The following summarizes the topic of each lecture. There were 23 lectures, each being 2 hours.
COMP 754 - Term 1 of 2002 - Lecture-by-Lecture Topic Summaries |
|
---|---|
Lecture - Date | Topic |
Lect 1 - 06.27 R | What is cryptography? Four problems in cryptography: privacy in the symmetric and asymmetric trust models, message authentication in the symmetric and asymmetric trust models. Writing precise, mathematical English: One-to-one functions, | Lect 2 - 07.02 T | More practice being mathematically precise; notions of one-to-one functions, onto functions, permutations, strings. Probabilistic notation and computing some simple probabilities. | Lect 3 - 07.04 R | Layered look at cryptographic mechanisms. What is a block cipher? History of DES and a complete description of DES. (Reading: Landau article on DES.) | Lect 4 - 07.10 W | Group axioms, field axioms. A theorem about the existence and uniqueness of finite fields. Doing arithmetic in GF(2^8). A first look at the structure of AES. | Lect 5 - 07.11 R | A complete description of AES. The ECB mode of operation: what is wrong with it? | Lect 6 - 07.16 T | Modes of operation. Definitions for encryption-scheme security. | Lect 7 - 07.18 R | Formalizing encryption: real-or-random security. | Lect 8 - 07.29 T | Working to understand the ind-definition. Distinguishing an oracle that gives random samples in [1..10] from an oracle that gives random samples in [1..11]. CBCrandom and CBCcounter. | Lect 9 - 08.01 R | Using our definition of encryption scheme security to break various constructions. | Lect 10 - 08.05 M | Definition of PRP security. Reductions. The security of CTRctr. | Lect 11 - 08.06 T | A switching lemma. More on the provable-security paradigm. Fully proving the security of of CTRctr. | Lect 12 - 08.07 W | Proving the security of CBCrandom. Review of public-key encryption. Mathematical preliminaries for the RSA algorithm. | Lect 13 - 08.08 R | Mathematical preliminaries for the RSA algorithm. Definition of the RSA algorithm. | Lect 14 - 08.13 T | Review of RSA. Definition of PK encryption-scheme security. (Raw) RSA is NOT secure. Notion of a trapdoor permutation. | Lect 15 - 08.15 R | Ways to properly encrypt using a trapdoor permutation. Hardcore bits. The method of PKCS \#1. | Lect 16 - 08.27 T | Why PKCS \#1 is not provably secure. Cryptographic hash functions and their uses. Encryption by f(R) || H(R) xor M and OAEP. Merkle-Damgârd iteration. Block-cipher based constructions. | Lect 17 - 08.29 R | Definition of SHA1. Formalization of hash-function goals. The Merkle-Damgârd theorem. | Lect 18 - 09.03 T | Digital signature: definition of the goal. RSA signatures. The Secure Hash Standard. | Lect 19 - 09.10 T | An introduction to key-exchange. | Lect 20 - 09.12 R | An introduction to multiparty protocols. | Lect 21 - 09.17 T | Student presentations: A Forward-Secure Digital Digital Signature Scheme, Concrete Security Characterization of PRFs and PRPs, Ciphers with Arbitrary Finite Domains, Session Key Distribution Using Smart Cards, The Security of All-or-Nothing Encryption, Public-Key Encryption in a Multi-User Setting | Lect 22 - 09.18 W | Student presentations: Tweakable Block Ciphers, How to Leak a Secret, Authenticated Key Exchange Secure Against Dictionary Attacks, Optimal Asymmetric Encryption, Random Oracles are Practical, XOR MAC | Lect 23 - 09.19 R | Student presentations Keying Hash Functions for Message Authentication, On the Construction of VIL Ciphers, SDSI & SPKI Specification, Encode-then-Encipher Encryption, Non-Malleable Encryption |