24, 2009, 3:00 PM, on paper, in class. Text of the questions.

Homework # 6, due Thursday, April 9, 2009, 3:00 PM, on paper, in class. Text of the questions.

Homework # 7, due Tuesday, April 21, 2009, 3:00 PM, on paper, in class. Text of the questions.

Homework # 8, not due. Just do it for fun and to practice for the final. Text of the questions.

Some old slides you might enjoy.

Information theory: Definition of entropy.

Information theory: Rate, perfect secrecy.

Key equivocation, unicity distance.

Transposition ciphers and substitution ciphers, IC.

Synchronous and self-synchronous stream ciphers, CBC.

Congruences: CSR, XEuclid, multiplicative inverses.

Fermat, Euler, fast exponentiation, finding large primes.

IDEA.

Mid-Term Exam, Thursday, March 5, 2009, in class. Do not bring cell phones, laptop computers, or any other device that communicates to the exam.

Final Exam, Tuesday, May 5, 2009, 8-10 AM, Room LWSN 1106. Do not bring cell phones, laptop computers, or any other device that communicates to the exam.

Ph.D. Qualifying Exam Supplement, Tuesday, May 5, 2009, 10:30 -11:30 AM, Room LWSN 1106. Do not bring cell phones, laptop computers, or any other device that communicates to the exam.

Entropy question and proposed solution.

Alice and Bob

Substitution ciphers, product ciphers.

Kerberos.

Random number generation.

PGP.

Send e-mail to Sam Wagstaff

(This page last modified January 20, 2010)