- Reference Books:
- Katz-Lindell
- Handbook of Applied Cryptography
- Stinson
- Joux (cryptanalysis)
- Goldreich (foundations) (Also A Primer)

- Notes: Bellare-Rogaway, Goldwasser-Bellare, Waters, Pass-Shelat.
- Wiki: CRYPTUTOR
- Basics: Probability

Fall 2014

Instructor: Manoj Prabhakaran

- 11:00 AM - 12:15 PM Tuesday/Thursday

1302 Siebel Center

CRN: 46032

Forum (Piazza)

Have you wondered how one might *define* security --
even for a cryptographic concept as simple and familiar as encryption? What
makes public-key cryptography possible? (Well, what *is* public-key
cryptography?) What is MD5 and what's wrong with it? What is homomorphic
encryption? What are zero-knowledge proofs (and are they for real)? What
magical tools can cryptography offer that no one has put to use yet? Are there
limits to the magic of cryptography?

This course is intended to provide a theoretically sound foundation in applied cryptography. We shall see fundamental cryptographic notions and how cryptographic primitives can be used to create applications with security guarantees.

__Course contents.__ The initial part of the course will cover *secure
communication* (encryption and authentication). A good reference would be
the Katz-Lindell textbook.
Towards the second half of the course we will focus on some applications, and
other important topics including *secure multi-party computation*. As time
permits, we will also see glimpses of a variety of other concepts and tools.

__Graded Work.__ There is no exam in this course. The graded work
involves a few homework assignments and a project. The projects will be
evaluated based on a presentation (or a report, for the online students), and
meeting(s) prior to that. Some sample topics for the project will be provided
later on.

__Teaching Assistant.__ David Holcomb (dholcom2) will be your TA.

__Office hours.__ Manoj will offer office hours on alternate weeks, on Thursday 2:00 - 3:00 PM, starting Sep 4. David will offer office hours on alternate weeks, on Monday 1:00 - 2:00 PM, starting Sep 8. Any changes in office hours will be announced in class or here.
Thanksgiving schedule: Manoj will have no office hour on Thursday, Nov 27. Instead there will be one on Thursday, Nov 20. David's office hours will be as scheduled, on Mondays, Nov 17 and Dec 1.
Please do come for the office hours offered by the instructor and/or the TA,
if you found anything mysterious (or missed anything) in the lectures or
assignments. You are also welcome to drop by and chat about the
content/structure of the course during the office hours. Feel free to e-mail
anytime if you have any questions or comments.

- Lecture 00: (Aug 26): Introduction. [ html|pdf|print ]
- Lecture 01: (Aug 28): Secret-Sharing [ html|pdf|print ]
- Lecture 02: (Sep 2): Defining Encryption (part 1) [html|pdf|print]
- Assignment 1 (released Tuesday Sep 2; due Thursday Sep 11)
- Lecture 03: (Sep 4): Defining Encryption (CPA, CCA security). OWF, PRG. [html|pdf|print]
- Lecture 04: (Sep 9): OWF candidates, Indistiguishability, PRG, Stream Cipher [html|pdf|print]
- Lecture 05: (Sep 11): PRF, Block Cipher, SKE constructions [html|pdf|print]
- Lecture 06: (Sep 16): CCA-secure SKE, MAC. SKE in Practice [html|pdf|print] (Symmetric-key cryptanalysis reference)
- Lecture 07: (Sep 18): Public-Key Encryption: DDH, El Gamal [html|pdf|print]
- Assignment 2 (released Thursday Sep 18; due Thursday Oct 09)
- Lecture 08: (Sep 23): Public-Key Encryption: CPA secure PKE from Trapdoor OWP; CCA security [html|pdf|print]
- Lecture 09: (Sep 25): Public-Key Encryption: CCA security. Identity-Based Encryption. [html|pdf|print]
- Lecture 10: (Sep 30): Hash functions: Flavors of collision resistance [html|pdf|print]
- Lecture 11: (Oct 02): Hash function constructions and applications to MACs [html|pdf|print]
- Lecture 12: (Oct 07): Digital Signatures. Secure Communication wrap-up. [html|pdf|print]
- Lecture 13: (Oct 09): Secure Multiparty Computation [html|pdf|print]
- Lecture 14: (Oct 14): Secure Multiparty Computation: Yao's Garbled Circuit [html|pdf|print]
- Lecture 15: (Oct 16): Zero-Knowledge Proofs [html|pdf|print]
- Lecture 16: (Oct 21): Zero-Knowledge Proofs, Composition [html|pdf|print]
- Lecture 17: (Oct 23): Secure Multiparty Computation: Universal Composition [html|pdf|print]
- Lecture 18: (Oct 28): Homomorphic Encryption [html|pdf|print]
- Lecture 19: (Oct 30): Mix-Nets, Verifiable Shuffle [html|pdf|print]
- Lecture 20: (Nov 04): Voting [html|pdf|print]
- Assignment 3 (released Tuesday Nov 04; due Tuesday Dec 02)
- Lecture 21: (Nov 06): Pairing-Based Cryptography & Generic Groups [html|pdf|print]
- Lecture 22: (Nov 11): Signatures [html|pdf|print]
- Lecture 23: (Nov 13): Electronic Cash [html|pdf|print]
- Lecture 24: (Nov 18): Lattice-Based Cryptography [html|pdf|print]
- Lecture 25: (Nov 20): Formal Methods and Cryptography [html|pdf|print]
(Surveys: 1 and 2)

--- Thanksgiving Break! ---

- Lecture 26: (Dec 02): Obfuscation [html|pdf|print]
- Lecture 27: (Dec 04): Functional Encryption [html|pdf|print]
- Lecture 28: (Dec 09): Quantum Cryptography [html|pdf|print]