Classical Cryptography / 1: |
Introduction: Some Simple Cryptosystems / 1.1: |
The Shift Cipher / 1.1.1: |
The Substitution Cipher / 1.1.2: |
The Affine Cipher / 1.1.3: |
The Vigenere Cipher / 1.1.4: |
The Hill Cipher / 1.1.5: |
The Permutation Cipher / 1.1.6: |
Stream Ciphers / 1.1.7: |
Cryptanalysis / 1.2: |
Cryptanalysis of the Affine Cipher / 1.2.1: |
Cryptanalysis of the Substitution Cipher / 1.2.2: |
Cryptanalysis of the Vigenere Cipher / 1.2.3: |
Cryptanalysis of the Hill Cipher / 1.2.4: |
Cryptanalysis of the LFSR Stream Cipher / 1.2.5: |
Notes / 1.3: |
Exercises |
Shannon's Theory / 2: |
Introduction / 2.1: |
Elementary Probability Theory / 2.2: |
Perfect Secrecy / 2.3: |
Entropy / 2.4: |
Huffman Encodings / 2.4.1: |
Properties of Entropy / 2.5: |
Spurious Keys and Unicity Distance / 2.6: |
Product Cryptosystems / 2.7: |
Block Ciphers and the Advanced Encryption Standard / 2.8: |
Substitution-Permutation Networks / 3.1: |
Linear Cryptanalysis / 3.3: |
The Piling-up Lemma / 3.3.1: |
Linear Approximations of S-boxes / 3.3.2: |
A Linear Attack on an SPN / 3.3.3: |
Differential Cryptanalysis / 3.4: |
The Data Encryption Standard / 3.5: |
Description of DES / 3.5.1: |
Analysis of DES / 3.5.2: |
The Advanced Encryption Standard / 3.6: |
Description of AES / 3.6.1: |
Analysis of AES / 3.6.2: |
Modes of Operation / 3.7: |
Notes and References / 3.8: |
Cryptographic Hash Functions / 4: |
Hash Functions and Data Integrity / 4.1: |
Security of Hash Functions / 4.2: |
The Random Oracle Model / 4.2.1: |
Algorithms in the Random Oracle Model / 4.2.2: |
Comparison of Security Criteria / 4.2.3: |
Iterated Hash Functions / 4.3: |
The Merkle-Damgard Construction / 4.3.1: |
The Secure Hash Algorithm / 4.3.2: |
Message Authentication Codes / 4.4: |
Nested MACs and HMAC / 4.4.1: |
CBC-MAC and Authenticated Encryption / 4.4.2: |
Unconditionally Secure MACs / 4.5: |
Strongly Universal Hash Families / 4.5.1: |
Optimality of Deception Probabilities / 4.5.2: |
The RSA Cryptosystem and Factoring Integers / 4.6: |
Introduction to Public-key Cryptography / 5.1: |
More Number Theory / 5.2: |
The Euclidean Algorithm / 5.2.1: |
The Chinese Remainder Theorem / 5.2.2: |
Other Useful Facts / 5.2.3: |
The RSA Cryptosystem / 5.3: |
Implementing RSA / 5.3.1: |
Primality Testing / 5.4: |
Legendre and Jacobi Symbols / 5.4.1: |
The Solovay-Strassen Algorithm / 5.4.2: |
The Miller-Rabin Algorithm / 5.4.3: |
Square Roots Modulo n / 5.5: |
Factoring Algorithms / 5.6: |
The Pollard p - 1 Algorithm / 5.6.1: |
The Pollard Rho Algorithm / 5.6.2: |
Dixon's Random Squares Algorithm / 5.6.3: |
Factoring Algorithms in Practice / 5.6.4: |
Other Attacks on RSA / 5.7: |
Computing [phi] (n) / 5.7.1: |
The Decryption Exponent / 5.7.2: |
Wiener's Low Decryption Exponent Attack / 5.7.3: |
The Rabin Cryptosystem / 5.8: |
Security of the Rabin Cryptosystem / 5.8.1: |
Semantic Security of RSA / 5.9: |
Partial Information Concerning Plaintext Bits / 5.9.1: |
Optimal Asymmetric Encryption Padding / 5.9.2: |
Public-key Cryptography and Discrete Logarithms / 5.10: |
The ElGamal Cryptosystem / 6.1: |
Algorithms for the Discrete Logarithm Problem / 6.2: |
Shanks' Algorithm / 6.2.1: |
The Pollard Rho Discrete Logarithm Algorithm / 6.2.2: |
The Pohlig-Hellman Algorithm / 6.2.3: |
The Index Calculus Method / 6.2.4: |
Lower Bounds on the Complexity of Generic Algorithms / 6.3: |
Finite Fields / 6.4: |
Elliptic Curves / 6.5: |
Elliptic Curves over the Reals / 6.5.1: |
Elliptic Curves Modulo a Prime / 6.5.2: |
Properties of Elliptic Curves / 6.5.3: |
Point Compression and the ECIES / 6.5.4: |
Computing Point Multiples on Elliptic Curves / 6.5.5: |
Discrete Logarithm Algorithms in Practice / 6.6: |
Security of ElGamal Systems / 6.7: |
Bit Security of Discrete Logarithms / 6.7.1: |
Semantic Security of ElGamal Systems / 6.7.2: |
The Diffie-Hellman Problems / 6.7.3: |
Signature Schemes / 6.8: |
Security Requirements for Signature Schemes / 7.1: |
