Applied Cryptography

CS838 Spring 2012: Applied Cryptography

Instructor: Thomas Ristenpart
Email: rist at cs dot wisc dot edu
Office hours: TBA
Lectures: Tuesday 4:00 - 6:30 pm
Location: 1263 CS

Announcements:

March 27th lecture cancelled.
Second problem set is here, due April 10.
Solutions for first problem set here.
First problem set is here, due March 6. Let me know if you have any questions.
Initial project proposals due February 21.

Summary:

Cryptography is a ubiquitous tool in today's electronic world. It secures online shopping and banking, protects sensitive data stored on home PCs or in the cloud, and much more. This class will cover applied cryptography, from the design and formal assessment of cryptographic algorithms all the way to deployment in today's computing systems.

See the class handout for more information.

Pre-requisites:

There are no formal prerequisites for this course. However, much of the material will involve theory (definitions, theorems, and proofs). I expect that students will have had exposure to topics in theoretical computer science, e.g. via a course on complexity theory or theory of computation. Specifically, students should have familiarity with the concept of a reduction (ala NP-completeness). Please talk to me if you have any questions or concerns.

Requirements:

Students will be given several homework assignments during the term. Students will perform a class project on a topic of their choosing (subject to instructor's approval). The project will require an in-class presentation and a short write-up (less than 5 pages). The goal will be for projects to lead to publication-quality research, but this will not be a requirement to receive a passing grade. Final grades will be calculated by some to-be-determined formula of the preceding requirements and class participation.

Tentative topics:

Below is a list of topics I am thinking of covering, but treat this more as an estimate than a true schedule. Feel free to contact me with requests for topics to be covered.

Topic	Slides	Lecture notes
Introduction	pdf	pdf
Blockciphers	pdf	pdf
Pseudorandom functions	pdf	pdf
Birthday bounds	-	pdf
Symmetric Encryption	pdf	pdf
Padding oracle attacks	-	pdf
Hash functions	pdf	pdf
Message authentication	pdf	pdf
Authenticated encryption	pdf	-
AE in practice: TLS, SSH, IPSec
Randomness generation
Computational number theory basics	pdf	pdf
Public-key encryption	pdf	pdf
PKE in practice: PGP
Digital signatures	pdf	pdf
Signatures in practice
Key exchange	pdf	-
KE in practice: TLS, SSH
Further topics: secure function evaluation, homomorphic encryption

Course materials:

We'll be using the cryptography lecture notes of Bellare and Rogaway, research papers, standards/RFCs, and open source implementations. The Bellare-Rogaway notes will be available from this website when the class starts. Another good reference is the Katz and Lindell book Introduction to Modern Cryptography.

Project ideas:

I'll have a list of specific example projects for the course in the first couple weeks of the class. To give a sense of flavor, projects could range from cryptanalyzing standards or implementations, investigating insecurity of cryptographic protocols in cloud environments, proving (in)security of protocols from the research literature, novel implementations that include significant cryptographic component(s), etc.