Resources
- Encyclopedia of Cryptography and Security (full book)
- RC4 example
- Why MAC-then-Encrypt is becoming insecure (in addition to it being more wasteful than Encrytp-then-MAC since the latter doesn’t decrypt if HMAC is bad, thus saving processing time)
- Certificates and Digital Signatures tutorial
- Web traffic fingerprinting paper explains the basics
- Password Entropy fairly well explained
Exams from Elsewhere
- Berkeley Midterm + Solutions
- Berkeley Final Exam Solutions
- Vitaly Shmatikov Midterm (similar course)
- Vitaly Shmatikov Final (similar course)
Midterm Fall 2015
- Question: You can choose a key from the set of lowercase and uppercase characters, i.e. [a-zA-Z]. How many characters should you select for your key to achieve maximum security for a DES scheme (note: DES uses 56 bit keys)?
- Answer: 56/log2(52)
Why? Shannon Entropy.
- Answer: 56/log2(52)
- Questions: Are hash functions always onto? Are encryption functions always one-to-one? What about bijective?
Know these definitions!
Video Resources
- Stream Ciphers and Pseudo Random Generators
- Meet-in-the-Middle Attack
- Merkle-Damgard Construction
- Message Authentication Codes by Prof Dan Boneh
- HMAC by Prof. Dan Boneh
- Key Derivation and PBKDF by Prof. Dan Boneh
Acronyms
- RSA – Rivest Shamir Adleman (public key protocol)
- IETF – Internet Engineering Task Force
- SIP – Session Initiation Protocol
- TPM – Trusted Platform Module (related to Gracewipe)
- TXT – Trusted Execution Technology (related to Gracewipe)