CS338 Computer Security
Friday, 26 September 2025

+ Next week
- Cryptographic hash functions
- Digital signatures
- Public key infrastructure
    - Certificates
    - Certificate authorities
- Summary of TLS handshake

+ The week after that
- Exam prep on Monday Oct 6
- In-class test on Friday Oct 10

+ Today's lab


---- Summaries of some stuff ----

+ Symmetric
- AES (Rijndael), Blowfish, Twofish, Serpent,...

- Basic operation of encryption and decryption

  Ciphertext = E(K, Plaintext)
  Plaintext = D(K, Ciphertext) = D(K, E(K, Plaintext))

- Block cipher breaks Plaintext into fixed-size blocks and
uses a "block cipher mode" (ECB, CBC, etc.) to adjust exactly
what data gets the E(K, P) treatment

- AES uses 128-bit (= 32 hex digits = 16-byte) blocks
  various key lengths and corresponding adjustment to the
  algorithm based on key length

+ "encrypt" vs. "encode"

+ Diffie-Hellman key exchange
- Alice and Bob agree on g, p
    (special properties: g "primitive root modulo p", p prime)
- Alice generates secret X
- Bob generates secret Y
- Alice sends A = g**X mod p
- Bob sends B = g**Y mod p
- Alice computes B**X which = (g**Y mod p)**X mod p = g**XY mod p
    call this K
- Bob computes A**Y which = (g**X mod p)**Y mod p = g**XY mod p
    look, it's the same K!

- But wait!
    What does AITM/PITM/MITM look like? Uh-oh.