Description
We cover in this course principles and practice of cryptography and network security: classical systems, symmetric block ciphers (DES, AES, other contemporary symmetric ciphers), linear and differential cryptanalysis, perfect secrecy, publickey cryptography (RSA, discrete logarithms), algorithms for factoring and discrete logarithms, cryptographic protocols, hash functions, authentication, key management, key exchange, signature schemes, email and web security, viruses, firewalls, and other topics.
Breaking News

RC4 flows found, 20130325
Last week there was disclosed a flow by University of Illinois at Chicago professor Dan Bernstein at the Fast Software Encryption conference in Singapore, in a talk titled “Failures of secretkey cryptography” – “We have found a new attack against TLS that allows an attacker to recover a limited amount of plaintext from a TLS connection when RC4 encryption is used,” they said. “The attacks arise from statistical flaws in the keystream generated by the RC4 algorithm, which become apparent in TLS ciphertexts when the same plaintext is repeatedly encrypted at a fixed location across many TLS sessions.”
Content
 CONVENTIONAL ENCRYPTION
 Classical Systems
 Conventional Encryption: DES, AES
 Contemporary Symmetric Ciphers: 3DES, RC4, RC5
 PUBLICKEY ENCRYPTION
 Introduction to Number Theory
 PublicKey Cryptography. RSA
 Key Management
 Message Authentication and Hash Functions
 Hash and Mac Algorithms
 Digital Signatures and Authentication Protocols
 AUTHENTICATION
 MAC
 Hash and message digests
 Digital signatures
 Passwords
 Kerberos
 NETWORK SECURITY
 Authentication Applications
 Electronic Mail Security
 IP Security
 Web Security
 OTHER ISSUES
 Intruders and Viruses
 Firewalls
 Digital cash
 Secret sharing schemes
 Zeroknowledge techniques
 Folklore
Literature
 Text book: Stallings, W., Cryptography and Network Security. Principles and Practice, 5th edition, Prentice Hall, 2011.
 Other sources, including: Network Security. Private communication in a public worls, Prentice Hall, 2002.
 Trappe, W., Washingotn, L.C., Introduction to Cryptography with coding theory, PearsonPrentice Hall, 2006.
 Tanenbaum, A.S., Computer Networks, 4th edition, Prentice Hall, 2003.
 Stinson, D., Cryptography. Theory and Practice, 2nd edition, CRC Press, 2002.
 Menezes, A., van Oorschot, P., Vanstone, S., Handbook of Applied Cryptography, CRC Press, 1997.
 Salomaa, A., PublicKey Cryptography, 2nd edition, SpringerVerlag, 1996.
 Papadimitriou, C., Computational Complexity, AddisonWesley, 1995.
 Koblitz, N., A Course in Number Theory and Cryptography, 2nd edition, Springer 1994.
 Bach, E., Shallit, J., Algorithmic Number Theory, Vol. I: Efficient Algorithms, 2nd printing, MIT Press, 1997.
Online resources
 Online resources of Stallings’s Cryptography and Network Security. Principles and Practice, 5th edition.
 Online resources of Tanenbaum’s Computer Networks 4th edition.
 Online resources of Menez, van Oorschot, Vanstone’s Handbook of Applied Cryptography (all chapters available online).
 Previous course page
Credits
5 sp
Components
28h lectures, optional projects, final exam.
Time and place
The course starts on March 11, 10:15 AM, aud. Fortran (A3058) ICThouse and ends by the end of April
The lectures are given every week on:
 Mondays 1012 aud. Fortran (A3058), ICThouse
 Thursdays 1315 aud. Gamma, ICThouse
Exam dates:
 24.5.2013
 07.06.2013
Prerequisites
The courses on “Programmering (grundkurs)”, “Programmering (fortsättningskurs)”, “Praktikum i programmering”, “Datastrukturer”, “Algoritmer”. Familiarity with computers, Internet, email, computer viruses and averagelevel mathematics. Advanced mathematics (including elements of number theory and finite fields) will be introduced throughout the course whenever needed.
Registration (also for the exam)
Through MinPlan.
Lecturer
Dr. Vladimir Rogojin (vrogojin at abo.fi, room B5078, ICThouse)
Department of IT, Åbo Akademi University.
Lecture slides and recommended reading
 W. Stallings – Stallings, W., Cryptography and Network Security. Principles and Practice, 5th edition, Prentice Hall, 2010
 W. Stallings, L. Brown, Computer Security. Principles and Practice, 2nd edition, Pearson Education Ltd., 2012
 Ch. Kaufman, R. Perlman, R. Speciner, Network Security. Private communication in a public worls, Prentice Hall, 2002.
 Introduction – March 11, 2013
 Classical encryption – March 14, 2013
 W. Stallings, Chapter 2: Classical Encryption Techniques
 Block ciphers and DES – March 18, 2013
 W. Stallings, Chapter 3: Block Ciphers and the Data Encryption Standard
 Block cipher operation, RC5, RC4 – March 21, 2013
 W. Stallings,
 Chapter 6: Block Cipher Operation;
 Chapter 7, Section 7.5: RC4
 Basic notions of finite fields – March 25, 2013
 W. Stallings, Chapter 4: Basic Concepts in Number Theory and Finite Fields
 Advanced Encryption Standard (AES) – March 28, 2013
 W. Stallings, Chapter 5: Advanced Encryption Standard
 Publickey cryptography and RSA – April 4, 2013
 W. Stallings, Chapter 9: PublicKey Cryptography and RSA
 Protocols for publickey management – April 8, 2013
 W. Stallings, Chapter 14
 Section 14.3: Distribution of Public Keys;
 Section 14.4: X.509 Certificates;
 Section 14.5: PublicKey Infrastructure
 Authentication protocols, digital signatures – April 11, 2013
 W. Stallings, Chapter 15: User Authentication
 DiffieHellman Key Exchange, Khan Academy, Brit Cruise
 Message authentication: MAC, hashes – April 15, 2013
 W. Stallings, Chapter 12: Message Authentication Codes
 Message authentication: MD5, SHA1, HMAC – April 18, 2013
 W. Stallings, Chapter 11: Cryptographic Hash Functions;
 W. Stallings, L. Brown,
 Section 21.1: Secure Hash Functions;
 Section 21.2: HMAC;
 Ch. Kaufman, R. Perlman, R. Speciner
 Section 5.5: MD5;
 Section 5.6: SHA1;
 Section 5.7: HMAC
 Email security: PGP and S/MIME – April 22, 2013
 W. Stallings, Chapter 18: Electronic Mail Security
 Web security, IP security, Firewalls – April 25, 2013
 W. Stallings
 Chapter 16: TransportLevel Security;
 Chapter 19: IP Security;
 Ch. Kaufman, R. Perlman, R. Speciner, Chapter 23: Firewalls
 Wireless security, Password management, Viruses – April 29, 2013
 W. Stallings, Chapter 17: Wireless Network Security;
 W. Stallings, L. Brown
 Chapter 8: Intrusion Detection;
 Chapter 6: Malicious Software
Asignments
Ask me for password