CS588: Cryptology - Principles and Applications, Fall 2001
CS588: Cryptology - Principles and Applications Fall 2001
See below for earlier announcements.
- 3 Jan: SEAS Course Evaluation Report
- 17 Dec: Enjoy your break!
- 17 Dec: Project Reports
- 17 Dec: Final Comments
- 10 Dec: Sneakers will be shown somewhere in Olsson Hall at 10:00 PM
- 6 Dec: Jefferson Wheel Challenge Solution!
- 5 Dec: Final (due 10 Dec)
- 5 Dec: Manifest, Avi Rubin's Home Page
- 3 Dec: Project Presentations
- 2 Dec: Problem Set 5 Selected Answers (will be handed out on paper Monday)
- 29 Nov: David Friedman and Keen Browne's article in the Cavalier Daily: Cyber-terrorism: More nuisance than threat
- 28 Nov: Project Presentations
- 26 Nov: Lecture 19: Firewalls and Intrusion Detection, Manifest, Survey
- 19 Nov: Lecture 18: Malcode Countermeasures, Manifest
- 18 Nov: Some responses to PS4
- 15 Nov: Jon Erdman and Michael Neve's article in the Cavalier Daily: How are your Internet secrets being protected?
Stephen Liang and Eric Peeters
Security in the News
- Tiny Slices Of Opportunity for Jobless Techies, Washington Post, 6 Jan 2002.
- GovNet Proposal Sparks Plenty of Ideas, Debate, Washington Technology, 10 Dec 2001.
- National ID Card Gaining Support, Washington Post, 17 Dec 2001.
- Cyberdefense Skills Shortage Identified: Network-security and disaster-recovery expertise in short supply, survey says, InformationWeek, 3 Dec 2001.
- Goner worm spreads, tries to delete firewalls, InfoWorld, 4 Dec 2001.
- Bills Would Boost Electronic Security Research Funding, Newsbytes, 3 Dec 2001.
- 2 Copyright Cases Decided in Favor of Entertainment Industry, New York Times, 29 Nov 2001.
- The root of the problem: Bad software, CNet News, 28 Nov 2001. (Inteview with Gary McGraw) [Excerpt: You write a lot about the lack of security education in the computer science field. What should be done to bridge the education gap? One thing is that some universities are beginning to teach security, sometimes even software security--UC Davis, the University of Virginia, Purdue, Princeton. And then, the fact is that the world is catching on.]
- Ban on DVD-cracking code upheld, CNet News, 28 Nov 2001.
- Will Spyware Work?, Technology Review, December 2001. (Mentions Jefferson cipher and Gary McGraw in same paragraph!)
- Digital Cash Payoff, Technology Review, December 2001.
- Google, others dig deep--maybe too deep , CNet, 26 Nov 2001. (Mis-quotes Gary McGraw, see his posting in RISKS)
- Cyberspace Seen as Potential Battleground; Attacks at Hubs Could Disrupt Phone Lines, New York Times, 23 Nov 2001. [Noticed by David Friedman]
- FBI software cracks encryption wall: "Magic Lantern" part of new "Enhanced Carnivore" project, MSNBC, 20 Nov 2001. [Noticed by Rob Farraher]
- A Cryptanalysis of the High-bandwidth Digital Content Protection System, Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song and David Wagner. [Noticed by Josh Sarfaty]
- To Forestall a 'Digital Pearl Harbor,' U.S. Looks to System Separate From Internet, New York Times, 17 Nov 2001.
- Internet could be shut down by hackers, warn experts, ZDNet UK, 14 Nov 2001.
- Police get sweeping access to net data, The Guardian (UK), 7 Nov 2001.
- For Clarke, a Career of Expecting the Worst Newly Appointed Cyberspace Security Czar Aims to Prevent 'Digital Pearl Harbor' , Washington Post, 3 Nov 2001.
- Microsoft admits flaw in Passport, MSNBC, 2 Nov 2001.
- Ruling a blow for DVD industry: Free speech wins over trade protection, Silicon Valley, 2 Nov 2001.
- Cyber-Security Bill Planned By House Committee, Newsbytes, 31 Oct 2001.
- Veiled Messages of Terrorists May Lurk in Cyberspace, New York Times, 30 Oct 2001.
- Thawte's Digital Certificate Centre [noticed by Rob Farraher]
- DMCA Protester Cracks Microsoft's Copyright Protection Code, Washington Post, 19 Oct 2001.
- Microsoft's digital rights management scheme cracked, The Register, 19 Oct 2001.
- U.S. Seeks To Build Secure Online Network, Washington Post, 11 Oct 2001.
- These two articles mention Professor Wulf's testimony before Congress:
- Should the government get its own Net?. ZD Net News, 11 Oct 2001.
- New encryption laws for e-mail unlikely, SF Chronical, 6 Oct 2001.
- Securing the Lines of a Wired Nation, New York Times, 4 Oct 2001.
