CS838 Spring 2012: Applied Cryptography
Instructor: Thomas Ristenpart
Email: rist at cs dot wisc dot edu
Office hours: TBA
Lectures: Tuesday 4:00 - 6:30 pm
Location: 1263 CS
- March 27th lecture cancelled.
- Second problem set is here, due April 10.
- Solutions for first problem set here.
- First problem set is here, due March 6. Let me know if you have any questions.
- Initial project proposals due February 21.
Cryptography is a ubiquitous tool in today's electronic world.
It secures online shopping and banking,
protects sensitive data stored on home PCs or in the cloud, and
much more. This class will cover applied cryptography, from
the design and formal assessment of cryptographic algorithms all
the way to deployment in today's computing systems.
See the class handout for more information.
There are no formal prerequisites for this course. However, much
of the material will involve theory (definitions, theorems,
and proofs). I expect that students will have had exposure to topics
in theoretical computer science, e.g. via a course on complexity theory or
theory of computation. Specifically, students should have
familiarity with the concept of a reduction (ala
Please talk to me if you have any questions or concerns.
Students will be given several homework assignments
during the term.
Students will perform a class project
on a topic of their choosing (subject to instructor's
approval). The project will require an in-class
presentation and a short write-up (less than 5 pages).
The goal will be for projects to lead to publication-quality
research, but this will not be a requirement to receive a
passing grade. Final grades will be calculated by some
to-be-determined formula of the preceding requirements and
Below is a list of topics I am thinking of covering, but treat this more as
an estimate than a true schedule. Feel free to contact me with
requests for topics to be covered.
| Introduction ||pdf ||pdf
| Blockciphers ||pdf
| Pseudorandom functions ||pdf
| Birthday bounds ||-||pdf
| Symmetric Encryption ||pdf||pdf
| Padding oracle attacks||-||pdf
| Hash functions||pdf
| Message authentication||pdf
| Authenticated encryption ||pdf||-
| AE in practice: TLS, SSH, IPSec ||
| Randomness generation ||
| Computational number theory basics ||pdf||pdf
| Public-key encryption ||pdf ||pdf
| PKE in practice: PGP ||
| Digital signatures ||pdf ||pdf
| Signatures in practice ||
| Key exchange ||pdf ||-
| KE in practice: TLS, SSH ||
| Further topics: secure function evaluation, homomorphic encryption ||
We'll be using the cryptography lecture notes of Bellare and Rogaway,
research papers, standards/RFCs, and open source implementations.
The Bellare-Rogaway notes will be available from this website when
the class starts. Another good reference is the Katz and Lindell book
Introduction to Modern Cryptography.
I'll have a list of specific example projects for the course in the first couple weeks of
the class. To give a sense of flavor, projects could range from cryptanalyzing standards or
implementations, investigating insecurity of cryptographic protocols in cloud environments,
proving (in)security of protocols from the research literature,
novel implementations that include significant cryptographic component(s), etc.