Most lectures will be two hours, and I expect that there will be about 22 lectures.

COMP 745 - Term 2 of 2002 - Lecture topics to date

..Lect.. ........Date........ Topic
Lect 0 10.28.02 Mon Organizational meeting. Example problems in cryptography (zero knowledge, dating problem).
Lect 1 10.30.02 Wed Introduction, v. 1. Sample problems in cryptography: interactive proofs, zero knowledge, commitment schemes, telephone coin flipping.
Lect 2 11.04.02 Mon Introduction, v. 2. The provable-security paradigm. A layered-look at building secure protocols. Block ciphers. Syntax. Counting how many.
Lect 3 11.06.02 Wed Block ciphers, continued. Description of DES. Description of AES, part 1: finite field arithmetic (the field with 256 points).
Lect 4 11.11.02 Mon Finish AES. Notation for describing experiments. KPA, CPA, CCA attacks. A definition of block-cipher security: fnp-cpa (find a new pair).
Lect 5 11.13.02 Wed More notions of block-cipher security: key-recovery security. PRP security.
. . Phil out of town
Lect 6 11.27.02 Wed PRP security implies KR-security. PRF security. PRP security and PRF security are almost the same. Block-cipher modes of operation.
Lect 7 11.29.02 Fri An example of a hybrid argument: showing that PRP is unchanged by the addition of a reference enciphering oracle.
Lect 8 12.02.02 Mon Definitions of encryption-scheme security: ind, find-then-guess, semantic security, and ind$.
. . Mini-break (never quite understood the reason, but that's ok!)
Lect 9 12.11.02 Wed Proving relationships among notions of encryption-scheme security. Breaking wrong schemes: CTRctr, CBCctr, CBCchain.
Lect 10 12.16.02 Mon Proving security of CTRrnd. Proving security of CBCrnd.
Lect 11 12.20.02 Fri Hash functions. The Merkle-Damgard construction and its proof. SHA1. Applications of hash functions. Foundational problems.
Lect 12 01.03.03 Fri Definitions for hash functions: collision-resistance, UOWHFs, and AU2.
Lect 13 01.06.03 Mon Constructions for AU2 hash functions.
Lect 14 01.10.03 Fri Message authentication. Definitions. Encryption with redundancy doesn't work. Breaking the CBC MAC. HMAC and CBC MAC variants.
Lect 15 01.13.03 Mon The CW approach. Combining encryption and MAC. Number theory background.
Lect 16 01.17.03 Fri Finish number theory. The complexity-theoretic approach to definitions.
Lect 17 01.20.03 Mon Public-key encryption from RSA. The RSA assumption. Public-key encryption from DH. The DH assumptions.
Lect 18 01.24.03 Fri .
Lect 19 01.27.03 Mon .
Lect 20 01.31.03. Fri .
Lect 21 02.03.03 Mon .
Lect 22 02.07.03 Fri .