[Please remove <h1>]
Objectives
This course covers cryptographic protocols and their application to secure
communication, especially in a network setting.
References
Handbook of Applied Cryptography (Menezes, Van Oorschot and Vanstone),
CRC Press, 1997 (optional). Network Security: Private Communication in a
Public World, 2nd Ed. (Kaufman, Perlman and Speciner), Prentice Hall, 2002
(optional).
Schedule
Three hours of lectures per week.
Outline
Review of Cryptographic Primitives (6 hrs)
Their applications to information security, and notions of cryptographic security. Discussion of public-key encryption, secret-key encryption, message authentication, signature schemes, and hash functions.
Techniques for Entity Authentication (6 hrs)
Passwords, challenge-response, identification schemes (e.g., Fiat-Shamir, Guillou-Quisquater), general techniques for zero-knowledge proofs for NP-complete languages.
Protocols for Key Establishment, Transport, Agreement and Maintenance (10 hrs)
Online key distribution using a trusted server (Kerberos). Public-key techniques, including a discussion of Diffie-Hellman key agreement, man-in-the-middle attacks, STS protocol and forward secrecy. Unconditionally secure key distribution, including the Blom scheme and combinatorial key distribution patterns.
Cryptography in a Multi-user Setting (8 hrs)
Secret sharing schemes (including Shamir threshold schemes and schemes for general access structures). Conference key distribution and broadcast encryption. Copyright protection techniques and tracing schemes.
Public-key Infrastructure (6 hrs)
Models for managing public keys and certificates (X.509 certificates, certification authorities, trust models, certificate verification and revocation, etc.). Applications, including PGP, SSL and IPsec.
