ECS 127 - Cryptography - Spring 2016 - List of Lecture Topics |
|||
---|---|---|---|
Lecture | Topic | References | |
Week 1 | L01 - M 3/28 | Logistics, incl. academic misconduct policy. Introduction. Four basic crypto problems: {priv, auth} x {sym, asym}. Kerchoffs’s principle. | [BR: Ch.1], [Be: Ch.1], [DH76] |
L02 - W 3/30 | Odder crypto problems: the mean salary problem (SFE / MPC) and the Dating Problem (2-party SFE), in physical and msg-based models | (MPC) | |
L03 - F 4/01 | Crypto for privacy, security, crypto, and power. Cryptographic activites. Probability review. Prob spaces, events, RVs. Substitution ciphers | [Bo Lects 1.4,1.5] | |
Week 2 | L04 - M 4/04 | Syntax of a sym encryption scheme. Diaconis algorithm for ciphertext-only attack on a substitution cipher. Problems with substitution ciphers. | [D09] |
L05 - W 4/06 | Three notions of security (perfect privacy, Shannon privacy, real-or-zero). The OTP achieves these notions | [KL Ch.2] | |
L06 - F 4/08 | Dealing with the one-time aspect of OTPs: stateful and IV-based encryption. Vernam ciphers. Malleability. The A5/1 stream cipher | [PS14] | |
Week 3 | L07 - M 4/11 | More stream ciphers: RC4 and Chacha20 Modern syntax and security notion for a stream cipher. | [Be2005], [Be2008], (Salsa20) |
L08 - W 4/13 | Syntax and security defns for a PRG, arbitrary-output-length PRGs, and stream cipher. Syntax for a blockcipher. Description of DES | (Blockcipher), (DES), (DES+) | |
L09 - F 4/15 | Dog day! Finish DES and attacks on it. Preliminaries for AES: basics on finite fields | (Finite field 1), (Finite field 2) | |
Week 4 | L10 - M 4/18 | Quiz. The AES blockcipher: why it was developed and how it works. | (AES), [BR:2] |
L11 - W 4/20 | Security for blockciphers: key-recovery (kr), unrepdictability (unp), PRP secuity. Start PRP-secure implies KR-secure. Reductions | [BR:3] | |
L12 - F 4/22 | Finish PRP-secure implies KR-secure. The PRP/PRF switching lemma. Game-based proofs and the fundamental lemma | [BR:4], [B:4] | |
Week 5 | L13 - M 4/25 | Finish PRP/PRF switching lemma: a birthday bound. CBC encryption w/ zeroIV, ctrIV, randIV, chainIV. Syntax of a sym enc scheme | [BR:4], [BR:A] |
L14 - W 4/27 | Defs of security for prob (or stateful) sym enc: ind1, ind2, lr; ind$. Relationships among them. CTR-ctrIV is secure | [BR:4] | |
L15 - F 4/29 | Review of hybrid argument from last time. Attacking schemes using security notions. Nonce-based sym enc | [BR:4] | |
Week 6 | L16 - M 5/02 | The asymptotic approach to formalizing security: security parameters, PPT, negligibility. CCA security, nonmalleability, authenticity | [KL:3] |
L17 - W 5/04 | Two definitions for authenticated encryption (AE) and their equivalence. The notion of a MAC. The raw CBC MAC | [BR:7] | |
L18 - F 5/06 | Making the CBC MAC work: CMAC and Carter-Wegman MACs. ε-AU hashing. Poly evaluation / GF(2^128) is ε-AU for small ε | [BR:7] | |
Week 7 | L19 - M 5/9 | Midterm | . |
L20 - W 5/11 | Guest lecture: Tor | (Tor) | |
L21 - F 5/13 | PRFs are MACs. The notion of associated data. The notion of AEAD. The SIV construction. CCM, GCM, and OCB | [B:AE] | |
Week 8 | L22 - M 5/16 | Signature of a cryptographic hash functions. Formalizing collision-resistance. Foundational concerns. Hash function uses | [BR:6] |
L23 - W 5/18 | Proof of the Merkle-Damgard theorem. Davies-Meyer. SHA-1’s blockcipher. Spoonge construction and Keccak. Memory-hard hashing | (MD), (SHA1), (SHA3), (scrypt) | |
L24 - F 5/20 | A definition for public-key encryption. Some algebra/number theory. Diffie-Hellman Key Exchange. Turning this into an enc scheme | [BR:11] | |
Week 9 | L25 - M 5/23 | Hash Diffie-Hellman encryption. CDH vs. DDH assumptions. Trapdoor permutations. The RSA trapdoor permutation | [BR:11] |
L26 - W 5/25 | The RSA assumption. Encryptiong with hardcore bits. PKCS #1 encryption. OAEP. Digital signatures. Signing with PKCS #1 | [BR:12] | |
L27 - F 5/27 | Signing from a OWF or hash fn: Lamport (one-time) sigs. AKE: man-in-the-middle attacks on DH; signed DH; SSL/TLS | (Protocols), (TLS) | |
Week 10 | Lxx - M 5/30 | Holiday — no class | . |
L28 - W 6/01 | Award winners: limericks and more. Finishing AKE. Forward secrecy. PAKEs. Why crypto has a political and moral character | [R:essay] | |
Lyy - F 6/03 | No lecture. Today is dead day, fellow zombies. Review session at 12:10 pm in 126 Wellman | . | |
Week 11 | Lzz - M 6/06 | Final – 3:30-5:30 | . |