Course Syllabus
Winter 2016
Optional reading can be found in three texts listed below. Only one of these books is needed and KL is a good fit for the class. Students opting for a free book can find some of the material in HAC. The third optional book, by Boneh and Shoup, is more advanced (and free) and is intended for students wishing to go deeper.
 KL: Introduction to Modern Cryptography (2nd edition) by J. Katz and Y. Lindell.
 HAC: (free) Handbook of Applied Cryptography by A. Menezes, P. Van Oorschot, S. Vanstone.
 BonehShoup: (free) A Graduate Course in Applied Cryptography by D. Boneh and V. Shoup
Syllabus
Lecture 1:
1/ 4/16

History and overview of cryptography

Basic symmetrickey encryption  
Lecture 2:
1/ 6/16

One time pad and stream ciphers
perfect secrecy and the one time pad.
Reading:
KL ch 2, 3.2.13.4.2 ; HAC pp 2021, 191194.
semantic security and stream ciphers. 
Lecture 3:
1/11/16

Block ciphers
Case studies: Feistel networks, DES, 3DES, and AES.
Reading:
KL ch 6.16.2 ; HAC pp 233237, 250259
basic modes of operation: CBC and counter mode. 
Lecture 4:
1/13/16

Block cipher abstractions: PRPs and PRFs
[pdf]
Pseudo Random Permutations (PRP); Pseudo Random Functions (PRF);
Reading:
KL ch 3.5 ; HAC pp 228230
security against chosen plaintext attacks (CPA); noncebased CBC encryption and noncebased counter mode. 
Holiday: 1/18/16 
MLK: no classes 
Lecture 5:
1/20/16

Attacks on block ciphers
exhaustive search, timespace tradeoffs,
Reading:
KL ch 3.4.2,3.6
differential & linear cryptanalysis, meet in the middle, side channels. 
Message integrity  
Lecture 6:
1/25/16

Message integrity: definition and applications
CBCMAC and PMAC.
Reading:
KL ch 4.14.3

Lecture 7:
1/27/16

Collision resistant hashing
MerkleDamgard and DaviesMeyer. MACs from collision resistance.
Reading:
KL ch 5.15.3 ; HAC pp 333335, 339341, 348
Case studies: SHA and HMAC. 
Lecture 8:
2/ 1/16

Authenticated encryption: security against active attacks
also: intro to session setup using a key distribution center (KDC).
Reading:
KL ch 4.5

Public key cryptography  
Lecture 9:
2/ 3/16

Arithmetic modulo primes
Summary of relevant facts: pdf. 
Lecture 10:
2/ 8/16

Cryptography using arithmetic modulo primes
vanilla key exchange (DiffieHellman);
the CDH and discretelog assumptions
Reading:
KL ch 9, 11.4.1

Lecture 11:
2/10/16

Public key encryption
semantically secure ElGamal encryption;
CCA security
Reading:
KL ch 9, 11.4.1

Holiday: 2/15/16 
President's day: no classes. 
Lecture 12:
2/17/16

Arithmetic modulo composites
[pdf]
RSA and Rabin functions.
Reading:
KL ch 11.5 how to encrypt with trapdoor permutations. Summary of relevant facts: pdf. 
Digital signatures  
Lecture 13:
2/22/16

Digital signatures: definitions and applications
How to sign using RSA.
Reading:
KL ch 12.112.4

Lecture 14:
2/24/16

More signature schemes
[pdf]
Lamport and Merkle schemes.
Reading:
KL ch 12.512.8
certificates and trust management. 
Final topics  
Lecture 15:
2/29/16

Identification protocols
[pdf]
Password protocols, salts; one time passwords (S/Key and SecurID);
Reading:
HAC ch 10.
challenge response authentication. 
Lecture 16:
3/ 2/16

Authenticated key exchange and SSL/TLS session setup

Lecture 17:
3/ 7/16

Zero knowledge protocols

Lecture 18:
3/ 9/16

Advanced topics. TBD
