Course Syllabus
Winter 2012
Optional reading can be found in two texts listed below (KL and HAC). Only one of these books is needed and KL is a much better fit for the class. Students opting for a free book can find some of the material in HAC.
 KL: Introduction to Modern Cryptography by J. Katz and Y. Lindell.
 HAC: (free) Handbook of Applied Cryptography by A. Menezes, P. Van Oorschot, S. Vanstone.
Syllabus
Lecture 1:
1/ 9/12

History and overview of cryptography

Basic symmetrickey encryption  
Lecture 2:
1/11/12

One time pad and stream ciphers
perfect secrecy and the one time pad.
Reading:
KL 2940, 6177 ; HAC 2021, 191194.
semantic security and stream ciphers. 
Holiday: 1/16/12 
MLK: no classes 
Lecture 3:
1/18/12

Block ciphers
Case studies: Feistel networks, DES, 3DES, and AES.
Reading:
KL 159187; HAC 233237, 250259
basic modes of operation: CBC and counter mode. 
Lecture 4:
1/23/12

Block cipher abstractions: PRPs and PRFs
[pdf]
Pseudo Random Permutations (PRP); Pseudo Random Functions (PRF);
Reading:
KL 8688, 94102 ; HAC 228230
security against chosen plaintext attacks (CPA); noncebased CBC encryption and noncebased counter mode. 
Lecture 5:
1/25/12

Attacks on block ciphers
exhaustive search, timespace tradeoffs,
Reading:
KL 8285, 8990
differential & linear cryptanalysis, meet in the middle, side channels. 
Message integrity  
Lecture 6:
1/30/12

Message integrity: definition and applications
CBCMAC and PMAC.
Reading:
KL 111126

Lecture 7:
2/ 1/12

Collision resistant hashing
MerkleDamgard and DaviesMeyer. MACs from collision resistance.
Reading:
KL 127143 ; HAC 333335, 339341, 348
Case studies: SHA and HMAC. 
Lecture 8:
2/ 6/12

Authenticated encryption: security against active attacks
also: intro to session setup using a key distribution center (KDC).
Reading:
KL 148154

Public key cryptography  
Lecture 9:
2/ 8/12

Arithmetic modulo primes
Summary of relevant facts: pdf. 
Lecture 10:
2/13/12

Cryptography using arithmetic modulo primes
vanilla key exchange (DiffieHellman);
the CDH and discretelog assumptions
Reading:
KL 315339, 364368

Lecture 11:
2/15/12

Public key encryption
semantically secure ElGamal encryption;
CCA security
Reading:
KL 315339, 364368

Holiday: 2/20/12 
President's day: no classes. 
Lecture 12:
2/22/12

Arithmetic modulo composites
[pdf]
RSA and Rabin functions.
Reading:
KL 355364 how to encrypt with trapdoor permutations. Summary of relevant facts: pdf. 
Digital signatures  
Lecture 13:
2/27/12

Digital signatures: definitions and applications
How to sign using RSA.
Reading:
KL 421432

Lecture 14:
2/29/12

More signature schemes
Lamport and Merkle schemes.
Reading:
KL 432453
overview of signatures based on discretelog. certificates and trust management. 
Final topics  
Lecture 15:
3/ 5/12

Real world crypto: SSL/TLS and IPsec
record protocol. key exchange. passwordbased key exchange.
Reading:
None.

Lecture 16:
3/ 7/12

Identification protocols
[pdf]
UNIX passwords and salts; one time passwords (S/Key and SecurID);
Reading:
HAC Ch. 10.
challenge response authentication. 
Lecture 17:
3/12/12

Privacy mechanisms
group signatures and private information retrieval.
Reading:
None.

Lecture 18:
3/14/12

Advanced topics. TBD
