CS255 Introduction to Cryptography

Course Syllabus

Winter 2017

Optional reading can be found in three texts listed below. Only one of these books is needed and KL is a good fit for the class. Students opting for a free book can find some of the material in HAC. The third optional book, by Boneh and Shoup, is more advanced (and free) and is intended for students wishing to go deeper.


Lecture 1:
1/ 9/17
History and overview of cryptography
Reading: KL ch 1.1-1.3   ;   HAC pp 11-20.
Basic symmetric-key encryption
Lecture 2:
One time pad and stream ciphers
perfect secrecy and the one time pad.
semantic security and stream ciphers.
Reading: KL ch 2, 3.2.1-3.4.2   ;   HAC pp 20-21, 191-194.
MLK: no classes
Lecture 3:
Block ciphers
Case studies: Feistel networks, DES, 3DES, and AES.
basic modes of operation: CBC and counter mode.
Reading: KL ch 6.1-6.2   ;   HAC pp 233-237, 250-259
Lecture 4:
Block cipher abstractions: PRPs and PRFs   [pdf]
Pseudo Random Permutations (PRP); Pseudo Random Functions (PRF);
security against chosen plaintext attacks (CPA);
nonce-based CBC encryption and nonce-based counter mode.
Reading: KL ch 3.5   ;   HAC pp 228-230
Lecture 5:
Attacks on block ciphers
exhaustive search, time-space tradeoffs,
differential & linear cryptanalysis, meet in the middle, side channels.
Reading: KL ch 3.4.2,3.6
Message integrity
Lecture 6:
Message integrity: definition and applications
Reading: KL ch 4.1-4.3
Lecture 7:
2/ 1/17
Collision resistant hashing
Merkle-Damgard and Davies-Meyer. MACs from collision resistance.
Case studies: SHA and HMAC.
Reading: KL ch 5.1-5.3   ;   HAC pp 333-335, 339-341, 348
Lecture 8:
2/ 6/17
Authenticated encryption: security against active attacks
also: intro to session setup using a key distribution center (KDC).
Reading: KL ch 4.5
Public key cryptography
Lecture 9:
2/ 8/17
Arithmetic modulo primes
Reading: KL ch 8.
Summary of relevant facts: pdf.
Lecture 10:
Cryptography using arithmetic modulo primes
vanilla key exchange (Diffie-Hellman); the CDH and discrete-log assumptions
Reading: KL ch 9, 11.4.1
Lecture 11:
Public key encryption
semantically secure ElGamal encryption; CCA security
Reading: KL ch 9, 11.4.1
President's day: no classes.
Lecture 12:
Arithmetic modulo composites   [pdf]
RSA and Rabin functions.
how to encrypt with trapdoor permutations.
Reading: KL ch 11.5
Summary of relevant facts: pdf.
Digital signatures
Lecture 13:
Digital signatures: definitions and applications
How to sign using RSA.
Reading: KL ch 12.1-12.4
Lecture 14:
3/ 1/17
More signature schemes and applications   [pdf]
Hash based signatures.
certificates, certificate transparency, certificate revocation.
Reading: KL ch 12.5-12.8
Final topics
Lecture 15:
3/ 6/17
Identification protocols   [pdf]
Password protocols, salts; one time passwords (S/Key and SecurID);
challenge response authentication.
Reading: HAC ch 10.
Lecture 16:
3/ 8/17
Authenticated key exchange and SSL/TLS session setup   [pdf]
Reading: None.
Lecture 17:
Zero knowledge protocols
Reading: None.
Lecture 18:
Advanced topics. TBD