- 13/3. Introduction. Some classical systems for cryptography together with some cryptanalysis. The notion of security.
- 14/3. Provable secure cryptosystems (one time pads). Basics from information theory. The notion of entropy.
- 17/3 The concept of conditional entropy. Some dicussion of its property. A discussion of when the key (or the plaintext is determined by the cryptotext). A small start on DES.
- 20/3 A complete description of DES. A discussion of the parameters of DES. A descriptions of the modes of usage of DES. A description of triple-DES. An initial discussion of security of DES.
- 21/3. General methods for inverting one-way functions. An inital discussion to prepare for linear cryptanalysis of DES.
- 24/3. Linear Cryptanalysis of DES. Advanced Encryption Standard (AES) (additional information available at the official AES-page. A short description of this development effort, a description of one candidate algorithm (Rijndael) and some comparisons to DES.
- 27/3. Completed the description of Rijndael. Public key cryptography. RSA; definition of system, correctness efficiency of encryption, decryption and partly how to generate keys.
- 28/3. The RSA encryption function. Discussion of its properties (multiplicative, determinstic). Timing attacks.
- 31/3. The discrete logarithm problem, its definition and a short discussion. The El-Gamal cryptosystem. A discussion of elliptic curves and their use in cryptography.
- 3/4. The public key system by McEliece. Public key infrastructures. Digital signature basic definition and security discussion. The signatures schemes by El-Gamal and Schnorr.
- 4/4. The Schnorr identification. A taste of zero knowledge. Schnorr signatures. Collision free hash functions. The birthday paradox and extending a hash function for fixed length to arbitrary lengths.
- 10/4. Hash functions based on intractability of discrete logarithms and SHA. Key distribution. Diffie-Hellman, Kerberos.
- 11/4. Pseudo-random generators. Properties and examples. Linear feedback shiftregisters (some detail), linear congruential generators. The generator by Blum and Micali.
- 8/5. Guestlectures from outside. Anders Ingeborn from Infosec talked about some protocols used in the real world and Magnus Nyström from RSA Labs talked about secure WAP. Magnus has made his slides available electroncially.
- 9/5. Zero-knowledge proofs. The defintion of being able to simulate conversations. Some examples. Extensions to zero-knowledge arguments and computational zero-knowledge.

Sidansvarig: <johanh@nada.kth.se>

Senast ändrad 30 maj 2000

Tekniskt stöd: <webmaster@nada.kth.se>