11

Many introductory courses on cryptography have their treatment of secret-key crypto start with OTP, then block ciphers, and for public-key cryptography revolve around RSA with no notion of padding (some even have matching exercises showcasing insecure practices, beyond using artificially small parameters). It is all too common that after such introductory course, students will happily consider the OTP as a useful cipher, or tell (and try to perform) things like encrypt with private key, and believe (perhaps rightly) that's what they have been taught.

I ask what would be a better roadmap for a short introductory course on cryptography, aimed at students with an inclination towards engineering and IT, that

  • gives the audience a fair grasp at the basic functions modern cryptography performs routinely (signature, authentication, key exchange, encryption..), and how they differ in goal;
  • illustrates some of these functions with concrete methods, not requiring much more advanced math than RSA does, and implementable (with artificially small parameters) on about anything that can compute, including spreadsheet formulas;
  • not touching formal definitions of security, much less game proofs, advanced cryptanalysis..

I realize that an actual course content will depend considerably on the time allocation, math background of the audience, and the (widely varying) organization and goals of the learning environment. I wish these things are left out inasmuch as possible, to concentrate on what cryptographic techniques should be in a coherent exposition of cryptography, so that this question can hopefully be considered on-topic.

Community
  • 1
fgrieu
  • 140,762
  • 12
  • 307
  • 587
  • 1
    IMHO, your requirement of not touching formal definitions contradicts with your initial premise. For example, the (main) reason why unpadded RSA should not be used is that it is not CPA secure, which implies that it is necessary to explain the notion of CPA security and why it is important. – cygnusv Dec 14 '15 at 10:27
  • 1
    @cygnusv: My perception of typical aspiring engineers and IT developers/architects is that introducing formal security requirements in a short introductory course on cryptography won't work well. I think that it could be illustrated limitations of unpadded RSA without a formal definition of security; like, for encryption, by showing that a guess of the plaintext can be verified; and if time allows an attack that effectively is a CPA. But I even wonder if is it productive to illustrate unpadded RSA encryption, when we could with little extra effort illustrate RSA encryption with random padding. – fgrieu Dec 14 '15 at 10:52
  • I see your point, but in the end, it all depends on the goals you have. If you want basically to train engineers and developers, I agree that maybe it is too much to expect they care about, for instance, provable security notions. – cygnusv Dec 14 '15 at 11:01

1 Answers1

5

I recently read Understanding Cryptography: A Textbook For Students And Practitioners by Christof Paar & Jan Pelzl. I can say without a doubt that it addresses all your bullets and in the meantime it's easy and fun to read.

I have an MSc in Information Security so everything I read I already knew but some of the concepts were so well put that I felt I got a better grasp on how some things work.

As I was a reading it I thought to myself that if I ever teach a introductory course in Cryptography I'll follow this book. You can give it a shot, see if its format suits your needs as a roadmap.

e-sushi
  • 17,891
  • 12
  • 83
  • 229
Aventinus
  • 286
  • 4
  • 14
  • 2
    Bought the book. It covers much of the fundamentals of crypto as practiced. It uses the minimum of math necessary to introduce the algorithms studied, and does so in a simple, logical, step-by-step way. I have a few reservations though: the OTP is considered a cipher; imprecise use of the notation $\mod n$; no coverage of password entropy/guessing, key stretching, Format-Preserving Encryption; limited coverage of TRNGs and their pitfalls; and a some more details. $;$ Overall, that's easily the best introductory textbook I know for aspiring Engineering and (Information) Technology students. – fgrieu Dec 30 '15 at 10:08