[go: up one dir, main page]
Scribd
Upload
39 views2 pages

Syllabus409 W23gong

course crypto

Uploaded by

Quality PSAU
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
39 views2 pages

Syllabus409 W23gong

course crypto

Uploaded by

Quality PSAU
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

@G.

Gong, ECE 409, Winter 2023 1

ECE 409 - Cryptography and System Security


Winter 2023

Instructor: Professor G. Gong


Office: E7 5436, x45650, ggong@uwaterloo.ca
https://uwaterloo.ca/scholar/ggong
Office hours: TBA

Course Description: This course will provide introduction to cryptology and system security. It
covers symmetric-key cryptography, public-key cryptography, quantum/post-quantum cryptogra-
phy, cryptanalysis and attacks, side-channel attacks, network security protocols, access authenti-
cation, wireless system security, blockchain security, and applications.
Outcomes: Equip students with cryptography and security basics in modern computer systems
and with thinking adversarially about cyber systems.
Prereq Topics: Mathematical reasoning, discrete math, statistics, probability.
Prereqs: Level at least 4A Computer Engineering or Electrical Engineering or Software Engineer-
ing.
Teaching Assistant: Guiwen Luo, g27luo@uwaterloo.ca, E7 5446.

Resources
Lectures: 10:00-11:20MF, E7 5353
Tutorials: 08:30-09:50M, E7 5353
Text L.D. Chen and G. Gong, Communication System Security, CRC,
2012, and Supplemental Materials for the book.
References:
1. J. Katz and Y. Lindell, Introduction to Modern Cryptogra-
phy, 2nd edition, Chapman and Hall/CRC, 2014.

2. W. Stallings, Cryptography and Network Security: Princi-


ples and Practice (7th Edition), Pearson, 2016.

3. ECE 409 Course Notes - Available on UW-LEARN.

Course Outline

1. Introduction to cryptography and system security: cryptology, cryptanalysis, classification of


cryptosystems, and basic concepts of secure systems.
@G. Gong, ECE 409, Winter 2023 2

2. Networks, Systems and Finite Fields: Model of secure systems, types of attacks, attacking
points, trust and threat models, trusted platform, and arithmetics of finite fields.

3. Security and Pseudorandomness: Perfect secrecy, pseudorandomness, computational security,


semantic security, LFSR based pseudorandom generation, and correlation attacks.

4. Symmetric-key Cryptographic Systems: design principles, cipher systems (WG, AES, SHA,
MAC), birthday attacks, and time-memory trade-off attacks.

5. Public-key Cryptographic Systems: arithmetic operations, discrete logarithm and integer


factorization algorithms, learning with error, public-key systems (RSA, DH, DSS, ECC, and
FHE), hashing chain authentication, and faulty attacks.

6. Implementing Secure Systems: infrastructure support, key generation, cryptographic algo-


rithm specifications, PKI and X.509 certificates, and side-channel attacks.

7. Network Security Protocols: the man-in-the-middle attacks, mutual authentication, key es-
tablishment, security association, network security protocols (IPsec, TLS), and attacks on
TLS.

8. Access Authentication: basic concepts in access authentication, wireless access authentication


and key agreement (AKA), AAA, and attacks on password based authentication.

9. Wireless System Security: air link protection (3G/4G-LTE), IEEE 802.11 security solutions
(flawed WEP, CCMP), jamming, and location service attacks.

10. Applications and Special Topics: IoT, blockchain and cryptocurrency, and privacy preserving
machine learning.

Tutorial Description: Question and answer on material covered in lectures and homework as-
signment, and problem solving skills.
Course Grading: The overall grade is based on one midterm exam, one course project (individual
or 2-person group), and one final exam. For the project, a list of the project problems will be
provided. However, self-proposed projects will be accepted after the approval. Program demo and
a report of 5-10 pages is a must to obtain the score.
Other Resources

• Schneier on Security, http://www.schneier.com/blog/. A blog covering current computer


security and privacy issues.

• BugTraq, http://www.securityfocus.com/archive/1. A full disclosure moderated mailing list


for the detailed discussion and announcement of computer security vulnerabilities.

You might also like