Applied Cryptography - CSCI 531, Fall 2009

Applied Cryptography - CSCI 531, Fall 2009

General Information

Time	:	TuTh 12:30pm - 1:50pm
Location	:	OHE 100B
Instructor	:	Bill Cheng (for office hours, please see instructor's web page), E-mail: <bill.cheng@usc.edu>. (Please do not* send HTML-only e-mails. They will not be read.)*
TA	:	Alix L.H. Chow, E-mail: <lhchow@cs.usc.edu>, Office Hours: TuTh 10am - 11am in SAL 209
Grader	:	Sai Sajja, E-mail: <sajja@usc.edu>. (The grader will hold office hours the week after the announcement of each homework assignment's grades.)
Midterm Exam	:	during class, Tue, 10/20/2009 (firm)
Final Exam	:	11am-1pm, Tue, 12/15/2009 (firm)

Class Resources

Description	:	textbooks, topics covered, grading policies, additional resources, etc.
Papers	:	required technical papers
Lectures	:	slides from lectures in HTML and PDF formats
Participation	:	rules about rowcalls.
Homeworks	:	homework assignments (please also see important information about programming assignments at the bottom of this page.)
Newsgroup	:	Google Group for discussing course materials and programming assignments. (This group is by invitation only.)

News

(in reversed chronological order)

11/11/2009: Office hour today has been canceled. Sorry abou the inconvenience and the short notice.

10/13/2009: The midterm exam will be held in OHE 100B between 12:30pm and 1:50pm. It is closed book, closed notes, and closed everything (and no "cheat sheet"). Also, no calculators, cell phones, or any electronic gadgets are allowed. Please bring a photo ID. Your ID will be collected at the beginning of the exam and will be returned to you when you turn in your exam. There will be assigned seating.
The midterm exam will cover everything from the beginning of the semester till the end of DES (last slide of lecture 14 on 10/13/2009).
Here is a quick summary of the topics (not all topics covered are listed):
- overview
  - functions
    - bi-jections and inverses
    - one-way functions and trapdoor one-way functions
    - permutations
  - encryption schemes
    - max number of permutations
    - model of communication and channels
  - types of adversaries
  - types of cryptanalysis
  - symmetric-key encryption
    - model of communication and channels
    - block ciphers
      - substitution ciphers
        
        mono-alphabetic substitution cipher
        homophonic substitution cipher
        polyalphabetic substitution cipher
      - transposition ciphers
      - composition of ciphers and product ciphers
    - stream ciphers
      - Vernam ciphers and one-time pad
    - key space issues
  - digital signatures
    - signing and verification transformations
  - authentication and identification
    - entity vs. data origina authentication
  - public-key cryptography
    - necessity of authentication
    - digital signature from reversible public-key encryption
  - cryptographic hash functions
    - one-wayness
    - weak collision-resistance
    - strong collision-resistance
    - keyed vs. unkeyed hash functions
  - protocols and mechanisms
    - protocol failures
  - key management
    - symmetric-key and trusted third party
    - public-key and certificate authority
  - attacks
    - ciphertext-only
    - known-plaintext
    - chosen-plaintext
    - chosen-ciphertext
  - security models
    - unconditional security
    - complexity-theoretic security
    - provable security
    - computational security
    - ad hoc security
- block ciphers
  - attacks
    - complexity of attacks
  - modes of operation
    - ECB
    - CBC
    - CFB
    - OFB
  - cascade cipher and multiple encryption
    - meet-in-the-middle attacks
    - known-plaintext unicity distance
  - classical ciphers
    - simple transposition ciphers
    - mono-alphabetic substitution cipher
    - polygram substitution cipher
    - homophonic substitution cipher
    - cryptographic codes
    - polyalphabetic substitution cipher
      - Vigenere cipher and variants
      - Jefferson cylinders and rotors and the Enigma machine
  - cryptanalysis of classical ciphers
    - unicity distance
    - language statistics
    - method of Kasiski
    - index of coincidences
  - DES
    - product ciphers
    - Fiestel
    - DES algorithm
      - P
      - S
      - E
    - DES key scheduling
      - V
      - PC1
      - PC2
    - DES properties
    - DES weak and semi-weak keys
    - cryptanalysis of DES
- HW1, HW2, HW4

9/30/2009: Office hour for Thursday 10/1/2009 has been moved to Friday 10/2/2009 from 1:30pm to 2:30pm. Sorry abou the inconvenience.

9/1/2009: Office hour for Thursday 9/3/2009 has been canceled. Sorry abou the inconvenience.

8/25/2009: Office hour for Wednesday 8/26/2009 has been canceled. Sorry abou the inconvenience.

8/18/2009: Registering with the class mailinglist is required for this class. If you have not done so, please visit the mailinglist page. (You do not have to be registered for the course to register with the class mailinglist.) In the registration confirmation e-mail, you will also get your user ID and password for accessing protected area of this web site.

8/18/2009: Watch this area for important announcements.

Prerequisites

CS 102L (Data Structures) or graduate standing. It is assumed that you know how to write programs, and how to debug them and make them work correctly.

Important Information about Programming Assignments

All homework assignments are programming assignments to be done in C/C++. No other programming language will be accepted and your program must compile and run with a Makefile on nunki.usc.edu. (Sorry, no Java.) You must be familiar with the UNIX development environment (vi/pico/emacs, cc/gcc or g++/CC, make, etc.)

If a student signs up late for this class, he/she is still required to turn all projects and homeworks on time or he/she will receive a score of 0 for these assignments. No exceptions!