ECE 409: Cryptography and System Security

Sources and References

Equivalent UW courses — CO 487 (Applied Cryptography), CO 485/685 (Mathematics of Public-Key Cryptography), CS 458/658 (Computer Security and Privacy)

Primary textbook — Stallings, W. Cryptography and Network Security: Principles and Practice, 8th ed., Pearson, 2020.

Supplementary references — Katz, J. and Lindell, Y. Introduction to Modern Cryptography, 3rd ed., CRC Press, 2020; Ferguson, N., Schneier, B. and Kohno, T. Cryptography Engineering: Design Principles and Practical Applications, Wiley, 2010; Stinson, D. R. and Paterson, M. B. Cryptography: Theory and Practice, 4th ed., CRC Press, 2018; Menezes, A. J., van Oorschot, P. C. and Vanstone, S. A. Handbook of Applied Cryptography, CRC Press, 1996.

Equivalent UW Courses

ECE 409 is a one-term introduction to cryptography and systems security that overlaps most of its content with CO 487, which covers the same symmetric and public-key primitives, hash functions, MACs, and digital signatures from an applied standpoint. CO 485/685 is a single cross-listed course focused exclusively on the number-theoretic foundations of RSA, discrete-log and elliptic-curve systems, and intersects with the public-key portion of ECE 409 but goes considerably deeper on the algebra. CS 458/658 is also a single cross-listed course, and treats the systems-security half — access control, OS hardening, network defense, privacy — which ECE 409 touches more briefly.

What This Course Adds Beyond the Equivalents

ECE 409 is unusual in trying to cover both the cryptographic primitives of CO 487 and the systems-security material of CS 458/658 in a single term, which means it moves faster and with less depth on each side. It pays more attention than CO 487 to hardware-oriented constructions such as LFSR-based stream ciphers and to wireless-system security (WEP, WPA, GSM/LTE authentication) that reflects the ECE department’s communications background. It gives less measure-theoretic treatment of provable-security definitions than Katz-Lindell style courses and does not develop the algebraic number theory of CO 485/685. The systems half omits the full access-control, formal-policy, and privacy-engineering content of CS 458/658.

Topic Summary

Security Goals and Threat Models

Confidentiality, integrity, authenticity, non-repudiation, and availability are distinguished from one another, and the Dolev-Yao style adversary model is introduced. Attacks are classified as ciphertext-only, known-plaintext, chosen-plaintext, and chosen-ciphertext.

Classical Ciphers and Shannon Theory

Substitution and transposition ciphers, Vigenere, and the Hill cipher motivate frequency analysis and Kerckhoffs’s principle. Shannon’s notions of perfect secrecy, the one-time pad, unicity distance, confusion and diffusion set up the design targets for modern ciphers.

Stream Ciphers

Linear feedback shift registers, the Berlekamp-Massey algorithm, combiner and filter generators, and modern constructions such as RC4 and the ChaCha family are covered. The Shannon bound for a perfectly secret keystream and the distinction between synchronous and self-synchronizing stream ciphers are emphasized.

Block Ciphers

DES and its Feistel structure, the AES (Rijndael) substitution-permutation network over \( \mathrm{GF}(2^8) \), and modes of operation (ECB, CBC, CTR, OFB, CFB, GCM) are developed. Attacks such as differential and linear cryptanalysis are introduced qualitatively, together with padding and IV handling.

Hash Functions and MACs

Collision, preimage, and second-preimage resistance are defined, and the Merkle-Damgard and sponge constructions underlying SHA-2 and SHA-3 are compared. Birthday bounds, HMAC, CBC-MAC, and authenticated encryption via GCM and CCM tie the symmetric primitives together.

Number-Theoretic Background

Modular arithmetic, Fermat’s little theorem, Euler’s theorem, the Chinese remainder theorem, and the structure of \( (\mathbb{Z}/n\mathbb{Z})^* \) are reviewed. Fast exponentiation, the extended Euclidean algorithm, and basic primality tests (Fermat, Miller-Rabin) are presented as the algorithmic toolkit.

Public-Key Encryption and Signatures

RSA is developed from first principles, with textbook and padded (OAEP, PSS) variants. Discrete-logarithm systems include Diffie-Hellman key exchange, ElGamal encryption, and DSA. The hardness assumptions (integer factorization, discrete log) are stated, and known attacks (Pollard rho, index calculus, baby-step/giant-step) are sketched.

\[ c \equiv m^{e} \pmod{n}, \qquad m \equiv c^{d} \pmod{n}, \qquad ed \equiv 1 \pmod{\varphi(n)}. \]

Elliptic-Curve Cryptography

The group law on an elliptic curve over \( \mathrm{GF}(p) \) or \( \mathrm{GF}(2^m) \) is defined, ECDH and ECDSA are presented, and the advantages of ECC for constrained devices (shorter keys for equivalent strength) are discussed.

Key Management and PKI

Key distribution, certificate authorities, X.509 certificates, certificate revocation, and the TLS handshake illustrate how the primitives are composed into deployed protocols. Kerberos is treated as an example of symmetric-key-based authentication.

Network and Wireless Security

IPsec, SSL/TLS, and SSH are surveyed, followed by wireless protocols: WEP and its failures, WPA2/WPA3, GSM A5/1, and LTE authentication and key agreement (AKA). Firewalls and intrusion detection are introduced briefly.

System-Level Security

The last portion of the course covers password-based authentication, access control fundamentals, malware categories (viruses, worms, trojans, rootkits), and common software vulnerabilities such as buffer overflows and injection. Privacy concerns and side-channel attacks (timing, power, cache) round out the discussion.