- Your stolen Passport, ZDNet, 26 Sept 2001. [noticed by Mike Tashbook]
- Tripping the Rippers, CNET.com, 28 Sept 2001.
- How technology is used to mask communications, Sillicon Valey, 1 Oct 2001.
- FBI names 20 most-wanted security flaws, ZDNnet, 2 October 2001. [noticed by Chris Marinak]
- Key Eschrow Comic [noticed by Mike Tashbook]
- Internet Board Focuses on Security, New York Times, 27 Sept 2001.
- In the Next Chapter, Is Technology an Ally?, New York Times, 27 Sept 2001 (panel discussion including Whitfield Diffie).
- Sun leads challenge to Microsoft's web ID system, Financial Times, 26 Sept 2001.
- Wiretap Bill Gets Third Degree, Wired, 26 Sept 2001.
- Hackers face life imprisonment under 'Anti-Terrorism' Act, SecurityFocus, 23 Sep 2001. As a "Federal terrorism offense," the five year statute of limitations for hacking would be abolished retroactively -- allowing computer crimes committed decades ago to be prosecuted today -- and the maximum prison term for a single conviction would be upped to life imprisonment.
- Tech's Double-Edged Sword, and Did Encryption Empower These Terrorists? And would restricting crypto have given the authorities a change to stop these acts?. Steven Levey, Newsweek, 24 Sept 2001.
- Oracle boss urges national ID cards, offers free software, SiliconValley, 22 Sept 2001.
- Digital moles in White House? Terrorists had top-secret presidential codes, WorldNetDaily, 20 Sept 2001. I suspect this is not true, but frightening if it is.
- U.S. could use cybertactics to seize bin Laden's assets, ComputerWorld, 20 Sept 2001.
- To Attacks' Toll Add a Programmer's Grief, Washington Post, 21 Sept 2001. About Phil Zimmermann and PGP. (Phil Zimmermann's comments on this article)
- Microsoft's Passport Sign-On System Will Work on Rival Sites , New York Times, 20 Sept 2001.
- Bin Laden exploits technology to suit his needs, CNN, 21 Sept 2001.
- Terrorists' Online Methods Elusive: U.S. Agencies Seek Experts' Help in Tracing Encrypted Messages, Washington Post, 19 Sept 2001. [Noticed by Portman Wills]
- Quantum Encryption: Protected by the Laws of Nature, NewsFactor, 12 Sept 2001.
- Information Security Will Be Key With Lawmakers, ComputerWorld, 14 Sept 2001.
- Privacy Trade-Offs Reassessed, Washington Post, 13 Sept 2001.
- FBI Issues Cyberthreat Advisory, PC World, 13 Sept 2001.
- Congress Mulls Stiff Crypto Laws, Wired, 13 Sept 2001.
- Anti-Attack Feds Push Carnivore, Wired, 12 Sept 2001.
- National Security Nightmare, CBS News, 29 Aug 2001. "The key to this business is actually doing what your adversary believed to be impossible." - General Mike Hayden, NSA director. [Noticed by Lim Vu]
- Quantum Crypto to the Rescue, Wired, 7 Sept 2001.
- European Parliament OKs Spy Plan, Yahoo! News, 5 Sept 2001. The European Parliament has voted to set up a network to encrypt traffic from monitoring by Echelon.
- Internet security cannot be left to technologists alone, Financial Times, 5 Sept 2001.
- Law Enforcers Report Spike in Cybercrime, USA Today, 31 Aug 2001.
- Russia Warns Computer Experts on US Travel, Silicon Valley, 31 Aug 2001.
- Copywrong?, Salon, 31 August 2001. On the DMCA.
- Code Red cost estimated at $2.6 Billion, CNET News, 31 August 2001.
- Microsoft e-book Security in Doubt, CNET News, 31 August 2001.
- Sysadmin spy left digital trail, The Register, 30 August 2001. [Noticed by Ken Pickering]
- How do you fix a leaky Net?, Salon, 29 August 2001.
- 13 Nov: Problem Set 5 now available - read the directions carefully
- 12 Nov: Lecture 17: Malcode, Manifest, Michael Neve and Eric Peeters' Matlab code for Beer Bottle Enciphering and Deciphering
- 7 Nov: Lecture 16: Blocking and Catching Photons, Manifest
- 7 Nov: Michael Neve and Eric Peeters will present the Beer Bottle Cipher decryption algorithm in class on Monday 12 Nov
- 7 Nov: Roger Clarke's Dataveillance and Information Privacy Pages (recommended in Laura Brown's guest lecture)
- 1 Nov: Two new challenges are now open: Zero-Knoweldge Coloring Proofs, Rivest's Beer Bottle Cipher (Please remember to pay attention to the Beale Papers quote before attempting these!)
- 1 Nov: All the project proposals are now available. I encourage you to peruse other groups proposals.
