A COMPARISON OF CRYPTOGRAPHY COURSES

Cryptologia, Apr 2004 by Holden, Joshua

ABSTRACT: The author taught two courses on cryptography, one at Duke University aimed at non-mathematics majors and one at Rose-Hulman Institute of Technology aimed at mathematics and computer science majors. Both tried to incorporate technical and societal aspects of cryptography, with varying emphases. This paper will discuss the strengths and weaknesses of both courses and compare the differences in the author's approach.

KEYWORDS: Teaching cryptography, course development, cryptography and society.

1 INTRODCUTION

This paper is a description, and to some degree a comparison, of two courses on cryptography that I have taught. One was a course in "Cryptography and Society" at Duke University, aimed at non-mathematics majors and intended to explore both technical and societal aspects of cryptography. The other was a course in cryptography at my current school, the Rose-Hulman Institute of Technology, an undergraduate engineering college in Indiana. This course was more technically oriented and aimed at mathematics and computer science majors.

2 "CRYPTOGRAPHY AND SOCIETY"

During the fall of 2000, I taught a new course entitled "Cryptography and Society" at Duke University. This course was intended to introduce the student to the basic ideas of modern cryptography and its applications. It was primarily aimed at non-mathematics majors; mathematics majors were allowed to enroll but did not get credit towards their major. The course was suggested to me by my chair, Richard Hain, and was designed in part to fit a new university requirement in Science, Technology, and Society, and thus had a combination of technical and social topics. I also made an effort in the course to engage the students by bringing in examples from their daily lives. My approach to this course and many of the materials used were strongly influenced by courses taught by Stephen Greenfield at Rutgers University [5], Susan Landau at the University of Massachusetts at Amherst [6], and William Pardon at Duke University [12].

The course was a seminar, and by university policy thus had an enrollment cap of fifteen. Fifteen students started the course, and thirteen completed it. All levels of undergraduate from first-year through senior were present. The students' majors included Biological Anthropology and Anatomy, Biology, Economics, Mathematics, Political Science, Public Policy Studies, and undeclared. The published prerequisite was high school algebra only. Roughly half the students seemed to have no significant amount of college mathematics, while the others had varying amounts up through most of a mathematics major program. Students were required to buy four textbooks for the course: Joseph Silverman's A Friendly Introduction to Number Theory [17], Albrecht Beutelspacher's Cryptology [1], Whitfield Diffie and Susan Landau's Privacy on the Line [2], and Simson Garfmkel and Gene Spafford's Web security & Commerce [3]. (Mathematics and Computer Science professors who are used to assigning only one textbook for the course should keep in mind the range of topics addressed and the fact that humanities courses generally assign more textbooks than technical ones.) More information about the course may be found at my archived copy of the course web page [7]. Books [1] and [2] can currently be obtained new for $20-$25.

Three main themes were addressed throughout the course: how modern cryptographic protocols are implemented and their strengths and weaknesses; how one encounters (and will increasingly encounter in the future) cryptography in one's daily life; and the implications of widespread use of cryptography in the digital age both for individuals and for society. In addition to studying the mathematics behind modern cryptographic systems, we also examined the impact that the invention of modern cryptographic systems has had and will have on political, economic, philosophical, and sociological aspects of society. In order for the students to fully grasp this third theme, of course, they needed to something about the mathematics of cryptography, how it works and how it is used.

I tried in the course to schedule one day of mathematics, one technical day, and one day of societal issues in each week rather than splitting the course into blocks. (The course was taught on Monday, Wednesday, and Friday.) Of course, this could not be followed strictly for various reasons. I also scheduled three guest speakers, including someone from the Duke Medical Center, a Duke Law professor, and the Mathematics Department system administrator.

The mathematical part of the course introduced basic number theory and work with congruences, up through the Euler phi function and Euler's Theorem. The goal was to get all of the mathematics necessary to understand the RSA system of public-key encryption. There was also a short introduction to finite fields as a prequel to the discussion of the Advanced Encryption Standard (AES/Rijndael). My goals here were twofold. Firstly, I wanted to make sure students understood the mathematics behind the cryptosystems. secondly I wanted them to see some of the basic ideas of number theory and abstract algebra, notably the concept of numbers as things which could behave differently depending on their context, that is, as an example of abstract elements in a field or ring.