CS588: Cryptology - Principles and Applications

Recent Announcements

• 22 May: Comments on Final
• 18 May: Teaching in the Numbers for UVa's Isabelle Stanton, UVa Top News Daily, 18 May 2005.
• 5 May: Isabelle Stanton and Chalermpong Worawannotai's report on slide attacks is now in Wikipedia
• 5 May: Final; Course Improvement Survey
• 28 April: Lecture 22: Photons and MD5 Collisions (Isabelle Stanton, Chalermpong Worawannotai)
• 23 April: Lecture 21: Countermeasures, Sample Final. Paper links:
  • Nathanael Paul and David Evans. .NET Security: Lessons Learned and Missed from Java Twentieth Annual Computer Security Applications Conference (ACSAC 2004). December 6-10, 2004, Tucson, Arizona.
  • A. Appel and S. Govindavajhala. Using Memory Errors to Attack a Virtual Machine. Oakland 2003.
• 21 April: Lecture 20: Malcode. Paper links:
  • Stuart Staniford, Vern Paxson, Nicholas Weaver. How to 0wn the Internet in Your Spare Time, USENIX Security 2002.
  • The Perfect Worm: Coming soon, a cell-phone virus that will wreck your life. (Slate Magazine, 22 March 2005)
• 19 April: Lecture 19: Authentication
• 14 April: Lecture 18: Money
• 12 April: Here are slides (that weren't used in class) for the lectures on complexity: Lecture 15, Lecture 16
• 12 April: Lecture 17: Dating and Voting
• 2 April: A student at UC Santa Barbara is being charged with four felonies after breaking into the grades program: Student Hacks System to Alter Grades (Bruce Schneier's blog). Please remember that you are not permitted to attack any UVa computer or network for the grades file challenge. The only computer you may attack is my home desktop computer (you are not permitted to attack my laptop since it is often on UVa's network and very vulnerable physically).
• 1 April: This RFC, The Security Flag in the IPv4 Header, appears to solve all our security problems without needing any cryptography. As a result, the rest of this course will focus on Complexity Theory instead. (Note: you are still responsible for the cryptography material on the final. You should, however, consider revising your project topics if they are affected by this development.)
• 31 March: Jennifer Combs, Treb Farrales, Dan Mellen from Accenture's lecture on PKI Implementation in the Real World
• 29 March: Lecture 14: Public-Key Infrastructure
• 29 March: The Supreme Court will hear arguments on MGM v. Grokster today. A broadly interpreted ruling here could put encryption rights in jeopardy. A Grokster Case At a Glance (Washington Post) for background on the case.
• 28 March: DNA Key to Decoding Human Factor: Secret Service's Distributed Computing Project Aimed at Decoding Encrypted Evidence, Washington Post, 28 March 2005.
• 22 March: Here's an example of an attack on a cryptosystem that is outside our mathematical analysis: IRS employees vulnerable to hackers. Maybe IRS employees should watch Adam and Portman's movie.
• 22 March: Quiz and Answers
• 22 March: Lecture 13: Security of RSA (Squeamish Ossifrage)
• 17 March: Lecture 12: Non-secret Key Cryptosystems (How Euclid, Fermat and Euler Created E-Commerce)
• 15 March: Lecture 11: Key Distribution
• 15 March: Midterm Comments
• More MD5 Attacks Devised (SlashDot thread notices by Aleks Gershaft). This paper Finding MD5 Collisions - a Toy for a Notebook by Vlastimil Klmma describes a fast (8 hours) technique for finding MD5 collisions.
• 3 March: Midterm; Spring Break Assignment
• 1 March: PS3 Comments
• 24 February: Remember to send email today if you can attend the Saturday Law School lunch with Jim Horning and Barbara Simmons
• 24 February: Lecture 10: AES (Two Fish on the Rijndael)
• 22 February (posted 24 February): Lecture 9: Viruses and Cryptography. Paper for Lecture 9: Principles and Practise of X-raying, Fridiric Perriot and Peter Ferrie. Virus Bulletin Conference, Sept. 2004
• 22 February: Dave is out of town today and will not be able to hold office hours. I will have office hours Friday, 3:30-4:30.
• 22 February: Midterm Preparation Document (yes, you are expected to read the two papers before the midterm)
• 18 February: The question based on Chenxi Wang's lecture has been added to Problem Set 3
• 17 February: Problem Set 3
• 15 February (11pm): The comments about SHA-1 not yet being broken from Lecture 8 are no longer true! A break appears to have been found: Schneier's Blog Report; Slashdot
• 15 February: Lecture 8: Hashing
• 10 February: Lecture 7: Using Block Ciphers
• Howard Heys, A Tutorial on Linear and Differential Cryptanalysis (not required reading, but very interesting)
• 10 February: Please remember to visit the forum and provide your comments on getting notes and start discussing project ideas.
• 8 February: Lecture 6: Striving for Confusion (DES)
• 8 February: The CS588 forum is here: http://www.cs.virginia.edu/forums/ (watch out, leaving out the s is dangerous!). To post message, you need to first click "Register" in the upper right corner. (Note: I am currently negotiating with our systems staff whether you will be allowed to explore other options as a challenge problem. Until they agree, please play by the rules and don't attempt to circumvent any of phpBB's intended security measures!)
• 3 February: Lecture 5: Enigma Concluded, Introducing Modern Ciphers; Some Project Ideas
• 1 February: Lecture 4: Captain Ridley's Shooting Party (WWII Cryptanalysis), Notes
• 29 January: Question 2 is broken and has been removed from PS1. Sorry! (Everyone in the class should have received an email to cs588-students explaining this. If you did not receive it, please let me know.)
• 25 January: Lecture 2: Perfect Ciphers (in Theory, not Practice), Notes; Survey Responses; Anonymous Polling Challenge
• 23 January: Jefferson Wheel Challenge
• 20 January: Syllabus, CS588 Pledge, Lecture 1, Notes, Problem Set 1
• CS588 will be offered in Spring 2005. Class meetings will be Tuesdays and Thursdays, 9:30-10:45AM in Olsson Hall Room 005. Official course registration is now full. But, I will course action anyone into the course who has sufficient background and a good reason for wanting to take it.
• For an idea what the course is about, you can visit the previous offering's course website.

