CRYPTOGRAPHY, CYBERSECURITY, AND PERSONAL PRIVACY

HPR 108, Honors Seminar in Mathematics Spring 2013

Instructor

Professor Edmund A. Lamagna

E-mail: eal@cs.udri.edu

Office Hours: 256 Tyler Hall, M 10:00–11:30, R 1:30–3:00

Class Meeting

MW 2:00–3:15

Tyler 052

Teaching Assistants

Sonya Badigian sonya.badigian@gmail.com

Gregory Breard gtbreard@my.uri.edu

Course Description

Internet purchases, ATM transactions, and secure electronic communication are examples of everyday activities that rely on cryptography. The study of cryptography transcends traditional academic disciplines. It involves history, political science, technology, languages, ethics, mathematics and computer science. 

Whenever you carry your cell phone, visit a social networking website, use a store rewards card or do a Google search, you reveal personal information about yourself that is stockpiled electronically. Google, as a prime example, makes its profit on what it knows about you and others, and you may be shocked by just how much it does know. We examine the trail of "electronic fingerprints and footprints" you leave living in the modern world. Can the stockpiles of information about you be sold or stolen, subpoenaed, or used for identity theft or even blackmail? How can you systematically reduce the personal information you expose or give away?

Cybersecurity is a matter of crucial national interest. Individuals, businesses, law enforcement, the military, and other government agencies face unprecedented challenges from attackers who are organized, well informed, and technically competent. We examine the technological and legal controls available to secure communications and data networks from manipulation, theft, attack by criminals, hackers, business competitors, terrorists, foreign enemies, and other adversaries.

In the post-9/11 era and in light of the U.S. Patriot Act, a fundamental question underlies our discussion. Which do we value more: individual privacy or national security? Or is there a compromise that will simultaneously serve the rights and freedom of the individual and the perceived need for heightened government surveillance?

General Education

This course meets the university's general education requirement for Mathematical and Quantitative Reasoning.

Justification as an Honors Course

The subject matter is highly interdisciplinary. The following disciplines are brought to bear in significant ways:

  • Mathematics
  • Computer Sceince
  • Engineering and Physics
  • Linguistics
  • History
  • Political Science and Public Policy

The emphasis is on the development of critical thinking skills rather than the recitation of facts. Two major writing assignments and one classroom presentation are required. One report is a review of a book to be read independently by the student; the other involves a personal response to some of the ethical issues discussed in class. The book review forms the basis of a student's presentation to the class.

Course Requirements

Students will be assigned homework problems throughout the semester to reinforce the mathematical concepts and to demonstrate their knowledge of the codes presented. In addition, students will have the experience of "cracking the code" by solving several Crypto Challenges.

Two papers will also be assigned. The first is a 5–8 page critical review of a book related to the material in the course. The books will be selected approximately a third of the way through the semester, and the reports are due one month later. This assignment will allow students to explore a particular aspect of the course in greater depth. The reports will be shared in class during the last two weeks of the semester.

The second paper of 3–5 pages is to focus on personal privacy and public policy. In preparing this assignment, students will be expected to include a personal response to one or more of the ethical issues discussed in the course.

Your class presentation will be based on the book you read and review.

Grading

  • Grading Sets 35%
  • Book Review 25%
  • Class Presentation of Book Review 10%
  • Personal privacy, public policy, and ethics paper 15%
  • Other exercises, classroom participation, and attendance 15%

Class Participation and Attendance

It is important that you do the assigned readings and come to each class prepared to participate actively. Questions, as well as answers, are vital to the learning process, so don't hesitate to ask questions when confused.

Due to the size and nature of the class, attendance is imperative. An attendance sheet will be circulated at the beginning of every class. Students will be allowed two unexcused absences during the semester. Every subsequent unexcused absence will result in the loss of two points from a student's final average. As a courtesy to the instructor and your fellow students, please arrive to class on time. After the first offense, students arriving late will have one point deducted from their final averages.

Two papers will also be assigned. The first is a 5–8 page critical review of a book related to the material in the course. The books will be selected approximately a third of the way through the semester, and the reports are due one month later. This assignment will allow students to explore a particular aspect of the course in greater depth. The reports will be shared in class during the last two weeks of the semester.

