Foundations of Cryptography

CS579A/CpE579A Spring 2012

Instructor: Antonio R. Nicolosi
Class meetings: Thursdays, 6:15–8:45pm, EAS 229
Office hours: Mondays 4pm–5pm, Babbio 624

Teaching Assistant: Miaomiao Zhang
Office hours: Fridays 1pm–2pm, Babbio 642

Course Description

This course introduces the fundamental notions underlying the design and evaluation of cryptographic primitives. Emphasis will be placed on understanding the process by which security goals are abstracted into suitable definitions amenable to mathematical treatment. Definitions are then exemplified by proof-of-concept constructions, practical mechanisms, or both, and their applications to address concrete security concerns are discussed. The coursework includes several programming assignments and presumes familiarity with the C programming language.

Topics to be covered include: perfect (Shannon) secrecy, one-time pad, pseudo-randomness, block and stream ciphers, security notions for encryption schems, cryptographic hash functions, message authentication codes, public-key cryptosystems, key distribution, digital signatures, certificates, public key infrastructure (PKI). Various security standards and protocols such as DES, AES, SHA-1, HMAC, Diffie-Hellman, ElGamal, RSA, OAEP, Rabin, PSS/PSS-R are also discussed.

Work Load Breakdown & Grading

Work load breakdown
2.5 hrs/week: Class attendance
3.5 hrs/week: Readings, Reverse homework
3.0 hrs/week: Programming assignments
Grading
25%: Class participation, Reverse homework
40%: Final exam
30%: Programming assignments

Academic Integrity

Weekly Topics

  1. Introduction. Perfect secrecy.
  2. One-time-pad encryption. Characterizations of perfect secrecy. Limitations of perfect secrecy. Towards the computational approach: Indistinguishability-based definitions of secrecy.
  3. Concrete security and asymptotic security. Computational indistinguishability and (computationally) secure symmetric-encryption.
  4. Pseudo-randomness I: Pseudo-random number generators (PRNG, or stream ciphers). The computational one-time pad.
  5. Pseudo-randomness II: Properties of PRNGs. Example of how (not to) compose PRNGs. The cascading construction. Forward security for PRNGs.
  6. Pseudo-randomness III: Pseudo-random functions (PRFs) and pseudo-random permutations (PRPs and strong PRPs/blockciphers). The Feistel transform and the design of DES.
  7. Applications of PRFs/s-PRPs: Chosen-Plaintext Attacks (CPA) security.
    Modes of operation: CTR, OFB, CFB, CBC.
  8. Data origin and Message Authentication Codes (MACs).
  1. Data integrity and cryptographic hash functions (collision resistant vs. universal hash functions).
  2. Toward asymmetric cryptography: The key exchange problem. Merkle puzzles. The Diffie-Hellman Key Exchange protocol.
    Review of basic facts about finite groups and number theory. Easy and hard problems in Zp*. Quadratic residuosity in Zp*.
  3. The Pohlig-Hellman cipher and Shamir's no-key protocol.
    Public-key encryption: Security notions and applications. ElGamal encryption.
    Easy and hard problems in Zn*. Quadratic residuosity in Zn*.
  4. Rabin encryption. The RSA family of permutations. Chosen-ciphertext (CCA) security. RSA-OAEP encryption. Hybrid encryption.
  5. Digital signatures and the notion of Public-Key Infrastructure.

Important Dates

Misc On-line Resources


Permission hereby granted for anyone to copy, modify, and redistribute any lecture note material from this class that belongs to the instructor. 		Valid HTML 4.01! Valid CSS!