Computer Science 431: Cryptology in Computing
Course Description
This is a course description for a course at the University
of New Mexico in the fall of 1995. The
official course description is rather sketchy:
Techniques of encryption and decryption in current use for the
protection of privacy of files. Emphasis on public key
encryption. Includes extensive use of modular and multiple precision
arithmetic.
The pre-requisite for this course is CS
251L, Introduction to Data Structures, and familiarity with modular
arithmetic. This course is allowed for graduate credit to students enrolled
in a graduate program.
What is cryptology?
Simply stated, cryptology is the science of protecting information. The
course description given above addresses only encryption in support of privacy
of files. This is an old-fashioned definition, and in addition to encryption
for protecting information against unintentional disclosure, cryptology also
addresses protections such as:
- proving identity of origin through authentication,
- integrity of content through checksums and digital signatures,
- protocols to for secure distributed computation,
- secret sharing, and
- electronic payments,
- watermarking or fingerprinting of information,
- electronic gambling.
This course will attempt to cover the various kinds of protections that can be
given to information, and the variety of tools that can be used to provide
these services. In addition, applications to real systems will be discussed,
using examples from electronic commerce systems, the world wide web, and
distributed file systems.
A syllabus is available online. Topics that are
part of the course include:
- Types of protection
- types of security
- information-theoretic security
- complexity-theoretic security
- cross your fingers and pray security
- encryption/decryption.
- identity authentication.
- data authentication.
- third-party data authentication with nonrepudiation.
- Cryptographic algorithms and primitives
- symmetric encryption algorithms: block and stream ciphers,
Examples include one-time pad, Vigenére, DES, triple DES, and
feedback shift registers.
- one way functions, trap-door functions, basic complexity.
- asymmetric encryption algorithms: including RSA and ElGamal.
- cryptographic hash functions, including SHA and MD4/MD5.
- key management, including key exchange, public-key certification,
Needham-Schroeder models, secret sharing, and key escrow.
- message authentication codes.
- Cryptanalysis
- brute force key search.
- different kinds of attacks: chosen plaintext, known plaintext,
adaptive attacks, computational attacks, and homomorphic attacks.
- statistical methods.
- Cryptographic protocols
- zero-knowledge protocols for identification.
- key exchange
- digital signatures, including DSA and RSA.
- electronic cash and other payment systems.
- software applications on the Internet.
Pre-requisistes and overall goals
Cryptology can be a highly mathematical subject, particularly when you want to
understand the strength of systems against an adversary. The emphasis in this
course will be on understanding cryptographic mechanisms and their
applications, and as a result every effort will be made to minimize the
mathematical pre-requisistes. Students should have a good
familiarity with modular arithmetic and some exposure to probability. The
textbook (Cryptography:
Theory and Practice, by Doug
Stinson) will serve as a reference source for students that feel their
mathematical training is lacking. Another useful reference book is the
book by Bruce Schneier: Applied Cryptography. It is unfortunately
unsuitable as a textbook. A second edition is now available.
The CS431 home page is located at http://www.swcp.com/~mccurley/course/.