Signatures and Hash Functions / 7.2.1: |
The ElGamal Signature Scheme / 7.3: |
Security of the ElGamal Signature Scheme / 7.3.1: |
Variants of the ElGamal Signature Scheme / 7.4: |
The Schnorr Signature Scheme / 7.4.1: |
The Digital Signature Algorithm / 7.4.2: |
The Elliptic Curve DSA / 7.4.3: |
Provably Secure Signature Schemes / 7.5: |
One-time Signatures / 7.5.1: |
Full Domain Hash / 7.5.2: |
Undeniable Signatures / 7.6: |
Fail-stop Signatures / 7.7: |
Pseudo-random Number Generation / 7.8: |
Introduction and Examples / 8.1: |
Indistinguishability of Probability Distributions / 8.2: |
Next Bit Predictors / 8.2.1: |
The Blum-Blum-Shub Generator / 8.3: |
Security of the BBS Generator / 8.3.1: |
Probabilistic Encryption / 8.4: |
Identification Schemes and Entity Authentication / 8.5: |
Challenge-and-Response in the Secret-key Setting / 9.1: |
Attack Model and Adversarial Goals / 9.2.1: |
Mutual Authentication / 9.2.2: |
Challenge-and-Response in the Public-key Setting / 9.3: |
Certificates / 9.3.1: |
Public-key Identification Schemes / 9.3.2: |
The Schnorr Identification Scheme / 9.4: |
Security of the Schnorr Identification Scheme / 9.4.1: |
The Okamoto Identification Scheme / 9.5: |
The Guillou-Quisquater Identification Scheme / 9.6: |
Identity-based Identification Schemes / 9.6.1: |
Key Distribution / 9.7: |
Diffie-Hellman Key Predistribution / 10.1: |
Unconditionally Secure Key Predistribution / 10.3: |
The Blom Key Predistribution Scheme / 10.3.1: |
Key Distribution Patterns / 10.4: |
Fiat-Naor Key Distribution Patterns / 10.4.1: |
Mitchell-Piper Key Distribution Patterns / 10.4.2: |
Session Key Distribution Schemes / 10.5: |
The Needham-Schroeder Scheme / 10.5.1: |
The Denning-Sacco Attack on the NS Scheme / 10.5.2: |
Kerberos / 10.5.3: |
The Bellare-Rogaway Scheme / 10.5.4: |
Key Agreement Schemes / 10.6: |
Diffie-Hellman Key Agreement / 11.1: |
The Station-to-station Key Agreement Scheme / 11.2.1: |
Security of STS / 11.2.2: |
Known Session Key Attacks / 11.2.3: |
MTI Key Agreement Schemes / 11.3: |
Known Session Key Attacks on MTI/A0 / 11.3.1: |
Key Agreement Using Self-certifying Keys / 11.4: |
Encrypted Key Exchange / 11.5: |
Conference Key Agreement Schemes / 11.6: |
Public-key Infrastructure / 11.7: |
Introduction: What is a PKI? / 12.1: |
A Practical Protocol: Secure Socket Layer / 12.1.1: |
Certificate Life-cycle Management / 12.2: |
Trust Models / 12.3: |
Strict Hierarchy Model / 12.3.1: |
Networked PKIs / 12.3.2: |
The Web Browser Model / 12.3.3: |
Pretty Good Privacy / 12.3.4: |
The Future of PKI? / 12.4: |
Alternatives to PKI / 12.4.1: |
Identity-based Cryptography / 12.5: |
The Cocks Identity-based Encryption Scheme / 12.5.1: |
Secret Sharing Schemes / 12.6: |
Introduction: The Shamir Threshold Scheme / 13.1: |
A Simplified (t, t)-threshold Scheme / 13.1.1: |
Access Structures and General Secret Sharing / 13.2: |
The Monotone Circuit Construction / 13.2.1: |
Formal Definitions / 13.2.2: |
Information Rate and Construction of Efficient Schemes / 13.3: |
The Vector Space Construction / 13.3.1: |
An Upper Bound on the Information Rate / 13.3.2: |
The Decomposition Construction / 13.3.3: |
Multicast Security and Copyright Protection / 13.4: |
Introduction to Multicast Security / 14.1: |
Broadcast Encryption / 14.2: |
An Improvement using Ramp Schemes / 14.2.1: |
Multicast Re-keying / 14.3: |
The Blacklisting Scheme / 14.3.1: |
The Naor-Pinkas Re-keying Scheme / 14.3.2: |
Logical Key Hierarchy / 14.3.3: |
Copyright Protection / 14.4: |
Fingerprinting / 14.4.1: |
Identifiable Parent Property / 14.4.2: |
2-IPP Codes / 14.4.3: |
Tracing Illegally Redistributed Keys / 14.5: |
Further Reading / 14.6: |
Bibliography |
Index |
Classical Cryptography / 1: |
Introduction: Some Simple Cryptosystems / 1.1: |
The Shift Cipher / 1.1.1: |
The Substitution Cipher / 1.1.2: |
The Affine Cipher / 1.1.3: |
The Vigenere Cipher / 1.1.4: |