CSPP 532
Public Key Infrastructure: Theory and Practice
Overview
As recently as 30 years ago, cryptography was of interest
primarily to military intelligence organizations. Now, the
continued existence of the Internet depends upon the security
and authenticity of countless communications. A new area,
public key cryptography, has emerged, and the field of number
theory, once thought the least applicable area of mathematics,
is finding new applications every day.
There are three layers to modern public key cryptography:
- The algorithms used to create cryptographic primitives,
such as:
- public key schemes (RSA)
- secure hashes (SHA)
- symmetric encryption (DES)
- random number generation
- The protocols built out of these primitives, such as:
- key exchanges
- digital signature schemes
- secret-sharing schemes
- bit commitment schemes
- data integrity schemes
- Implementations of these protocols, including PGP, SSL, and ssh
We will discuss all of the above. If one wants to understand the
uses and limitations of a public key infrastructure, one must
understand the underlying mathematical ideas.
However, cryptography does
not exist in a vacuum; the most secure scheme in the world is
worthless if it is not implemented properly.
Description
During the first lecture, we will discuss the history of cryptography.
We need to understand what cryptography could and could not achieve
prior to the work on public key systems during the 1970s. We will
then be able to discuss these recent changes.
Subsequent lectures will be divided. The first half of each class
will be devoted to mathematics: specifically, modular arithmetic,
which is fundamental much of modern public key cryptography. Topics
will include:
- Algorithmic building blocks: Euclid's algorithm, primality testing
- Cryptographic primitives: RSA, Diffie-Hellman, coin flipping
algorithms
- General protocols: bit commitment schemes, zero-knowledge proofs,
secret-sharing schemes
The second half of each class will be devoted to applications,
attacks, and other implementation issues. Topics will include:
- Specific algorithms used today: SHA, DES
- Applications: signature schemes, data integrity schemes
- Specific implementations: PGP, SSL, ssh
- Attacks: forgery, man-in-the-middle, social engineering
- Intellectual property issues, legal questions
We will close the quarter with discussions of the future of
public key infrastructure, including
the relative roles government and business
should play in the development of cryptographic protocols and the
possible effects of quantum computation and quantum cryptography.
Textbooks
Required reading
Cryptography and Network Security: Principles and
Practice, William Stallings, 1998, Prentice Hall.
This is the primary textbook, and is the book from which exercises
will be assigned. Note that this is not the
same book used in CSPP 531 during winter quarter.
PKI: A Wiley Tech Brief, Tom Austin, 2001, Wiley & Sons.
This book contains a good overview of PKI, and several case studies
which will be discussed in class.
Recommended reading
Applied Cryptography, 2nd edition, Bruce Schneier, 1995,
Wiley & Sons.
This is the definitive book on cryptographic algorithms, and
includes C source code. Available in
paperback or
hardcover. There is also a copy on 24-hour reserve in Eckhart Library.
There's no programming text for the class, but I can
recommend some references.
Implementation Details
Class will meet Tuesdays, 5:30 - 8:30 PM.
The first official meeting will be June 26, during the second week
of classes. There will be an optional tutorial meeting
on Tuesday, June 19.
The largest contributor to your grade will be weekly homework
assignments. These will include mathematics exercises taken
from the Stallings book, essay questions about implementation
issues, and programming exercises. By the end of the quarter,
you will have written a simple program which can encrypt
and decrypt messages using RSA.
There will also be a final project. This is open-ended; sample
projects might include
- Combine our cryptographic primitives to construct a protocol for
online voting
- Implement an elliptic-curve based cryptosystem
- Attach a web interface to your RSA program, and properly secure
any transmissions
- Write a factoring program and attack other students' projects
- Analyze the advantages and disadvantages of incorporating
biometrics into a public key infrastructure
My goal is to keep things open. I want you
to play to your strengths when choosing a project.
There will be a midterm exam on Tuesday, July 31.
There will be no final exam.
Office Hours
The instructor can be reached by email at
kutin@uchicago.edu. My office
is Ryerson 165A (on the first floor). I will hold office hours on
Thursdays, 5 - 6 PM, or by appointment.
Ian Cooke, the TA, will also hold office hours.
You are encouraged to direct questions to the
mailing
list. I will give extra credit to those who are helpful in
answering fellow students' questions.
Prerequisites
Some programming ability will be required. You may use any
language in which they feel comfortable, though official support
will be restricted to python and Java.
Familiarity with the material in Algorithms may be useful to
some, but it is not a prerequisite. (In fact, familiarity with this
course will be useful to you when you take Algorithms.)
A note on credit
You can use this course to satisfy either the theory (foundations)
or the integrated systems requirement. Your choice of final project
will be influenced by which kind of credit you wish to receive. (For
example, if you want theory credit, your project may include some
programming, but should not simply be a web interface attached to
your RSA code.)
When you discuss your final project with me over the course of the
quarter, please bear this in mind.