CSE 426

Schedule

This is a tentative schedule meant to give an overview of the topics we are going to cover. It will be expanded as we proceed through the quarter.

Wk	Date	Lecture contents	Materials, Sections, and Homework
0	09/27	Introduction Welcome / organizational details What is this class about? Why study cryptography? The Provable Security Angle	Slides Section 0 (Thu, 9/28) Section 0 Solution
	09/29	Introduction to Encryption Syntax of symmetric encryption Attack types: Ciphertext only, known- and chosen-plaintext Substituion cipher, and its insecurity	Slides
1	10/2	One-time Pad and Perfect Secrecy Perfect secrecy and Shannon secrecy One-time pad Necessity of long keys Motivation for computationl security	Slides
	10/4	Block Ciphers and Pseudorandom Permutations I Block ciphers Oracles and indistinguishability	Slides HW 1 Section 1 (Thu 10/5) Section 1 solution
	10/6	Block ciphers and Pseudorandom Permutations II Definition of pseudorandom permutation security Calculating distinguishing advantages Feasibility and negligibility: Concrete vs asymptotic security	Slides
2	10/9	Symmetric Encryption I Block ciphers constructions ECB and its insecurity Introduction to semantic security	Slides
	10/11	Symmetric Encryption II IND-CPA security Counter-Mode Encryption Pseudorandom Functions	Slides HW 2 posted Section 2 (Thu 10/12) Section 2 solution HW 1 due
	10/13	Symmetric Encryption III Proof of IND-CPA security for randomized counter mode Hybrid arguments Simple oracle reductions Equivalent-until-bad arguments	Slides
3	10/16	Modes of Operations and Active Attacks A note on asymptotic interpretation of results Counter-mode and CBC-mode Introduction to Padding Oracles	Slides
	10/18	Padding-Oracle Attacks Padding-Oracle Setting Recovering the last byte Introduction to integrity	Slides HW 3 posted HW 2 due Section 3 (Thu 10/19) Section 3 solution
	10/20	Hash Functions Definition and applications of hash functions Collision resistance, 2nd preimage resistance General oracle definitional framework Birthday Attacks	Slides
4	10/23	Hash Functions More applications of hash functions The Merkle-Damgard construction	Slides
	10/25	Message Authentication Codes MAC syntax and UF-CMA security PRFs are good MACs Hash-based vs Block-cipher based MACs	Slides HW 3 due Section 4 (Thu 10/26) Section 4 solution
	10/27	Authenticated Encryption Ciphertext & Plaintext Integrity Encrypt-then-MAC vs MAC-then-Encrypt Brief intro to side-channel attacks	Slides
5	10/30	Computational Number Theory I Groups Modular arithmetic Modular exponentiation	Slides
	11/1	Midterm Exam Time/Location: 11:30-12:20p, MOR 230 (regular class time and location) A review session will be scheduled	HW 4 posted Section 5 (Thu 11/2) Section 5 solution
	11/3	Computational Number Theory II Exponentiation in groups Cyclic Groups Discrete Logarithms	Slides
6	11/6	Key Exchange and Diffie Hellman Diffie-Hellman Key Exchange The DL, CDH, and DDH assumptions Groups where DL/CDH/DDH are hard	Slides
	11/8	Elliptic Curves Elliptic Curves Intro to Public-Key Encryption	Slidesw HW 5 posted HW 4 due Section 6 (Thu 11/9) Section 6 solution
	11/10	Veterans day (No class)
7	11/13	Public-key Encryption and RSA Definition of public-key encryption and its security Equivalence with Key Exchange Introduction to RSA	Slides
	11/15	RSA & Factoring Plain RSA and the RSA assumption Padding for RSA CCA security and RSA-OAEP Hardness of factoring	Slides Section 7 (Thu 11/16) Section 7 solution
	11/17	Digital Signatures RSA attacks Definition of digital signatures RSA signatures	Slides
8	11/20	Digital Certificates Full-Domain Hash and Schnorr Signatures Person-in-the-middle attacks Introduction to digital certificates and PKIs	Slides HW 6 posted HW 5 due
	11/22	Thanksgiving (no class)	Section 8 (No in person section) Section 8 solution
	11/24	Thanksgiving (no class)
9	11/27	Authenticatd Key-Exchange & TLS Authenticated Key Exchange Forward Secrecy Hierarchical PKIs	Slides
	11/29	Multi-Party Computation I Problem setting and security definitions Securely computing the AND Gate Oblivious Transfer	Slides Section 9 (Thu 11/30) Section 9 solution
	12/1	Multi-Party Computation II Garbled Circuits and Yao's protocol Dedicated protocol for Private-Set Intersection	Slides HW 6 due HW 7 posted
10	12/4	Multi-Party Computation III General definition of Multi-Party Computation Linear secret sharing schemes Multiplication protocol	Slides
	12/6	Ethics, Policy & Cryptography	Slides
	12/8	Review & Discussion On cryptographic thinking What else is there, and where to find it?	Slides
Fin	12/13	Final Exam Time/Location: 2:30-4:20p, MOR 230 An exam review session will be scheduled earlier during finals week