The course is a seminar on topics in cryptography. Course topics this year include pseudorandomness, security notions for both encryption and signatures, random oracle analysis, and a bit of distributed computations. The course is intended for graduate students interested in cryptography research.

- Introduction. Crash course in probability, pair wise independence, large deviation bounds.

- A bit of complexity theory.

Definition of one-way functions and one-way permutations.

- Motivation and definition of PRNGs.

Next bit test. Proof of universality.

- Hard core bits. Blum-Micali generator. Example: discrete log.

Proof of Yao's XOR lemma (section 3). See also a simple write-up.

- Goldreich-Levin theorem. Naslund's theorem. Subset sum PRNG.

Subset sum pseudorandom generator (section 2)

Alternate proof of Goldreich-Levin theorem. (section 3.3)

- Left-over-hash Lemma.

Proof and applications (Section 4).

- Definition of PRFs. Applications.

- The GGM Construction. The NR construction based on DDH.

- Motivation and Definition of PRPs.
The Luby-Rackoff construction a la Naor-Reignold.

Luby Rackoff revisited.

- Introduction to secure function evaluation. Applications.
- Oblivious transfer. Yao's two party protocol.
- The BGW multi-party protocol.

- Security notions for signatures. GMR signatures. Secure signatures based on strong RSA.
- Random oracle model. Secure signatures in the random oracle model.
- Signatures based on UOWHF.
- Security notions for encryption. Semantic security. chosen ciphertext security.
- Secure encryption in the random oracle model.
- Cramer-Shoup encryption.

- Factoring algorithms: elliptic curve method and the number field sieve.
- Discrete log algorithms: Pollard rho and index calculus.

Return to course homepage.

Last update: Sep. 21, 2002 by Dan Boneh.