CSEP 590: Applied Cryptography (Spring '19)
Topics: Basic cryptographic
primitives (block ciphers, secret- and public-key
encryption, authenticated encryption, message
authentication, signatures, ...), cryptographic protocols
(e.g. TLS), attack vectors (padding-oracle attacks,
side-channel attacks, etc). Also, advanced
cryptographic techniques (zero-knowledge proofs,
The class will adopt rigorous security definitions and statements, but mostly replace proofs with attack-driven intuition. Prerequisites: No formal prerequisites, except for basic mathematical proficiency as expected in an undergraduate CS program, as well as a certain affinity to rigorous thinking. Basic programming skills (we will mostly use Python).
Instructor: Stefano Tessaro, tessaro(at)cs(dot)washington(dot)edu
Xin Yang (yx1992@cs)
Xihu Zhang (xihu@cs)
Class time and location
Monday 6:30-9:20pm (CSE2 G10 (Gates Center)) Office hours
ST: Mo 5-6pm or by appointment (CSE 666)
TA Office Hours: TBD
No mandatory textbook. Slides will be made available (password protected).
The following are lecture notes/textbooks on cryptography (all but one free), which (often) adopt a more formal approach than the one from this class.
D. Boneh and V. Shoup, A Graduate Course in Applied Cryptography. (Great overlap with class, just with more proofs.)
M. Bellare and P. Rogaway, Introduction to Modern Cryptography. (An excellent reference for a concrete security treatment, albeit somewhat incomplete.)
M. Rosulek, The Joy of Cryptography. (Undergraduate-level introduction to cryptography.)
J. Katz and Y. Lindell, Introduction to Modern Cryptography. (An actual textbook.)
Interaction / Q&A
We are going to use Google Discussion Board and a class mailing list. Instructions will be provided.
Homework: There will be 6 problem
sets distributed over the quarter. Problem sets are generally
posted online on Friday, by 11:59pm PST, and are due 11 days later on
Tuesday, 11:59pm PST. Homework will be graded and you are required to
hand in your own solution for each homework. (Refer to the "Academic
Integrity" paragraph below for further details.) You are allowed 3
late days overall throughout the quarter.
Homework submissions will be online via Gradescope (instructions will be provided soon). Project: An important component of this class will be a project, to be undertaken by teams of two students. (Contact the lecturer in case of issues with this, exceptions can be made but are not the norm.) The final outcome of the project is a report (we will likely dispense with presentations, due to the projected high number of students). Examples of projects include (but are not limited to):
Reading a research paper and/or a cryptographic standard/RFC
(either existing, or a current proposal), and writing a summary.
Studying a real-world application or implementation of
cryptography (either a well-known one, or something specific to your
personal experience) and documenting it (or formalizing the underlying
threat model). Some cryptography-specific implementation problem.
Anything else really, just let your creativity flow.
Schedule and Homework
The following is a tentative schedule, and is intended to give a rough idea about what I hope to cover in the class and in which order. There will be (slight) shifts depending on the pace of the class, and more information will appear on the schedule as lectures are completed. (Initially, contents will be vague for later lectures.)
|Week||Date||Lecture contents||Notes / slides / assignments|
Block ciphers (cont'd)
Public-key crypto foundations
Certificates, PKIs, and authenticated key exchange
|9||2019-05-27||No class (Memorial Day)|