Security in the News

• Microsoft shifts tactics for security on Internet, Seattle Times, 14 Feb 2005. (Microsoft Passport)
• Another use of RFID challenge-response: Vegas casino bets on RFID , cNet News, 9 February 2005. (Doesn't say if they are using DST or something else.)
• Graduate Cryptographers Unlock Code of 'Thiefproof' Car Key, New York Times, 29 January 2005. This paper provides technical details on their technique: Steve Bono, Matthew Green, Adam Stubblefield, Ari Juels, Avi Rubin and Michael Szydlo. Security Analysis of a Cryptographically-Enabled RFID Device.
• Best-Kept Secrets: Quantum cryptography has marched from theory to laboratory to real products, Scientific American, 20 January 2005.
• FBI Tosses Carnivore to the Dogs, Wired News, 18 January 2005.

Assignments Past Due

• Sunday, 23 January, 11:59pm: Registration Survey
• Thursday, 3 February (beginning of class): Problem Set 1
• Tuesday, 15 February: Problem Set 2: SpeedyPass
• Wednesday, 16 February (3:30): Chenxi Wang Seminar on Defending against large-scale attacks on the Internet
• Thursday, 17 February: Project Preliminary Proposals (see Lecture 5) [Note: Extended two days from original deadline]
• Thursday's class will be a guess lecture on censorship-resistant publishing by Chenxi Wang from CMU. For background, read:
  • Ross Anderson, The Eternity Service, 1996.
  • Mark Waldman and David Mazieres, Tangler: A Censorship-Resistant Publishing System Based On Document Entanglements (ACM CCS 2001)
• Thursday, 24 February: Problem Set 3
• Thursday, 3 March: Midterm
• Monday, 14 March (11:59pm): Project progress email
• Thursday, 17 March (before class): Public Key Cryptography readings
• Tuesday, 22 March: Quiz on RSA (see Lecture 12) and Practical Techniques for Searches on Encrypted Data
• Thursday, 24 March: Guest lecture by Doug Szajda, University of Richmond
• Monday, 28 March (3:30 in Olsson 009): Kevin Fu, Secure content distribution using untrusted servers
• Monday, 2 Mar: Last day to email about Sneakers (see Sample Final notes)
• Tuesday, 3 May (last day of class): Project Final Reports and Presentations
• Friday, 6 May, 9:00am: SEAS Course Evaluation
• Saturday, 7 May 2005, 3:55pm: Final
• Sunday, 8 May: Course Improvement Survey

University of Virginia Department of Computer Science CS 588: Cryptology - Principles and Applications

cs588–staff@cs.virginia.edu