Course Description

  1. Introduction (One class)
    • "We'd like to know a little bit about you for our files" (Mrs. Robinson, Simon and Garfunel, 1967)
    • course mechanics
    • ice breaker: shopper loyalty cards
    • Reading: Abelson et. al., Chapter 1
  2. A History of Secret Communication (Two classes)
    • Hieroglyphics to the Middle Ages
    • Renaissance to World War II
    • Reading: Singh, Chapters 1–2
  3. The Crypto Challenge (One Class)
  4. Cryptography in World War II (Two Classes)
    • The Mechanization of Cryptography
    • Breaking the German Enigma Code
    • Navajo Code Talkers
    • Reading: Singh, Chapters 3–5
  5. The Mathematics of Codes and Code Breaking (Three Classes)
    • Mathematical Model of a Cryptosystem
    • Functions, Modular Arithmetic, Probability
    • Classical Ciphers: Substitution, Transposition
    • Cryptanalysis: Frequency Attacks, Vigenθre Cipher
    • Perfect Security: One-time pads
    • Reading: Beutelspatcher, Chapters 1–3
  6. Public Key Cryptography: The Modern Way to Keep Secrets (One Class)
    • Digital Cryptography
    • Secret vs. Public Keys
    • Public Key Cryptography
    • Reading: Singh, Chapter 6
  7. The Mathematics of Public Key Cryptography (Three Classes)
    • Some Number Theory
    • Computational Intractability: factoring large numbers
    • RSA (Rivest-Shamir-Adleman) Cryptosystem
    • Digital Signatures
    • Key Exchange: Diffie-Hellman Protocol
    • Reading: Beutelspacher, Chapter 5
  8. Cryptography in the Information Age (One Class)
    • Electronic Commerce
    • e-Mail, Cell Phones, and Credit Cards
    • Pretty Good Privacy (PGP)
    • Reading: Singh, Chapter 6
  9. Privacy in the Information Age
    • Digital Footprints: What Has Changed and Why?
    • Privacy: Threats and Protection
    • Data Leaks
    • Googling
    • Data Mining and Uses of Personal Information
    • Reading: Abelson et. al., Chapters 2-4
  10. Government Surveillance: Pre- and Post 9/11 (Two Classes)
    • National Security
    • Law Enforcement
    • Wiretapping
    • Current Regulation in the U.S. and Internationally
    • Reading: Articles to be Distributed
  11. Cybersecurity (Two Classes)
    • Risks on the Internet
    • Attacks on Software: Logic Bombs, Viruses, Worms, Phishing, Browser Attacks
    • Attacks on Networks: ARP and IP Spoofing, Denial of Service Attacks
    • Formulation of Domestic and International Policy
    • Reading: Articles to be Distributed
  12. Security and Anonymity (Two Classes)
    • Integrity and Authenticity
    • Message Digests
    • Zero-Knowledge Protocols
    • Smart Cards
    • Electronic Cash
    • Reading: Beutelspacher, Chapters 4 and 6
  13. Student Presentations (Two Classes)
  14. What Does the Future Hold? (One Class)
    • Quantum Physics for "Dummies"
    • Quantum Cryptography: Perfect Security Just Around The Corner
    • Perspectives on the Future
    • Reading: Singh, Chapter 8

Required Texts

S. Singh, The Code Book. Anchor Books, 1999.

A. Beutelspacher, Cryptology. The Mathematical Association of America, 1994.

H. Abelson, K. Ledeen, and H. Lewis, Blown to Bits. Addison-Wesley 2008. Available for download at http://www.bitsbook.com/excerpts/

Recommended Books

Mathematics of Cryptology

T. H. Barr, Invitation to Cryptology. Prentice-Hall, 2002.

R. E. Lewand, Cryptological Mathematics. The Mathematical Association of America, 2001.

Historical Perspectives

D. Kahn, The Codebreakers (revised and expanded edition). Scribner, 1996.

Personal Privacy and Public Policy

S. Baker, The Numerati. Houghton Mifflin, 2008.

G. Conti, Googling Security. Addison-Wesley, 2009.

Cybersecurity

R. A. Clarke and R. K. Knake, Cyber War: The Next Threat to National Security and What to Do About It. Ecco, 2010. B. Schneier, Schneier on Security. Wiley, 2008.

Course Website

Several of Professor Lamagna's students have created a website that gives a pedagogic overview of some of the most significant cryptographic methods. The site includes tutorial introductions to a representative sample of traditional codes based on substitution and transposition, the Enigma machine, the Data Encryption Standard (DES), and several public key cryptosystems.

Importantly, the website provides computational tools for enciphering and deciphering, and for performing cryptanalytic attacks on traditional ciphers. The website will be integrated into the course, and students will use it to assist in cracking the Crypto Challenges and in working the problem sets. The website obviates the need to write computer programs to perform these tasks. The site from a previous offering of the course can be viewed at: http://homepage.cs.uri.edu/courses/spring2013/hpr108/ You will be informed when the new version is ready for your use.