| 
BASIC CONCEPTS
- The need for security services in today's computer networks
 | Threats to computer security. | | Security services in computer networks and relationships among them:  | confidentiality, integrity, authentication, non-repudiation | | identification, access control, auditing. | | | Electronic commerce and other applications of security services in today's computer networks. | | Survey of domestic and foreign cryptographic products. | | Shamir's "ten commandments" of commercial security. |
Basic concepts of cryptology | Cryptosystem, plaintext, ciphertext, key. | | Examples of simple cryptosystems. | | To publish or not to publish? | | Secret and open research in cryptology. | | Software vs. hardware implementations of cryptography. | | Evolution of cryptography and cryptanalysis. |
Types of cryptosystems. Implementation of security services | Classical (symmetric) vs. public key (asymmetric) cryptosystems. | | Trapdoor one-way functions - main components of public key cryptosystems. | | Features required from today's ciphers. | | Implementing security services using cryptographic transformations. | | Block vs. stream ciphers. | | Measures of the cipher strength. |
CLASSICAL CRYPTOALGORITHMS
Historical ciphers | Substitution ciphers | monoalphabetic | | polyalphabetic | | running-key | | polygram | | homophonic | | | Transposition ciphers. | | Breaking ciphers using frequency analysis. | | Shannon's theory of perfect secrecy and its practical implications. One-time pad. | | Product ciphers. |
Data Encryption Standard - first attempt to standardize protection of information in public computer networks | History of the cryptosystem - the NBS-NSA-IBM roles. | | Acceptance by government and commercial sectors. | | Main features of the algorithm. | | Design criteria. | | Differential and linear cryptanalysis. | | Vulnerability to the exhaustive key search attack | | Triple DES. | | Modes of operation. | | Security of different operational modes. |
Other symmetric-key block ciphers | IDEA, RC5, Blowfish, DESX, Skipjack. | | Fast software encryption cryptoalgorithms. | | Minimal key lengths for symmetric-key ciphers. |
Implementing secret-key block ciphers | General software and hardware architectures. | | Implementing basic component operations in software and hardware. | | Fast hardware architectures | loop unrolling | | inner-round pipelining | | outer-round pipelining | | mixed inner- and outer-round pipelining | | | Limitations imposed by various implementation environments. |
Development of the new Advanced Encryption Standard - AES | Rules of the contest | | Evaluation criteria | | AES candidate algorithms | | Comparing AES candidates | Security | | Efficiency in software | | Efficiency in hardware | | Flexibility | | | Evaluation process |
PUBLIC KEY CRYPTOALGORITHMS
RSA (Rivest, Shamir, Adleman) cryptosystem - first successful public key cryptosystem | Genesis of RSA. | | RSA as a trapdoor one-way function. | | Factorization as a basis of the RSA security | factorization records | | factoring big numbers using a distributed network of computers | | RSA challenges | | | Recommended key sizes for the RSA cryptosystem. |
Key generation in the RSA cryptosystem | General purpose vs. special purpose factoring algorithms. | | RSA for paranoids. | | Strong primes | | Probabilistic tests for primality. | | Deterministic tests for primality. | | Constructing large random primes. |
Format of the RSA messages - secure padding | recovering RSA-encrypted messages without the knowledge of the private key. | | PKCS v. 1.5 padding for encryption. | | Bleichenbacher's attack | | Optimal Assymetric Encryption Padding. |
Implementing public-key ciphers | Basic exponentiation algorithm. | | Using Chinese Remainder Theorem for fast exponentiation. | | Basic algorithms for multiplication and modular reduction in software. | | Basic architectures for multiplication and modular reduction in hardware. | | Dependence between the key size and the times of cryptographic transformations. | | Survey of existing RSA implementations. |
SECURITY SERVICES
Digital signatures. Digital Signature Standard | Classification of digital signatures. | | Attacks against digital signatures. | | Secure padding for signatures. | | Digital Signature Standard (DSS). | | Comparative analysis of RSA and DSS - security, performance, functionality. | | Legal issues concerning digital signatures - Utah Digital Signature Act, California signature law, legislation in other states. | Data integrity and authentication - two faces of the same problem. Hash functions and MACs | Requirements for secure hash functions. | | Classification of hash functions. | | Attacks against hash functions. | | Standard and non-standard applications of hash functions. | digital signatures and authentication codes | | virus detection | | password storage | | fast encryption | | | Families of hash function algorithms and their security | | Requirements for Message Authentication Code (MAC). | | Families of MACs and their security. | | Authentication combined with confidentiality.
|
KEY MANAGEMENT
Exchange of keys for symmetric-key cryptosystems | Session keys and key encrypting keys. | | Exchange of keys using Key Distribution Center. | | The Diffie-Hellman key exchange protocol. | | Exchange of symmetric keys using public key cryptosystems. |
Public key certificates (digital IDs) and infrastructure of Certification Authorities | Generation and registration of the public key pair. | | Concept of a public key certificate. | | Formats of certificates (X.509, EDIFACT, etc.). | | Hierarchy of Certification Authorities - Public Key Infrastructure. | | Certificate revocation. |
American and international cryptographic standards | Standard organizations. | | Main groups of cryptographic standards: | federal standards | | ANSI standards | | IEEE standards | | ISO standards | | informal industry standards. | | | Classical cryptography standards. | | Public-key cryptography standards. |
Secure Internet Protocols | Secure electronic mail | S/MIME | | Open PGP | | | Secure WWW | SSL | | S-HTTP | | | Secure payment card protocols | SET | | electronic cash | | micropayments | | | Secure virtual private networks | IPSec | | PPTP | |
Export and import control of cryptographic devices | Evolution of the U.S. policy. | | Current U.S. regulations. | Additional topics (discussed if the time permits)
KEY ESCROW SCHEMES - CRYPTOGRAPHY AND LAW ENFORCEMENT
Clipper Chip and alternative key escrow systems | Genesis of the idea. | | Clipper procedure for the law-enforced wiretapping. | | Skipjack algorithm. Clipper protocol and key generation procedure. | | Blaze's attack. | | Alternatives to the Clipper chip: | Micali's fair public key cryptosystems. | | Other key-escrow schemes. | | Discussion - Is the enforced by law wiretapping a good way to protect society from criminals? | |
QUANTUM CRYPTOGRAPHY AND QUANTUM COMPUTING
Quantum cryptography - cryptography of the XXI century? | Basic concept of quantum cryptography - Heisenberg principle translated into an ideal security. | | First practical implementations of quantum cryptography - performance, cost, current constraints. | | Towards a quantum computer. | | Breaking ciphers using quantum computers - dream or reality? | | Will physics replace mathematics as a basis for computer-network security? | | Current research trends in cryptology and computer-network security. | |
