CS 758: Cryptography / Network Security
last updated December 22, 2013
This page contains information about the Computer Science
graduate course CS 758, "Cryptography / Network Security".
This course is being offered
in the Fall Semester, 2013
- If you are not a CS student and you would like to take this course, please contact me.
- class time: 11:30--12:50 T Th
- class location: DC 2568
- first lecture: Tuesday September 10
- instructor: Doug Stinson
- office: DC 3522
- email: dstinson"at"uwaterloo.ca
Note: please use University of Waterloo accounts when sending me email.
- telephone: (519)-888-4567 ext. 35590
I am often available for consultation
in my office without an appointment.
If you wish to make an appointment, please send me
email or telephone me.
There is no assigned textbook for the course.
However, if you would like a reference (other than
the lecture slides), much of the course material
can be found in
The Third Edition of
Cryptography: Theory and Practice.
Course Slides, Assignments and Supplementary Information
Course slides, assignments and additional notes will be available.
This course covers cryptographic protocols and their application
to secure communication, especially in a network setting.
There are no formal prerequisites. A previous course in cryptography
such as C&O 487 (Applied Cryptography),
or a course in security such as CS 458/658, would be helpful
(but it is not essential) in providing background for the course.
This is not a mathematics course, but cryptography uses a variety
of mathematical techniques, most of which are at least introduced in a typical
"discrete structures" course.
Background that is useful for this course
includes basic complexity theory, elementary number theory,
algebra, probability, and combinatorics.
Course Outline (from the calendar description)
- Review of cryptographic primitives and their applications
to information security, and notions of cryptographic
security. Discussion of public-key encryption, secret-key encryption,
message authentication, signature schemes, and hash functions
- Techniques for entity authentication. Passwords, challenge-response,
identification schemes (e.g., Fiat-Shamir, Guillou-Quisquater),
general techniques for zero-knowledge proofs for NP-complete languages
- Protocols for key establishment, transport, agreement and
maintenance. Online key distibution using a trusted server (Kerberos).
Public-key techniques, including a discussion of Diffie-Hellman
key agreement, man-in-the-middle attacks, STS protocol
and forward secrecy. Unconditionally secure key distribution,
including the Blom scheme and combinatorial key distribution patterns
- Cryptography in a multi-user setting. Secret sharing schemes
(including Shamir threshold schemes and schemes for general
access structures). Conference key distribution and
broadcast encryption. Copyright protection techniques and
tracing schemes (8 hours).
The course grades will be based on written assignments
(which may require some simple Maple programming) plus a course project.
I encourage students to work in groups of two or three for the project.
The project will include a written component as well
as a presentation in class.
The project will involve
preparing a report on a recent research
paper on a topic related to
the course material, and/or
implementing and analyzing one or more protocols
on a topic related to
the course material.
The timeline for the course project is as follows:
The project could study one research paper in depth,
or provide a survey/comparison of 3-4 related papers. The topic should be something related
to the course content, e.g., identification, key distribution, secret sharing, etc. The project should be concerned with protocols (i.e.,
not just a cryptosystem) and it should have strong crypto content (i.e.,
it is not a security project). You can also consider topics not covered in the course, e.g., RFID identification.
Your project should strive add some significant content to a paper or papers. This could include one or more of the following:
- Please form groups of 2-3 and inform me by email as to the membership of your group by
- A 1-2 page outline is due by October 29
- In-class presentations (15-20 minutes) will be during the last week of classes.
- The written report is due during the exam period (the exact date to be specified later).
There are many possible sources you can look at to find suitable papers.
Two of the best are:
Feel free to email me or make an appointment to see me if you would like additional
- Including proof details (if they are omitted from the paper)
- Doing additional analysis or computations.
- Extending the results of the paper in some way.
- Implementing one or more protocols or providing a comparison of