- 31 Oct: Midterm Discussion
- 31 Oct: Lecture 15: Oblivious Transfer and Trick-or-Treat Protocols, Manifest, Coloring Practice
- 30 Oct: Monday, 5 Nov's class will be a guest lecture by Laura Brown from Ernst & Young
- 29 Oct: Matthew Mah found a serious vulnerability in the anonymous tallying protocol answer in PS3
- 28 Oct: Monday's class will be a guest lecture by Gary McGraw
- 28 Oct: Problem Set 4
- 22 Oct: Lecture 14: Randomness, Digital Cash, Manifest, Midterm Preparation, Flood Document
- 20 Oct: The TAs will hold a midterm review session Monday, October 22 at 7pm in Olsson 005.
- 15 Oct: Problem Set 3 Selected Answers (Anthony will give you a printout when you pick up your PS3)
- 11 Oct: Jon Erdman has solved 3b (below). He will present his solution in class Oct 22.
- 10 Oct: Last Year's Midterm - This will be good preparation for this year's midterm. You are permitted to look at the answers, but it is strongly recommended that you try and solve the problems yourself first. (Note that students had 2 hours for the midterm last year. This year you will have the normal class period, so the exam will be shorter. Note also that there was no answer to 3b. The first person who produces a really good original answer to 3b gets a perfect score on this year's midterm without taking it.)
- 10 Oct: Lecture 13: Better Authentication Protocols, Digital Cash, Manifest
- 8 Oct: Rob Farraher found this three-level certificate
- 8 Oct: Lecture 12: Public Key Protocols, Authentication, Manifest
- 4 Oct: Adam Sowers found a three-level certificate
- 3 Oct: Humilation-Free Partnering Challenge is now open (but we didn't get far enough in lecture 11 to introduce it)
- 3 Oct: Lecture 11: Birthday Paradox, Manifest
- 2 Oct: Jefferson Wheel Challenge Hints
- 1 Oct: Last Year's Final (This came up in response to the question about legality of digital signatures. You're free (encouraged) to look at this. The final this year will be different, of course.)
- 1 Oct: Lecture 10: Certificates and Hashing, Manifest, Quiz
- 26 Sept: Lecture 9: Squeamish Ossifrage, Manifest
- 25 Sept: Some errors in Problem Set 2, question 2c have been corrected. (There are "ten" encrypted messages, not seven; and the "either" in the last paragraph was ungrammatical. This doesn't change the substance of the question.) A more important clarification (the reflector is not an involution, unlike in real Enigma machines) was sent to the cs588-students list.
- 24 Sept: Lecture 8: RSA [PPT] [PDF], Manifest
- 19 Sept: Lecture 7: Key Distribution [PPT] [PDF], Manifest
- 17 Sept: Lecture 6: Modern Block Ciphers (AES) [PPT] [PDF], Manifest
- 14 Sept - Danny Loffredo's office hours will now be on Tuesdays from 5:30-6:30.
- 12 Sept - Lecture 5: DES Use and Analysis [PPT] [PDF], Manifest
- 10 Sept - Lecture 4: Block Ciphers [PPT] [PDF], Manifest
- 7 Sept - Project Teams
- 5 Sept - Lecture 3: Vigenere, Enigma [PPT] [PDF], Manifest, Project Ideas, Preliminary Project Proposal
- 3 Sept - The in text ciphertexts for Problem Set 1 were wrong! The correct ciphertexts are in the linked text files. (Sorry!)
- 3 Sept - Lecture 2: Perfect Ciphers, Entropy, Unicity [PPT] [PDF], Manifest, Notes
- 2 Sept - Anthony Wood will hold office hours on Thursdays 12:45-1:45 in the CS Reading Room. Danny Loffredo has office hours Tuesdays 3:30-4:30 in the CS Reading Room. David Evans has office hours Tuesdays 10:30-11:30am and Wednesdays after class in Olsson 236A (but will not have office hours this Tuesday).
- 2 Sept - Everyone in the class should have received this email
- 30 August - Challenge 1 (Jefferson Wheel Cipher) now open
- 29 August - TA Danny Loffredo has provided some C++ code you may find helpful for Problem Set 1, Question 3c.
- 29 August - Lecture 1 [PDF, PPT], Manifest, Problem Set 1
- Course Syllabus
- Last Year's Course
Assignments Past Due
- Friday, 31 August: Problem Set 0 (Registration Survey)
- Monday, 10 September: Problem Set 1
- Before 21 September: Email or talk to Dave about your project topic ideas
- Wednesday, 26 September: Problem Set 2
- Monday, 1 October: Preliminary Project Proposal
- Wednesday, 10 October: Problem Set 3
- Wednesday, 24 October: Midterm
- Monday, 29 October: Project Proposals
- Monday, 5 November: Problem Set 4 (Topic Email)
- Monday, 12 November: Problem Set 4 (Final)
- Monday, 26 November: Problem Set 5
- Monday, 10 December, 5:00 PM: Take-Home Final Due
University of Virginia
Department of Computer Science
CS 588: Cryptology - Principles and Applications