CSEP 590: Applied Cryptography (Autumn '20)
October 1: Make sure to activate your edstem
account -- we will be using edstem for most announcemetns as
the class start.
September 28: The zoom meeting ID is available on canvas. Contact the lecturer/TA if unable to find it.
September 28: First-version of homepage is live.
Topics: Basic cryptographic
primitives (block ciphers, secret- and public-key
encryption, authenticated encryption, message
authentication, signatures, ...), cryptographic protocols
(e.g. TLS), attack vectors (padding-oracle attacks,
side-channel attacks, etc). Also, advanced
cryptographic techniques (zero-knowledge proofs,
The class will adopt rigorous security definitions and statements, but mostly replace proofs with attack-driven intuition. Prerequisites: No formal prerequisites, except for basic mathematical proficiency as expected in an undergraduate CS program, as well as a certain affinity to rigorous thinking. Basic programming skills (we will mostly use Python).
Instructor: Stefano Tessaro, tessaro(at)cs(dot)washington(dot)edu
Ansh Nagda (ansh@cs)
Xihu Zhang (xihu@cs)
Class time and location
Tue & Thu 6:30-7:50pm (On zoom -- link available via Canvas) Office hours
ST: Mo 5-6pm or by appointment
TA Office Hours: Wed 5-6pm
No mandatory textbook. Slides will be made available (password protected).
The following are lecture notes/textbooks on cryptography (all but one free), which (often) adopt a more formal approach than the one from this class.
D. Boneh and V. Shoup, A Graduate Course in Applied Cryptography. (Great overlap with class, just with more proofs.)
M. Bellare and P. Rogaway, Introduction to Modern Cryptography. (An excellent reference for a concrete security treatment, albeit somewhat incomplete.)
M. Rosulek, The Joy of Cryptography. (Undergraduate-level introduction to cryptography.)
J. Katz and Y. Lindell, Introduction to Modern Cryptography. (An actual textbook.)
Homework: There will be 5-6 problem
sets distributed over the quarter. Problem sets are generally
posted online on Monday, by 11:59pm PST, and are due on
Thursday, 11:59pm PST, the following week. Homework will be graded and you are required to
hand in your own solution for each homework. (Refer to the "Academic
Integrity" paragraph below for further details.) You are allowed 5
late days overall throughout the quarter.
Homework submissions will be online via Gradescope (instructions will be provided soon). Project: An important component of this class will be a project, to be undertaken by teams of two students. (Exceptions can be made but are not the norm.) The final outcome of the project is a report (we will likely dispense with presentations, due to the projected high number of students). Examples of projects include (but are not limited to):
Reading a research paper and/or a cryptographic standard/RFC
(either existing, or a current proposal), and writing a summary.
Studying a real-world application or implementation of
cryptography (either a well-known one, or something specific to your
personal experience) and documenting it (or formalizing the underlying
threat model). Some cryptography-specific implementation problem.
Anything else really, just let your creativity flow.
Schedule and Homework
The following is a tentative schedule, and is intended to give a rough idea about what I hope to cover in the class and in which order. There will be (slight) shifts depending on the pace of the class, and more information will appear on the schedule as lectures are completed. (Initially, contents will be vague for later lectures.)
|Week||Date||Lecture contents||Notes / slides / assignments|
Introduction to symmetric encryption
Modes of operation
Wrapping Up Encryption
Public-key crypto foundations
Public-key Cryptography |
Election Day (Class is canceled)
Certificates, PKIs, and authenticated key exchange
Authenticated Key Exchange (AKE)
Case study: Secure Messaging
|2020-11-26||Thanksgiving (Class Canceled)|
|10||2020-12-08||Zero-knowldge proofs I|
|2020-12-10||Zero-knowldge proofs II|