[KL] Introduction to Modern Cryptography by Jonathan Katz and
[ST] Cryptography: Theory and Practice, by Doughlas R.
[MOV] Handbook of Applied Cryptography, by
A. Menezes, P. van Oorschot and S. Vanstone. (Available online for
Tuesdays and Thursdays 10:00 to 12:00
Grading: 40% on homeworks, 40%
on tests and 20% on a project.
Homeworks: Homework 2 (due
Homework 3 (due
Finalize project proposal by March 13
Test 1 on
Test 2 on
Final project submission on April 29
Topics to be covered
Definition of perfect secrecy, variants of the definition, One time
pad, Shannon´s Theorem ( Read [KL] Chapter 2)
Definition, Description of of DES and AES
[ Read [ST] Chapter 3]
recovery attacks on block ciphers [Read notes by
Pseudorandom Functions and Pseudorandom
Permutations, Security of Block Ciphers [ Read
by Phil Rogaway]
Software implementation of AES, the Intel AES-NI
Syntax of symmetric encryption. Security
notions. Block cipher modes of operation. Proof of security of CTR
[read chapter 3 of [ST]
and notes by
Syntax of message authentication codes. Forgery attacks.
Relationship of secure MACs with pseudorandom functions.
Universal, Almost universal and Almost Xor Universal
The Carter Wegman paradigm of MACs. Polynomial
Block cipher based MACs: CMAC and PMAC
Cryptographic Hash Functions:
resistance, Second preimage resistance and collision resistance.
random oracle model.
Generic algoritms for finding preimage, second preimage and
collisions in the random oracle model.
Relation between the notions of Preimage resistance, Second
preimage resistance and collision resistance.
Iterated hash functions. Constructing hash functions from a given
compression function, the Merkle-Damgard construction . [Read [ST] Chapter 4]
Syntax, Security Notions, Generic
Composition, Authenticated encryption with associated data. GCM and
Tweakable Block Ciphers, Tweakable
Enciphering schemes, Disk encryption: Narrow block and wide block
modes. XTS, EME, HCTR
Public Key Encryption:
theory. Diffie Hellman Key Exchange. CPA and CCA security of public
key encryption. RSA and El Gamal encryption schemes.