CS 555
Cryptography and Data Security

Directory of Topics

  • Course description
  • Course schedule
  • Homework
  • Course details
  • Instructor
  • Prerequisites
  • Texts and readings
  • Final exam topics
  • Final project
  • Class policies

    • Course Description

    Computer security is an imperfect concept. Systems may have bugs, configuration errors, or lax controls that allow misuse. Seldom is software designed to be resistant to attack. This can lead to serious problems and substantial losses.

    This course will examine technology for protecting information systems, with a particular emphasis on cryptographic methods. It will include discussion of standard security principles, information theory, classical and modern cryptographic systems, digital signatures, access control, information flow models, and secure systems.

    Coursework will include reading, a project, and several homework assignments. There will be a midterm and a final exam.

    Course Schedule and Topics

    The following is a schedule of topics by week. This is approximate, and may change based on class interest, availability of outside speakers, and other factors.

    The following are topics that will be on the final exam. Material presented in class lectures will be included as well as the material in the following sections of the book.

    Classical Cryptography (Ch 1)
    Standard ciphers and codes, cryptanalysis. All of chapter 1.
    Information theory (Ch 2)
    Perect secrecy, entropy calculation, Shannon's theory, Huffman encodings, unicity distance, rates, product cryptosystems. All of chapter 2.
    DES (Ch 3)
    DES structure and operation, modes of operation, differential cryptanalysis. All of chapter 3 except 3.5.
    RSA & Factoring (Ch 4)
    Euclidian algorithm, Chinese remainder theorem, cyclic groups, RSA operation, primality testing. Sections 4.1-4.5, inclusive.
    Other Public Key Systems (Ch 5)
    El Gamal, discrete logs, Pohlig-Hellman. Chapter 5, pages 162-170 only.
    Digital Signatures (Ch 6)
    RSA, EL Gamal, DSS signatures. One-time signatures. Sections 6.1-6.4. (Section 6.5 was covered in class, but I said it would not be on the test.)
    Hash Functions (Ch 7)
    hash function properties, the birthday attack, discrete log hash function, extending simple hash functions, hash functions from cryptosystems, MD4. All of Chapter 7.
    Key distribution (Ch 8)
    Blom key distribution, Diffie-Hellman key exchange, Kerberos. Chapter 8 pp. 259-273.
    Secret Sharing, (Ch 11)
    Shamir threshold scheme, Section 11.1
    Random Numbers (Ch 12)
    sections 12.1 and 12.2
    Zero Knowledge proofs (Ch 13)
    Section 13.1
    Other topics (partial list)
    PGP/PEM, certificate and key authorities, end-to-end security, types of security, traffic analysis, key escrow, political climate,

    Course Details

    Credit

    3 class hours, 3 credit hours

    Scheduling

    Spring 1997. Mon/Wed/Fri 1:30-2:20

    Location

    CS G-66

    Instructor

    Gene Spafford
    Office hours (CS G-22)
    Tuesday 1-3 pm
    Wednesday 2:30-3:30pm
    Friday 2:30-4pm
    by appointment (arrange with )
    Phone
    494-7825 (x47825)
    E-mail
    spaf@cs.purdue.edu

    TA

    Lotzy Boloni
    Office hours (CS G-72)
    Monday 9am-1pm
    Wednesday 4pm-8pm
    by appointment
    Phone
    494-9995 (x49995)
    E-mail
    boloni@cs.purdue.edu

    Prerequisites

    MA 351, CS 251, and CS 481 (or) permission of instructor

    Texts & Readings

    Required

    Cryptography, Theory and Practice, Douglas R. Stinson, CRC Press, Inc., 1995.
    Errata webpage.

    Interesting Related Reading

    The Mythical Man-Month, Frederick P. Brooks, Jr., Addison-Wesley Publishing Company, 1995. (Reprinted with corrections, October 1995)

    Building in Big Brother, The Cryptographic Policy Debate, Lance J. Hoffman, Ed., Springer-Verlag, 1995.

    The Codebreakers (2nd Edition), David Kahn, Scribner, NYC, NY, 1996.

    Computer Related Risks, Peter G. Neumann, Addison-Wesley/ACM Press, 1995. (reprinted with corrections, Jan 1995).

    Cryptology General Reference

    Cryptography and Data Security, by Dorothy Denning, Addision-Wesley, 1983.

    Applied Cryptography, (2nd Edition), by Bruce Schneier, Wiley & Sons, 1996.

    Disappearing Cryptography, Peter Wayner, Academic Press, 1996.

    Network Security, Private Communication in a Public World, Charlie Kaufman, Radia Perlman, Mike Speciner, Prentice Hall, Inc., 1995.

    PGP, Pretty Good Privacy, Simson Garfinkel, O'Reilly & Associates, 1995.

    General Security

    Computer Security Basics, by D. Russell and G. Gangemi, Sr., O'Reilly & Associates, 1991.

    Fundamentals of Computer Security Technology, Edward G. Amoroso, Prentice-Hall, Inc., 1994.

    Security in Computing, 2nd Ed. Charles P. Pfleeger, Prentice Hall, Inc., 1997.

    Computer Crime: A Crime-Fighter's Handbook, by Karl A. Seeger, William R. VonStorch, and David J. Icove, ed. by Eugene H. Spafford, O'Reilly & Associates, 1995.

    Practical Unix and Internet Security, (2nd edition), by Simson Garfinkel and Gene Spafford, O'Reilly & Associates, 1996.

    Some Interesting WWW Links

    Here is some information on the Beale Ciphers. Here is the text of the original pamphlet from 1885 describing the ciphers.

    A comprehensive list of securty-related WWW sites is on the COAST list.

    NIST FIPS standards

    Draft IEEE 1363 standard on public key cryptosystems

    RSADSI's PKCS with detailed specifications of various algorithms.

    Other readings

    Other readings may be given during the semester. These will be placed on reserve in the Math/Science library (MATH). A list of those readings will be linked in here as they are assigned.

    Final Exam Topics

    The exam will be closed-book, and comprehensive in nature. The exam will cover the items in this list.

    Gene Spafford