CS555 Fall 2003: Cryptography

Class Information

Final info: Friday Dec. 19, 1-3 PM (still waiting for the room). Closed books, closed notes.

Qual info: qual exam will be given on Thursday Dec. 18 at 12:00 PM in CERIAS conference room. If you have any problem with the time let me know.

Project: schedule a meeting with me in the last week of school (Dec 7-13) to discuss/demo your project. Also make sure that you email me your report 24 HOURS before our meeting.

List of projects of students (in random order)

Info about the midterm. More info about homework.

Class Information

The course is an introduction to cryptography, aimed to graduate students.

Topics we will focus on include:
  1. Concepts and principles of crypography: security services, attacks and mechanisms.
  2. Classical cryptographic systems: shift cipher, Vigenere and Vernam ciphers, Jefferson wheel cipher and the Enigma machine.
  3. Block ciphers: DES, Blowfish, AES.
  4. Public-key encryption: RSA, ElGamal.
  5. Data integrity: hash functions, MD5, SHA1, the HMAC standard.
  6. Digital signatures: RSA, ElGamal, DSA.
  7. Blind signatures. Group signatures.
  8. Authentication protocols.
  9. Key management: two-party key exchange and group key management protocols.
  10. Hybrid encryption schemes.
  11. Privacy.
  12. Applications:fair exchange, certified email, e-cash.
  13. Notions of threshold cryptography. Proactive security.
The grade will be based on written homework assignments (HW), a final project (FP), midterm (ME) and final exam (FE), as follows:
Grade = 20% * HW + 30% * FP + 20% * ME + 30% * FE.

Exams are closed books and closed notes.

Textbooks and reading list


  • Douglas R. Stinson, Cryptography (Theory and Practice), CRC Press 1995, ISBN: 0-8493-8521-0.
  • William Stallings, Cryptography and Network Security, Principles and Practice, Second Edition, Prentice Hall, 1998, ISBN: 0-13-869017-0.

Reading List:

You will also find useful:
  • Samuel S. Wagstaff, Cryptanalysis of Numeric Theoretic Ciphers, CRC 2000. ISBN 1-58488-153-4.

    Class Schedule
    • TTh 3:00-4:15pm Aug 25 - Dec 14, 2003 CS G066
    • Ramkumar Natarajan
    • Office: CS G64
    • Email: nrkATcs.purdue.edu
    • Office hours: MWF 3-4 PM in CS G64
    Mailing list

    The class mailing list is cs555. To be added to the list sent an email to mailer@cs.purdue.edu, with the body containing the text 'add your_email to cs555'.

    Academic Integrity

    Academic Honesty and Ethical behavior are required in this course, as it is in all courses at Purdue University ( here is the guide for academic integrity). The class will be conducted according to the policy written by Professor Gene Spafford. Please take the time to read it carefully. This will be followed unless I provide written documentation of exceptions.

    You are encouraged to talk with the professor about any questions you have about what is permitted on any particular assignment.

  • Lectures and Homework

    Lecture slides and homework assignments will be posted below. This is a tentative schedule of the course.

    Week Tuesday Thursday
    Aug. 25 - Aug. 29 Lecture 1 - Introduction to cryptography: security attacks, services and mechanisms, terminology, attacks on ciphers and protocols. Models of evaluating security. Lecture 2 - Introduction to cryptography: basic ciphers - description and cryptanalysis; cipher machines.
    Sept. 1 - Sept. 5 Lecture 3 - Elements of probability theory. Perfect secrecy. Entropy. Unicity distance. Lecture 4 - Symmetric encryption. Block ciphers: DES.
    Sept. 8 - Sept. 12 Lecture 5 - Symmetric encryption.Block ciphers: cryptanalysis of DES, variations of DES, IDEA, RC5, Blowfish. Lecture 6 - Symmetric encryption. Block ciphers: AES; Stream ciphers: SEAL, RC4.

    Sept. 15 - Sept. 19 Lecture 7 - Data integrity. Hash functions. MD5, SHA1. Lecture 8 - Digital rights management. Prof. Mike Atallah.
    Sept. 22 - Sept. 26 Lecture 9 - HMAC. Attacks on hash functions.

    Homework 1 returned in class
    Lecture 10 - Divisibility, GCD, LCM. Euclid's Algorithm for finding GCD.Prime and composite numbers. Distribution of prime numbers.
    Sept. 29 - Oct. 3 Lecture 11 - Congruence. Fermat's and Euclid's Theorems.Chinese Remainder Theorem.Pseudoprimes and testing for primality. Discrete logarithm.

    Lecture 12 - Public cryptography. RSA description and implementation.
    Oct. 6 - Oct. 10 Lecture 13 - Attacks on RSA. OAEP.
    Project proposal due in class.
    Oct. 13 - Oct. 17 No class (Fall break). Lecture 14 - Rabin, ElGamal. Probabilistic cryptosystems:Goldwasser-Micali.
    Oct. 20 - Oct. 24 Lecture 15 - Digital signatures: RSA, ElGamal, DSA, Schnorr. One-time digital signatures: Rabin, Merkle. Lecture 16 - Public key infrastructure: the need for authentication, X.509 Directory Authentication Service, PGP.
    Oct. 27 - Oct. 31 Lecture 17 - Key establishment: Needham-Schroeder public key protocol, Diffie-Hellman, STS, MTI. Lecture 18 - Key management: requirements, group key management, centralized and contributory protocols.
    Nov. 3 - Nov. 7 Lecture 19 - Authentication protocols, entity authentication. One time passwords, Lamport's scheme, challenge-response schemes, zero knowledge authentication protocols (Fiat-Schamir and Schnorr). Lecture 20 - Kerberos.
    Nov. 10 - Nov. 14 Lecture 21 - IPSec.

    Lecture 22 - SSL.
    Nov. 17 - Nov. 21 Lecture 23 - Identity-based cryptosystems. Dr. Ninghui Li. Lecture 24 - Secure programming. Dr. Pascal Meunier. .
    Nov. 24 - Nov. 28 Lecture 25 - Fair exchange protocols and applications. No class. (Thanksgiving.)
    Dec. 1 - Dec. 5 Lecture 26 - Secure multi-party computation. Jaideep Vaidya. Lecture 27 - Threshold cryptography.
    Dec. 8 - Dec. 12 Lecture 28 - Biometrics. Course evaluation forms will be handed. Lecture 29 - Review for final. Bring your questions to the class.

    Final Project

    Students are expected to write a proposal about the project they would like to work on. A list of possible projects will also be provided by the professor. Both theoretical and practical projects are accepted. Note that expectations are different for the two different types of projects. For theoretical projects the focus is on identifying a problem, mastering the current state of the art solution, and understanding the limitations of those solutions. Proposing a new solution is definitely encouraged, but will not necessarily affect the grade. On the other side, for a practical project, students are supposed to show a demo of their prototype, that counts toward their grade. Students with interest in systems and network security are encouraged to choose practical projects.

    Students can work alone or in pairs, working in pairs is recommended. A meeting will be scheduled with the professor to discuss what was achieved in the project and to asses the contribution of each team member to the project.


    Purdue University Department of Computer Sciences