ECS 227 - Course Information
Meetings
Our course meets M 6:10-9:00 pm in 1062 Bainer.
Please do not miss lectures and, when you are in
class, try to think.
If you
do miss a lecture, you can watch the video tape
in 1101 Hart (they are televising the class for Livermore).
Office Hours
Office hours are F 10-11, or by appointment, or by no appointment.
On-line Information
Most everything will be collected on-line.
Go to my homepage at
www.cs.ucdavis.edu/~rogaway
and follow the
classes link to
the course web page.
Material
I expect to lecture on the following topics:
introduction - symmetric encryption - block ciphers -
pseudorandom permutations and pseudorandom functions -
one-way functions - pseudorandom generators -
symmetric encryption - hash functions - message authentication -
authenticated encryption - asymmetric encryption - digital signatures
- authenticated key exchange - interactive proofs and zero knowledge.
As always, course material is subject to change depending on
how fast (or slow) I go, and depending on student interests.
Books
There is no assigned text, and no reasonable text available for the
material of this course. I will prepare some lecture notes, and put
everything on the web: my notes and any relevant papers that you
might want to look at.
If you're interested to have an actual, finished book,
the most useful may be that of
[Menezes,
van Oorschot, Vanstone], which is available on-line, for free.
There is also a new book by
[Goldreich] which give a much more
scientific treatment of the subject, but the scope is very limited and the
treatment will be quite different from ours.
Homeworks
Homeworks will be due one week after: I give out the assignment or
cover the material, whichever comes last).
Late homeworks might or might
not be looked at, depending on my mood.
You can work with a friend on your homeworks,
as long as you acknowledge them.
As with any theory class, I believe that working closely with others
leads to an inferior understanding of course material.
(But then, some students honestly believe exactly the opposite!)
Projects
You must read a paper in the provable-security tradition of cryptography,
understand it,
and then write something about it.
Alternatively, you must do some small research project of your own: anything
novel that touches on provable-security cryptography.
Projects are due the last day of class.
Unless you get special consent, writeups should be
2-4 pages.
But they should be beautiful:
meticulously written,
nicely typeset (LaTeX, please),
and, preferably, with some interesting or semi-interesting idea.
Or at least something that demonstrates that you're "with it".
If you have any doubt if your envisioned paper/project is OK, talk to me,
and do so more than two weeks before the project is due.
If you are reading a research paper,
going with one of
mine or
Mihir Bellare makes
a particularly safe choice. But this is certainly not required.
I won't discuss the projects in class. You're on your own to
remember that you have to do this, and to budget your time
appropriately.
Exams
There's no midterm, but there's a sort-of final. I prefer to call
it a "discussion". You'll come in to my office for 30 minutes,
we'll talk, and I'll try to ascertain how much you got out of the class.
Don't be worried about it; it ain't a big deal. But it helps
me understand what students are and are not understanding, and what they are
and are not interested in.
Grading
I am required to give grades, which will be based on
what has already been mentioned.
This is a non-required graduate class, so I expect students
to be here because they're genuinely interested in learning the
material.
Research in cryptography
You may treat this class as your "invitation" for doing research in
cryptography, a most unusual and wonderful subject. Welcome!
Phil Rogaway's homepage