ECS 127 CRYPTOGRAPHY (4 units)

Lecture: 3 hours
Laboratory: 1 hour

Catalog Description:
Introduction to the theory and practice of cryptographic techniques used in computer security. Encryption (secret-key and public-key), message authentication, digital signatures, entity authentication, key distribution, and other cryptographic protocols. The social context of cryptography.

Prerequisites: (ECS 020 or MAT 108); (ECS 010 or ECS 032A or ECS 030 or ECS 036A)

Credit restrictions, cross listings: None

Summary of course contents
Topics to include most or all of the following:

  • Introduction (classical cryptographic goals of encryption, authentication, key distribution, as well as protocol goals like the dating problem or average-salary computation)
  • Classical ciphers (substitution ciphers)
  • Stream ciphers and LFSRs
  • Blockciphers (Feistel networks, DES, AES)
  • Symmetric encryption modes
  • Security notions for symmetric encryption (indistinguishability, semantic security, chosen-plaintext attacks, chosen-ciphertext attacks, non-malleability)
  • Reductions (for relating notions or evidencing security)
  • Message authentication codes
  • Authenticated encryption (generic composition, specialized schemes)
  • Cryptographic hash functions (SHA-1, SHA-3)
  • Number-theory background
  • Public-key encryption (RSA, Diffie-Hellman, elliptic curves)
  • Digital signatures (RSA, ElGamal, Lamport)
  • entity authentication and key-distribution protocols (Kerberos, TLS)
  • Secret sharing (Shamir’s scheme)
  • Oblivious transfer and garbled-circuit evaluation
  • Zero knowledge
  • Cryptography and public policy
  • Cryptography and intellectual property


Students will: (1) understand and enjoy how cryptographers formalize and rigorously deal with cryptographic concerns (2) appreciate some of the inventive things that cryptography can help accomplish

Illustrative reading

  • D. Stinson. Cryptography: Theory and Practice, third ed.. Chapman & Hall/CRC, 2005.
  • N. Ferguson, B. Schneier, and T. Kohno. Cryptography Engineering: Design Principles and Practical Applications. Wiley, 2010.
  • W. Diffie and S. Landau. Privacy on the Line: The Politics of Wiretapping and Encryption: Updated and Expanded Edition. The MIT Press, 2007.

Science & Engineering
Scientific Literacy
Quantitative Literacy

Scientific Literacy: The course treats not only the technical aspects of cryptography (modeling security questions, devising protocols, analyzing methods, and drawing connections to mathematics), but also the societal context in which cryptography is developed and used. Issues of public policy are relevant to many of the topics discussed in this class (eg, the role of intellectual property in and surrounding cryptography), and discussion of these issues is integrated with more purely technical material. Students are assessed based on their homework, exams, and project, these encompassing both a technical and situational understanding of the area.

Quantitative Literacy: Cryptography is a quantitative and analytic subject, one in which theorems make quantitative assertions about the worth of our artifacts, but where, nevertheless, these claims are routinely misunderstood or ascribed meaning other than that which is formally claimed. Thus understanding the real-world interpretation of highly technical, analytic claims—particularly the meaning of provable-security assertions—is a key aspect of this course. Homework develops these skills, while homework and exams permit assessment of whether students can bridge the formal and interpretive divide.

Overlap: There is a small amount of overlap with course 153, Computer Security, which briefly discusses methods for shared-key and public-key encryption. ECS 127 provides a much broader and deeper description of contemporary cryptography.

Instructors: M. Franklin and P. Rogaway

History: Reviewed 2018.9.7 (CSUGA): prerequisites updated to include new lower division ECS series courses. 2012.09.28 (P. Rogaway): New course.  Class first taught as a 189A in Spring 2011.


1 X an ability to apply knowledge of mathematics, science, computing, and engineering
2 an ability to design and conduct experiments, as well as to analyze and interpret data
3 an ability to design, implement, and evaluate a system, process, component, or program to meet desired needs, within realistic constraints such as economic, environmental, social, political, ethical, health and safety, manufacturability, and sustainability
4 an ability to function on multi-disciplinary teams
5 X an ability to identify, formulate, and solve computer science and engineering problems  and define the computing requirements appropriate to their solutions
6 an understanding of professional, ethical, legal, security and social issues and responsibilities
7 an ability to communicate effectively with a range of audiences
8 the broad education necessary to understand the impact of computer science and engineering solutions in a global and societal context
9 X a recognition of the need for, and an ability to engage in life-long learning
10 knowledge of contemporary issues
11 X an ability to use current techniques, skills, and tools necessary for computing and engineering practice
12 X an ability to apply mathematical foundations, algorithmic principles, and computer science and engineering theory in the modeling and design of computer-based systems in a way that demonstrates comprehension of the tradeoffs involved in design choices
13 an ability to apply design and development principles in the construction of software systems or computer systems of varying complexity