The following summarizes the topic of each lecture. There were 23 lectures, each being 2 hours.
COMP 754 - Term 1 of 2002 - Lecture-by-Lecture Topic Summaries
|Lecture - Date||Topic|
|Lect 1 - 06.27 R||What is cryptography? Four problems in cryptography: privacy in the symmetric and asymmetric trust models, message authentication in the symmetric and asymmetric trust models. Writing precise, mathematical English: One-to-one functions,||Lect 2 - 07.02 T||More practice being mathematically precise; notions of one-to-one functions, onto functions, permutations, strings. Probabilistic notation and computing some simple probabilities.||Lect 3 - 07.04 R||Layered look at cryptographic mechanisms. What is a block cipher? History of DES and a complete description of DES. (Reading: Landau article on DES.)||Lect 4 - 07.10 W||Group axioms, field axioms. A theorem about the existence and uniqueness of finite fields. Doing arithmetic in GF(2^8). A first look at the structure of AES.||Lect 5 - 07.11 R||A complete description of AES. The ECB mode of operation: what is wrong with it?||Lect 6 - 07.16 T||Modes of operation. Definitions for encryption-scheme security.||Lect 7 - 07.18 R||Formalizing encryption: real-or-random security.||Lect 8 - 07.29 T||Working to understand the ind-definition. Distinguishing an oracle that gives random samples in [1..10] from an oracle that gives random samples in [1..11]. CBCrandom and CBCcounter.||Lect 9 - 08.01 R||Using our definition of encryption scheme security to break various constructions.||Lect 10 - 08.05 M||Definition of PRP security. Reductions. The security of CTRctr.||Lect 11 - 08.06 T||A switching lemma. More on the provable-security paradigm. Fully proving the security of of CTRctr.||Lect 12 - 08.07 W||Proving the security of CBCrandom. Review of public-key encryption. Mathematical preliminaries for the RSA algorithm.||Lect 13 - 08.08 R||Mathematical preliminaries for the RSA algorithm. Definition of the RSA algorithm.||Lect 14 - 08.13 T||Review of RSA. Definition of PK encryption-scheme security. (Raw) RSA is NOT secure. Notion of a trapdoor permutation.||Lect 15 - 08.15 R||Ways to properly encrypt using a trapdoor permutation. Hardcore bits. The method of PKCS \#1.||Lect 16 - 08.27 T||Why PKCS \#1 is not provably secure. Cryptographic hash functions and their uses. Encryption by f(R) || H(R) xor M and OAEP. Merkle-Damgârd iteration. Block-cipher based constructions.||Lect 17 - 08.29 R||Definition of SHA1. Formalization of hash-function goals. The Merkle-Damgârd theorem.||Lect 18 - 09.03 T||Digital signature: definition of the goal. RSA signatures. The Secure Hash Standard.||Lect 19 - 09.10 T||An introduction to key-exchange.||Lect 20 - 09.12 R||An introduction to multiparty protocols.||Lect 21 - 09.17 T||Student presentations: A Forward-Secure Digital Digital Signature Scheme, Concrete Security Characterization of PRFs and PRPs, Ciphers with Arbitrary Finite Domains, Session Key Distribution Using Smart Cards, The Security of All-or-Nothing Encryption, Public-Key Encryption in a Multi-User Setting||Lect 22 - 09.18 W||Student presentations: Tweakable Block Ciphers, How to Leak a Secret, Authenticated Key Exchange Secure Against Dictionary Attacks, Optimal Asymmetric Encryption, Random Oracles are Practical, XOR MAC||Lect 23 - 09.19 R||Student presentations Keying Hash Functions for Message Authentication, On the Construction of VIL Ciphers, SDSI & SPKI Specification, Encode-then-Encipher Encryption, Non-Malleable Encryption|