Description
This course introduces the science and art behind the design, security analysis, implementation, and cryptanalysis of modern day cryptosystems.
First, we will examine several primitives including block ciphers and collision-resistant hash functions, which we will apply in order to design cryptosystems that protect the privacy and authenticity of data at rest and in transit. Second, we will examine how cryptography can overcome, or be harmed by, systems security concerns. Third, we will explore the state of the art in secure messaging systems that leverage public and secret key cryptography to protect communications even in the case of prior or future device compromise. Finally, we will examine the mathematical strength of block ciphers and hash functions toward common types of mathematical cryptanalysis.
First, we will examine several primitives including block ciphers and collision-resistant hash functions, which we will apply in order to design cryptosystems that protect the privacy and authenticity of data at rest and in transit. Second, we will examine how cryptography can overcome, or be harmed by, systems security concerns. Third, we will explore the state of the art in secure messaging systems that leverage public and secret key cryptography to protect communications even in the case of prior or future device compromise. Finally, we will examine the mathematical strength of block ciphers and hash functions toward common types of mathematical cryptanalysis.
General Information
Meeting times
This class meets MW 12:20-1:35pm in MCS room B21.
VPN information
Some of the textbooks and reading assignments require access to the websites of publishers like Springer, IEEE, and ACM. You will only be able to access these papers if you are on the BU network or if you VPN into it. Instructions to VPN into the BU network are located here: http://www.bu.edu/tech/services/support/remote/vpn/. Alternatively, prepending "http://ezproxy.bu.edu/login?url=" to the front of a URL allows you to view a single website through the BU network without the need to VPN.
Office hours
Office hours are typically Tu 12-2pm and Fri 3-5pm in MCS room 164.
Announcements
Course schedule
1/22/17 1:08 PM
This post will be continually updated as new readings and assignments are posted.
Part 1. The power of random-looking permutations
Week | Topic | Required reading (by the end of the week) | Additional resources | Due date |
1 | Block ciphers |
Rogaway: The Moral Character of Cryptographic Work (paper, post @7) |
| |
2 | Encrypting by enciphering |
Two related papers:
Post @13 |
| PS1 due 2/3 |
3 | MACs and hash functions | Canetti, Goldreich, and Halevi: The random oracle model, revisited (paper, post @26) |
| |
4 | Alternate designs | Post @29 (note: you have two weeks to complete this reading) |
| PS2 due 2/17 |
5 | Authenticated encryption | Many papers listed in post @29 |
|
Part 2. Cryptography meets systems: a love/hate story
Wk | Topic | Required reading | Additional resources | Due date |
6 | Protecting data at rest | (none) |
| PS3 due 3/2 |
(spring break) | ||||
7 | Padding oracles |
Egele et al: An empirical study of cryptographic misuse in Android applications (paper, post @61). Please read before lecture on Wed 3/15 |
| |
8 | Side channels | Spreitzer et al, Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices (paper, post @68) |
| PS4 due 3/24 |
Part 3. Structured forgetfulness: dropping keys before they can be stolen
Wk | Topic | Required reading | Additional resources | Due date |
9 | Delegation & group keying | (None required. Optional: Challenges in Authenticated Encryption) |
| |
10 | Authenticated key exchange |
| Test on 4/3 | |
11 | Key ratcheting & secure messaging | (none) |
| PS5 due 4/13 |
Part 4. When reductions fail: dealing with the lowest layer
Wk | Topic | Required reading | Additional resources | Due date |
12 | Randomness | (none) |
| |
13 | Cryptanalysis of AES | Herley and van Oorschot: Science, Security, and the Elusive Goal of Security as a Scientific Pursuit (paper, post @119) |
| |
14 | Final project presentations | (none) |
PS6 due 5/1 Final project report due 5/3 |
#pin
Name | Office Hours | |
---|---|---|
Mayank Varia | When? Where? |
Textbooks
Textbooks
Online resources
Online resources