CS 355: Topics in Cryptography

Syllabus

(Fall 2002)

The course is a seminar on topics in cryptography. Course topics this year include pseudorandomness, security notions for both encryption and signatures, random oracle analysis, and a bit of distributed computations. The course is intended for graduate students interested in cryptography research.

Topics - highly tentative

Introduction. Crash course in probability, pair wise independence, large deviation bounds.

Part I: Pseudorandomness

A bit of complexity theory.
Definition of one-way functions and one-way permutations.
Motivation and definition of PRNGs.
Next bit test. Proof of universality.
Hard core bits. Blum-Micali generator. Example: discrete log.
Proof of Yao's XOR lemma (section 3). See also a simple write-up.
Goldreich-Levin theorem. Naslund's theorem. Subset sum PRNG.
Subset sum pseudorandom generator (section 2)
Alternate proof of Goldreich-Levin theorem. (section 3.3)
Left-over-hash Lemma.
Proof and applications (Section 4).
Definition of PRFs. Applications.
The GGM Construction. The NR construction based on DDH.
Motivation and Definition of PRPs. The Luby-Rackoff construction a la Naor-Reignold.
Luby Rackoff revisited.

Part II: Basic distributed computation.

Introduction to secure function evaluation. Applications.
Oblivious transfer. Yao's two party protocol.
The BGW multi-party protocol.

Part III: Security notions

Security notions for signatures. GMR signatures. Secure signatures based on strong RSA.
Random oracle model. Secure signatures in the random oracle model.
Signatures based on UOWHF.
Security notions for encryption. Semantic security. chosen ciphertext security.
Secure encryption in the random oracle model.
Cramer-Shoup encryption.

Part IV: Factoring and discrete-log

Factoring algorithms: elliptic curve method and the number field sieve.
Discrete log algorithms: Pollard rho and index calculus.

Return to course homepage.
Last update: Sep. 21, 2002 by Dan Boneh.