Course Syllabus
Winter 2011
Optional reading can be found in two texts listed below (KL and HAC). Only one of these books is needed and KL is a much better fit for the class. Students opting for a free book can find some of the material in HAC.
 KL: Introduction to Modern Cryptography by J. Katz and Y. Lindell.
 HAC: (free) Handbook of Applied Cryptography by A. Menezes, P. Van Oorschot, S. Vanstone.
Syllabus
Lecture 1:
1/ 3/11

History and overview of cryptography

Basic symmetrickey encryption  
Lecture 2:
1/ 5/11

One time pad and stream ciphers
perfect secrecy and the one time pad.
Reading:
KL 2940, 6177 ; HAC 2021, 191194.
semantic security and stream ciphers. 
Lecture 3:
1/10/11

Block ciphers
Case studies: Feistel networks, DES, 3DES, and AES.
Reading:
KL 159187; HAC 233237, 250259
basic modes of operation: CBC and counter mode. 
Lecture 4:
1/12/11

Block cipher abstractions: PRPs and PRFs
[pdf]
Pseudo Random Permutations (PRP); Pseudo Random Functions (PRF);
Reading:
KL 8688, 94102 ; HAC 228230
security against chosen plaintext attacks (CPA); noncebased CBC encryption and noncebased counter mode. 
Holiday: 1/17/11 
MLK: no classes 
Lecture 5:
1/19/11

Attacks on block ciphers
exhaustive search, timespace tradeoffs,
Reading:
KL 8285, 8990
differential & linear cryptanalysis, meet in the middle, side channels. 
Message integrity  
Lecture 6:
1/24/11

Message integrity: definition and applications
CBCMAC and PMAC.
Reading:
KL 111126

Lecture 7:
1/26/11

Collision resistant hashing
MerkleDamgard and DaviesMeyer. MACs from collision resistance.
Reading:
KL 127143 ; HAC 333335, 339341, 348
Case studies: SHA and HMAC. 
Lecture 8:
1/31/11

Authenticated encryption: security against active attacks
also: intro to session setup using a key distribution center (KDC).
Reading:
KL 148154

Public key cryptography  
Lecture 9:
2/ 2/11

Arithmetic modulo primes
Summary of relevant facts: pdf. 
Lecture 10:
2/ 7/11

Cryptography using arithmetic modulo primes
vanilla key exchange (DiffieHellman);
the CDH and discretelog assumptions
Reading:
KL 315339, 364368

Lecture 11:
2/ 9/11

Public key encryption
semantically secure ElGamal encryption;
CCA security
Reading:
KL 315339, 364368

Lecture 12:
2/14/11

Arithmetic modulo composites
[pdf]
RSA and Rabin functions.
Reading:
KL 355364 how to encrypt with trapdoor permutations. Summary of relevant facts: pdf. 
Digital signatures  
Lecture 13:
2/16/11

Digital signatures: definitions and applications
How to sign using RSA.
Reading:
KL 421432

Holiday: 2/21/11 
President's day: no classes. 
Lecture 14:
2/23/11

More signature schemes
Lamport and Merkle schemes.
Reading:
KL 432453
overview of signatures based on discretelog. certificates and trust management. 
Final topics  
Lecture 15:
2/28/11

Real world crypto: SSL/TLS and IPsec
record protocol. key exchange. passwordbased key exchange.
Reading:
None.

Lecture 16:
3/ 2/11

Identification protocols
[pdf]
UNIX passwords and salts; one time passwords (S/Key and SecurID);
Reading:
HAC Ch. 10.
challenge response authentication. 
Lecture 17:
3/ 7/11

Privacy mechanisms
group signatures and private information retrieval.
Reading:
None.

Lecture 18:
3/ 9/11

Advanced topics. TBD
