| Class | Topic |
|---|---|
| 1M 4/01 | Basics. Read the syllabus. Introduction: four basic problems in cryptography: {priv, auth} x {sym, asym}. Other ways to create asymmetry. |
| 1W 4/03 | Quiz. Secret Key Exchange (SKE) and the DH protocol. Mean salary computation in the physical and communication model. |
| 1R 4/04 | PS1 in discussion section |
| 1F 4/05 | Defined groups. Z_2, Z_N, Z_2^*. Why Z_2^* is cryptographically useful. The OTP encryption scheme. |
| 2M 4/08 | Quiz. Reviewing OTP encryption. Correctness. Defining perfect privacy for one message or multiple messages. |
| 2W 4/10 | Review. Secret sharing: 2-of-2, threshold schemes, definition for the general problem. |
| 2R 4/11 | Solutions to PS2. Map a deal to a point in Z_{C(52,26)}. Breaking LR-privacy for a deterministic, stateless enc scheme. |
| 2F 4/12 | Quiz. Privacy notion for secret sharing (SS). Shamir SS (original paper) Pseudorandom generators (PRGs). RC4 |
| 3M 4/15 | Approaches to handling the domain & stretch of a PRG. Reductions. From stretch-1 to long-stretch. |
| 3W 4/17 | ∃ secure asym PRG ⇒ P≠NP. A reduction: if g is a secure stretch-1 PRG then G[g] is a secure arbitrary-stretch PRG. Problems with RC4/PRGs. |
| 3R 4/18 | Solutions to PS3. Defining indistinguishability. Asymptotic way to do that. |
| 3F 4/19 | Quiz. Problems with PRGs and with RC4. Syntax of a PRF (pseudorandom function). A well-designed PRF: Dan Bernstein’s ChaCha20 |
| 4M 4/22 | The PRF security notion. |Func(n,m)|. Using a PRF to encrypt: prob. enc. with a PRF / ChaCha20. |
| 4W 4/24 | Quiz. Notions of enc scheme security: LR, ind0, ind$. LR-security is equivalent to ind0-security. ind$ security is stronger. |
| 4R 4/25 | An alternative Chernoff bound for the HW. A more efficient way to use a minimal-stretch PRG. |
| 4F 4/26 | Finishing the reduction for ind$ ⇒ ind0. Syntax for blockcipher. Signatures and initial history of DES and AES. |
| 5M 4/29 | Syntax and security definition for blockciphers. How DES works. Why it’s key is so short. |
| 5W 5/01 | Cat Day: visits from Peanut and Cloud. Winner’s Do Artifacts have Politics? (recommended), and the key length of DES. AES. Arithmetic in GF(2^8). |
| 5R 5/02 | Going over a practice quiz, including substitution ciphers and password guessing. Review of GF(2^8) multiplication. |
| 5F 5/03 | Quiz. Using a PRP to encrypt: ECB mode mode and critique. CTR mode. The PRP/PRF switching lemma. |
| 6M 5/06 | Game-playing arguments; finish PRP/PRF switching lemma. Proving security of CTR mode. CBC encryption. Malleability of CBC-encrypted text. |
| 6W 5/08 | CBC-ctr is not ind-secure; CBC$ is. Nonmalleability. CTR and CBC are malleable. MT cutoff. Then: the CBC MAC. The definition of a MAC. |
| 6R 5/09 | Midterm review sessions: we worked out old midterms, as well as the last problem on the current problem sets. |
| 6F 5/10 | Midterm 1. Cheat-sheet allowed (one side of one page). Overflow room: Wellman 207. About 20 students should go there. |
| 7M 5/13 | Midterms weren't great. A dog visits. MACs. PRFs are good MACs. Raw CBC MAC: no good. Fixing it: CMAC. Carter-Wegman MACs. GMAC. |
| 7W 5/15 | . |
| 7R k/16 | . |
| 7F 5/17 | . |
| 8M 5/20 | Deadline for +4% early-turnin final-project. |
| 8W 5/22 | . |
| 8R 5/23 | . |
| 8F 5/24 | . |
| 9M 5/27 | Deadline for +3% early-turnin final project. Holiday; no school; you’ll be lonely in Wellman. |
| 9W 5/29 | . |
| 9R 5/30 | . |
| 9F 5/31 | . |
| 10M 6/03 | Midterm 2. Final projects due at 10 pm. Overflow room is Wellman 115 (about 28 students should go there). |
| 10W 6/05 | . |