Course Syllabus
Winter 2024
Optional readings can be found in the textbooks denoted by KL and AC in the syllabus below. The optional AC book, by Boneh and Shoup, is more advanced (and free) and is intended for students wishing to go deeper. The online version of the course is another resource for the material covered in class.
- Boneh-Shoup (AC): (free) A Graduate Course in Applied Cryptography (V 0.5) by D. Boneh and V. Shoup
- KL: Introduction to Modern Cryptography (2nd edition) by J. Katz and Y. Lindell.
Syllabus
|
Lecture 1:
Mon 1/8/24
|
Overview of cryptography. What is a cipher?
|
| Basic symmetric-key encryption | |
|
Lecture 2:
Wed 1/10/24
|
One time pad and stream ciphers
Perfect secrecy and the one time pad;
Reading:
AC ch.3; KL 3.2.1-3.4.2.
semantic security and stream ciphers. |
|
Holiday: Mon 1/15/24 |
MLK: no classes |
|
Lecture 3:
Wed 1/17/24
|
Block ciphers
Iterated Even-Mansour ciphers and the AES block cipher.
Reading:
AC ch. 4.1, 4.2; KL ch 6.1-6.2.
|
|
Lecture 4:
Mon 1/22/24
|
Pseudo Random Permutations (PRP); Pseudo Random Functions (PRF);
Reading:
AC. ch. 4.4, 5; KL ch 3.5
semantic security, and basic modes of operation |
|
Lecture 5:
Wed 1/24/24
|
Nonce-based encryption, CBC and randomized counter mode,
Reading:
AC ch. 4.3; KL ch 3.4.2,3.6
differential & linear cryptanalysis, side channels, and quantum attacks. |
| Message integrity | |
|
Lecture 6:
Mon 1/29/24
|
Message integrity: definition and applications
CBC-MAC and PMAC.
Reading:
AC ch. 6; KL ch 4.1-4.3
|
|
Lecture 7:
Wed 1/31/24
|
Collision resistant hashing
Merkle-Damgard and Davies-Meyer; MACs from collision resistance;
Reading:
AC ch. 8.1-8.9; KL ch 5.1-5.3
case studies: SHA and HMAC. |
|
Lecture 8:
Mon 2/5/24
|
Authenticated encryption: security against active attacks
Properties and secure constructions
Reading:
AC ch. 9; KL ch 4.5
|
| Public key cryptography | |
|
Lecture 9:
Wed 2/7/24
|
Arithmetic modulo primes and finite cyclic groups
Summary of relevant facts: pdf. |
|
Lecture 10:
Mon 2/12/24
|
Cryptography using finite cyclic groups
anonymous key exchange (Diffie-Hellman);
the CDH and discrete-log assumptions
Reading:
AC ch. 10; KL ch 9, 11.4.1
|
|
Lecture 11:
Wed 2/14/24
|
ElGamal public key encryption
semantically secure ElGamal encryption;
CCA security
Reading:
AC ch. 11; KL ch 9, 11.4.1
|
|
Lecture 12:
Mon 2/19/24
|
The RSA trapdoor permutation and its applications
Reading:
AC ch. 10.2, 10.3; KL ch 11.5 Summary of relevant facts: pdf. |
|
Holiday: Wed 2/21/24 |
President's day: no classes. |
| Digital signatures | |
|
Lecture 13:
Mon 2/26/24
|
Digital signatures: definitions and applications
How to sign using RSA.
Reading:
AC ch. 13; KL ch 12.1-12.4
|
|
Lecture 14:
Wed 2/28/24
|
More signature schemes and applications
[pdf]
hash based signatures;
Reading:
AC ch. 13.8, ch. 14; KL ch 12.5-12.8
certificates, certificate transparency, certificate revocation. |
| Protocols | |
|
Lecture 15:
Mon 3/4/24
|
password protocols, salts; one time passwords (S/Key and SecurID);
Reading:
AC ch. 18;
challenge response authentication. |
|
Lecture 16:
Wed 3/6/24
|
Authenticated key exchange and SSL/TLS session setup
[pdf]
|
|
Lecture 17:
Mon 3/11/24
|
Zero knowledge proofs
|
|
Lecture 18:
Wed 3/13/24
|
The crypto wars: should we have end-to-end encryption?
Guest lecture by Jennifer Granick of the ACLU
|