CS 568 | Class Profile

Course Information
Staff
Resources

Description

This course introduces the science and art behind the design, security analysis, and implementation of modern day cryptosystems that protect privacy and authenticity of data at rest, in transit, and during use. We will see how cryptosystems evolved to withstand systems-level threats and mathematical cryptanalysis.

General Information

Meeting times

This class meets Tuesdays and Thursdays at 5:00-6:15pm in room PHO 211.

All registered students should also attend one of the recitation sections in MCS B23 on Friday at 11:15am-12:05pm, 12:20-1:10pm, or 1:25-2:15pm.

VPN information

Some of the textbooks and reading assignments require access to the websites of publishers like Springer, IEEE, and ACM. You will only be able to access these papers if you are on the BU network or if you VPN into it. Instructions to VPN into the BU network are located here: http://www.bu.edu/tech/services/support/remote/vpn/. Alternatively, prepending "http://ezproxy.bu.edu/login?url=" to the front of a URL allows you to view a single website through the BU network without the need to VPN.

Announcements

Course schedule

1/20/19 10:41 PM

This post will be continually updated as new readings and assignments are posted.

Part 1. Protecting data at rest

Week	Topic	Textbook reading	Discussion?	Lab?
1	Unpredictability	The Handbook on Applied Crypto, sections 1.1-1.2. This text concisely lists the types of security concerns that we will study in this course. Security Engineering, sections 5.1-5.2. This text summarizes early ciphers. Encryption & Regulation. Short blog post summarizing the types of crypto we will consider and some of the laws/regulations that impact it.	Yes	Lab 1 due 1/28
2	Block ciphers	Avanzi: A Salad of Block Ciphers. Read sections 1.1, 1.2, and 1.7 (pages 21-28 and 40-42). Read or (better) listen to NPR's Planet Money episode 773 about pseudorandomness gone wrong.	Yes	Lab 2 due 2/4
3	Message authentication	A Graduate Course in Applied Cryptography, read chapter 6 through the end of 6.4.1 (pages 212-226).	Yes. (Change of plans: no required reading.)	Lab 3 due 2/11
4	Encryption via enciphering	Introduction to Modern Cryptography, Sections 4.1 through 4.7.	Yes	Lab 4 due 2/18
5	(Test on February 21)	The Block Cipher Companion, Sections 4.1 through 4.4 and also Sec 4.6. Everything here should be review except for CFB and OFB modes (Sec 4.2.1 and 4.2.2); just ignore those.	No	None

Part 2. Attacking data at rest

Week	Topic	Reading	Discussion?	Lab?
6	Side channel attacks	Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices	Yes. Read the required reading assignment beforehand.	Lab 5 due 3/8
7	Authenticated encryption	A Graduate Course in Applied Cryptography, Sections 9.1-9.6.	No. Enjoy your spring break!	(Still Lab 5)

Part 3. Protecting data in transit

Week	Topic	Reading	Discussion?	Lab?
8	Authenticated key exchange	Designing [the Kerberos] Authentication System Defective Sign & Encrypt	Yes	Lab 6 due 3/25
9	Key evolution	Itkis' survey on Forward security EFF blog post on security, privacy, and anonymity properties one might want in a messaging system	Yes. Read beforehand pages 1-9 and 29-32 of Rogaway's The Moral Character of Cryptographic Work.	Lab 7 due 4/1

Part 4. Crypto law and policy

Week	Topic	Reading	Discussion?	Lab?
10	Encryption and law	Orin Kerr's Computer Crime Law. Read chapter 1.	Yes	Lab 8 due 4/8
11	Crypto and privacy	Cohen and Park, Compelled Decryption and the Fifth Amendment. Read sections 1-4.	No	Lab 9 due 4/15

Part 5. Final topics

Week	Topic	Reading	Discussion?	Lab?
12	Protecting passwords	The Hash Function BLAKE, Sections 1.1, 2.1, 2.2, and 2.4.	Yes	Lab 10 due 4/24
13	Cryptanalysis	The Block Cipher Companion, chapters 6-7 Yakoubov, A gentle introduction to garbled circuits	Yes	Lab 11 due 5/1
14	Protecting data while computing	Fuller et al. Cryptographically protected database search	No