Computer Science 4730 --  Applied Cryptography  

Test 2 -- Review

 

1. Number Theory

Fermat's and Euler's theorems, relevance to public key cryptography
Testing for primality: Miller-Rabin algorithm and repeated use, Chinese remainder Theorem
Discrete logarithms, calculational complexity
 

2. Public Key Cryptography and Key Management

Basic principles of public key cryptography, terminology, uses (encryption, digital signature, key exchange)
Requirements: key generation, encryption & decryption, infeasibility to recover message or private key
RSA algorithm: based on Fermat's Theorem for mod p*q,  details of making private & public keys,
            encryption, decryption; efficient calculation methods; security and effort to break
Key management: distribution methods for public keys, public-key use to distribute secret keys
Diffie-Hellman key exchange
Elliptic curve arithmetic and cryptography; use for key exchange; challenge for encryption
 

3. Message Authentication and Message Hashing

Message authentication: definition,  principles and terminology, requirements  
Authentication by message encryption: secret key, public key, disadvantages & weaknesses:
Ways of using hash functions to support message and sender authentication
Message Authentication Codes (MACs): definition, versus digital signature, uses, role of hash functions;
            requirements, DES-based MACs (X9.17) -- algorithm details
Hash functions: requirements, weak models with XOR, birthday attacks, block chaining methods, security analysis
Hash algorithms: MD5, SHA-1, RIPEMD; general model (message padding & size, 32-bit adds, mix functions);  
            differences (result size, big/little-endian, 4/5 registers, shifts, constants, word permutations)  
HMAC: building a MAC from a hash algorithm, HMAC structure and calculation
           

5. Digital Signatures and Authentication

Digital signature principles: purpose, properties, requirements  
Direct digital signature: only sender & receiver, methods & weakness, secret key and public key methods
Arbitrated digital signature: requires trusted 3^rd party (arbiter), approaches, message visibility to arbiter?
Authentication protocols: definition, Needham-Schroeder and Denning secret key, Denning public key
One-way authentication: for E-mail, no receiver feed-back
DSS: RSA vs DSS; global public-key components (p, q, g), user private key (x), public key (g^x mod p);  
            signing algorithm (r, s); verifying algorithm (w, u1, u2, v=r)