ECS228: Cryptography for Electronic Commerce (Fall 2007)



Lectures:: Tuesday/Thursday 12:10pm - 1:20pm (1070 Bainer)
Office Hours: By appointment.

Course Description: Cryptographic primitives and protocols of importance to e-commerce present and future. Our focus this time will be on new functionality enabled by pairing-based cryptography. As usual, the class will be self-contained -- no special cryptographic or mathematical knowledge will be assumed.

Course Project: Write up a short paper (5--10 pages) on an interesting security application of a crypto topic covered in class.

Homework: There may be occasional homework assignments. A typical assignement will be to turn in a brief write-up summarizing some research idea we are covering.

Tentative Outline of Topics:

Crypto Review
secret sharing, hash function, signature, encryption, hardness assumptions
(CRC Handbook of Applied Cryptography)

Pairing-Based Signature
Short signature (Boneh-Lynn-Shacham)
Aggregate signature ((Boneh-Gentry-Lynn-Shacham)
History-hiding append-only signature (Bethencourt-Boneh-Waters)

Pairing-Based Encryption
Identity-based encryption (Boneh-Franklin, Boneh-Boyen, Boneh-Boyen-Goh)
Attribute-based encryption (Goyal et al., Bethencourt et al., Ostrovsky et al.)
Homomorphic encryption (Boneh-Goh-Nissim)
Search on encrypted data (Boneh-Waters, Shi et al., Katz et al.)

Pairing-Based Applications
Oblivious Signature-Based Envelope ( Li et al.)