Course Description -

This course will provide an intensive overview of the field of cryptography, providing a historical perspective on early systems, building to the number theoretic foundations of modern day cryptosystems. Students will learn how cryptosystems are designed, and to match cryptosystems to the needs of an application. Students will also study basic cryptanalysis and will be presented with real life breaches of common cryptosystems so that they better understand the dangers that lurk in cryptosystem design and in the design of systems that rely on cryptography.

CS 556 should be considered as an "advanced" cryptography class with emphasis on the theoretic side of cryptography. The Applied Cryptograph class is a more "introductory" cryptography class with emphasis on the applied side of cryptography (less emphasis on mathetical proofs). There will be some overlap between the Applied Cryptograph class and CS 530. This course is meant to be taken either concurrently or before CS 530.

Tentatively, starting in Fall of 2007, this course will be offered as CS 531.

• A. J. Menezes, P. C. Van Oorschot, S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996.
  (An online version of this book is available at http://www.cacr.math.uwaterloo.ca/hac/. In order to save some trees, please do not print out the whole book because we are not covering the whole book! Also, please make sure you follow the Copyright Notice there.)

• B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd Edition, Wiley, 1995.

• Wk 1-2: Overview of Cryptography (HAC Ch 1)
  • Introduction to various cryptographic concepts
  • Attacks
  • Security models
• Wk 3: Pseudorandom Bits and Sequences (HAC Ch 5)
  • Normal and Chi-square distributions
  • Five basic statistical tests for randomness
  • Cryptographically secure pseudorandom bit generators
• Wk 4-5: Stream Ciphers (HAC Ch 6)
  • LFSR (Linear Feedback Shift Register)
  • Non-linear FSR
  • Stream ciphers based on LFSR
  • RC4
• Wk 6-7: Block Ciphers (HAC Ch 7)
  • Modes of operations
  • Classical ciphers and their cryptanalysis
  • DES
• Wk 8: AES (FIPS publication 197)
• Wk 9: Public-key Parameters (HAC Ch 4)
  • Legendre and Jacobi symbols
  • Primality tests (Fermat.s test, Miller-Rabin test, AKS test)
  • Generating probable prime numbers
  • Generating provable prime numbers
• Wk 10: Number-theoretic Reference Problems (HAC Ch 3)
  • Integer factorization
  • RSA problem
  • Diffie-Hellman problem
  • Square root modulo n problem
  • Discrete logarithm problem
• Wk 11: Public-key Encryption (HAC Ch 8)
  • Chinese remainder theorem and residue number system
  • RSA public-key encryption
  • Diffie-Hellman key exchange
  • ElGamal public-key encryption
  • Rabin public-key encryption
• Wk 12-13: Hash Functions and Data Integrity (HAC Ch 9)
  • MAC (message authentication code)
  • MDC (modification detection code)
  • One-way hash function
  • Collision resistant hash function
  • Yuval.s birthday attack
  • Breaks of hash functions
• Wk 14: Digital Signatures (HAC Ch 11)
  • RSA signature scheme
  • Fiat-Shamir signature scheme
  • ElGamal signature scheme
  • One-time signature schemes

Please do not ask the following types of questions in your e-mail (although they are appropriate for office hours):

• Here is my understanding of X. Am I right (or is this correct)?
  (You can do this for just about everything and in many different ways. I do not have the bandwidth to deal with too many questions like this.)

• I don't understand X. Could you explain X to me?
  (It's your responsiblity to come to lectures and ask questions during lectures if there is something you do not understand.)

Homeworks:		35%
Midterm Exam:		30%
Final Exam:		35%

Pleaes also note the following:

• The above percentages will be used to calculate your total score. Final grades (A,B,C,D,or F) will be determined using a modified curve (i.e., we won't necessarily assign an equal number of failing grades as passing grades) based on this total score. No other methods will be considered. (So, please do not ask the instructor to take how much you have improved since the beginning of the semester into account. You are expected to try your best from the beginning!) Typically, if you score around the class average, you will get a B+.

• We will assign grades of C and below to individuals who do not perform satisfactorily in the above areas. (i.e., you should not assume a B- or even C if you perform unsatisfactorily.) However, we hope that everyone will perform well.

• Your assignments are your own work! No group assignments are allowed or will be tolerated. You are free to talk to other students about assignments but no actual material (files, code fragments, etc.) should be shared. We will act harshly at any sign of copying.

• We will not assign incompletes unless it is for a documented medical reason (in accordance with USC policy).

If you are unable to complete a homework assignment due to illness or family emergency, please see the instructor as soon as possible to get an extension. A doctor's note is required as proof of illness or emergency.

The instructor and the TA do not normally read this forum. Please do not post questions for them here.

Please make sure that you have read the Academic Integrity Policy of this course.

This policy also holds for  programming assignments. In this class, we will use sophisticated automated program checkers to detect cheating. Be aware that the program checkers have demonstrated very good results and are widely used within the academic community. Any student caught cheating will be given zero credit and will be disciplined.

It is the students responsibility to submit their assignments to the TA in time. 

For students who satisfied the CSci402 prerequisite at other universities or through work experience, this course assumes that you understand concurrency, synchronization, and UNIX programming. You should be able to write large programs in C/C++. No special assistance or consideration will be offered if your background is inadequate.

You are expected to read all the papers in detail. Not all details will be covered in class.  We will assume knowledge of material covered in EE450 and a C language programming proficiency from CSci402 or its equivalent. If you covered the introductory material at some other school it is YOUR responsibility to fill in any missing background. Feel free to ask me for advice on appropriate introductory readings if you feel your background is insufficient.

We expect you to attend every class meeting. If you do happen to miss a session, you are responsible for finding out what material was covered and if any administrative announcements were made. You must do so BEFORE the next session (e.g., if there is an assignment given during the missed session, you are still responsible for completing it by the next week along with the other students).  You are advised to read the papers for a particular lecture before attending the lecture. This will greatly enhance your understanding of the subject matter.

• OpenSSL
• AES

• C Programming (by Steve Holmes at the University of Strathclyde in Glasgow, England) - includes notes on make, separate compilation, file I/O, etc.
• Makefile tutorial (at Indiana University)
• C/C++ at USC from USC ISDWeb
• Steve's Software Trek (by Steve Karg) - includes some useful C/C++ source code for string manipulation, INI file manipulation, etc.

• cygwin (BSD system with X11R6 on Windows XP)
• C/C++ Documentation (compiling, linking, additional libraries, include files) from USC ISDWeb
• UNIX Documentation (concepts, commands, X-Windows) from USC ISDWeb
• UNIXhelp for Users from the University of Edinburgh
• Emacs Documentation from USC ISDWeb
• Vi Text EditorDocumentation from USC ISDWeb
• General information on operating systems, productivity applications, Internet connectivity, e-mail and web publishing at USC, can be found at the ISD software site