CS255 Introduction to Cryptography

Course Syllabus

Winter 2021

Optional readings can be found in the textbooks denoted by KL and AC in the syllabus below. The optional AC book, by Boneh and Shoup, is more advanced (and free) and is intended for students wishing to go deeper. The online version of the course is another resource for the material covered in class.

Syllabus

 
Lecture 1:
Mon 1/11/21
Overview of cryptography. What is a cipher?
Reading: AC ch.2;   KL ch 2.
Basic symmetric-key encryption
 
Lecture 2:
Wed 1/13/21
One time pad and stream ciphers
perfect secrecy and the one time pad.
semantic security and stream ciphers.
Reading: AC ch.3;   KL 3.2.1-3.4.2.
 
Holiday:   
Mon 1/18/21
MLK: no classes
 
Lecture 3:
Wed 1/20/21
Block ciphers
Feistel networks and iterated Even-Mansour ciphers
Case studies: AES and 3DES.
Reading: AC ch. 4.1, 4.2;   KL ch 6.1-6.2.
 
Lecture 4:
Mon 1/25/21
How to use block ciphers   [pdf]
Pseudo Random Permutations (PRP); Pseudo Random Functions (PRF);
security against chosen plaintext attacks (CPA);
Modes of operation: CBC and counter mode.
Reading: AC. ch. 4.4, 5;   KL ch 3.5
Message integrity
 
Lecture 5:
Wed 1/27/21
Message integrity: definition and applications
CBC-MAC and PMAC.
Reading: AC ch. 6;   KL ch 4.1-4.3
 
Lecture 6:
Mon 2/1/21
Collision resistant hashing
Merkle-Damgard and Davies-Meyer. MACs from collision resistance.
Case studies: SHA and HMAC.
Reading: AC ch. 8.1-8.9;   KL ch 5.1-5.3
 
Lecture 7:
Wed 2/3/21
Authenticated encryption: security against active attacks
also: intro to session setup using a key distribution center (KDC).
Reading: AC ch. 9;   KL ch 4.5
Public key cryptography
 
Lecture 8:
Mon 2/8/21
Arithmetic modulo primes
Reading: KL ch 8.
Summary of relevant facts: pdf.
 
Lecture 9:
Wed 2/10/21
Cryptography using arithmetic modulo primes
vanilla key exchange (Diffie-Hellman); the CDH and discrete-log assumptions
Reading: AC ch. 10;   KL ch 9, 11.4.1
 
Holiday:   
Mon 2/15/21
President's day: no classes.
 
Lecture 10:
Wed 2/17/21
Public key encryption
semantically secure ElGamal encryption; CCA security
Reading: AC ch. 11;   KL ch 9, 11.4.1
 
Lecture 11:
Mon 2/22/21
Arithmetic modulo composites   [pdf]
RSA and Rabin functions.
how to encrypt with trapdoor permutations.
Reading: AC ch. 10.2, 10.3;   KL ch 11.5
Summary of relevant facts: pdf.
Digital signatures
 
Lecture 12:
Wed 2/24/21
Digital signatures: definitions and applications
How to sign using RSA.
Reading: AC ch. 13;   KL ch 12.1-12.4
 
Lecture 13:
Mon 3/1/21
More signature schemes and applications   [pdf]
Hash based signatures.
certificates, certificate transparency, certificate revocation.
Reading: AC ch. 13.8, ch. 14;   KL ch 12.5-12.8
Protocols
 
Lecture 14:
Wed 3/3/21
Identification protocols   [pdf]
Password protocols, salts; one time passwords (S/Key and SecurID);
challenge response authentication.
Reading: AC ch. 18;
 
Lecture 15:
Mon 3/8/21
Authenticated key exchange and SSL/TLS session setup   [pdf]
Reading: AC ch. 21;
 
Lecture 16:
Wed 3/10/21
Zero knowledge protocols
Reading: AC ch. 19;
 
Lecture 17:
Mon 3/15/21
Cryptography in the age of quantum computers
Grover's algorithm and symmetric crypto;
Shor's algorithm and public key crypto;
post-quantum crypto: signatures and key exchange
Final lecture
 
Lecture 18:
Wed 3/17/21
The crypto wars: should we have end-to-end encryption?
Guest lecture by Jennifer Granick of the ACLU