CS838 Spring 2011: Applied Cryptography
Instructor: Thomas Ristenpart
Email: rist at cs dot wisc dot edu
Office hours: by appointment (email me)
Lectures: TR 9:30 - 10:45 am
Location: 2239 ENGR Hall
- Please read the course handout
- Email me if you need a copy of the project ideas. I'll also bring
more printouts to class on Thursday.
- Problem set one is here
- Problem set two is here
- Problem set three is here
- Example latex for POA analysis is here
- Problem set four is here
- Interesting lecture on public-key crypto here
- Project progress reports due on Tuesday, April 5th. Please write a
(typeset, preferrably with LaTeX) summary of: (1) reiteration of the
project proposal; (2) refinements subsequently made to the proposal;
(3) what you've got so far done; and (4) description of what you still have
- Problem set five is here
Cryptography is a ubiquitous tool in today's electronic world.
It secures online shopping and banking,
protects sensitive data stored on home PCs or in the cloud, and
much more. This class will cover applied cryptography, from
the design and formal assessment of cryptographic algorithms all
the way to deployment in today's computing systems.
There are no formal prerequisites for this course. However, much
of the material will involve theory (definitions, theorems,
and proofs). I expect that students will have had exposure to topics
in theoretical computer science, e.g. via a course on complexity theory or
theory of computation. Specifically, students should have
familiarity with the concept of a reduction (ala
Please talk to me if you have any questions or concerns.
Students will be given several homework assignments
during the term.
Students will perform a class project
on a topic of their choosing (subject to instructor's
approval). The project will require an in-class
presentation and a short write-up (less than 5 pages).
The goal will be for projects to lead to publication-quality
research, but this will not be a requirement to receive a
passing grade. Final grades will be calculated by some
to-be-determined formula of the preceding requirements and
Below is a list of topics I am thinking of covering, but treat this more as
an estimate than a true schedule. Feel free to contact me with
requests for topics to be covered.
| Introduction ||pdf ||pdf
| Blockciphers ||pdf
| Pseudorandom functions ||pdf
| Birthday bounds ||-||pdf
| Symmetric Encryption ||pdf||pdf
| Padding oracle attacks||-||pdf
| Hash functions||pdf
| Message authentication||pdf
| Authenticated encryption ||pdf||-
| AE in practice: TLS, SSH, IPSec ||
| Randomness generation ||
| Computational number theory basics ||pdf||pdf
| Public-key encryption ||pdf ||pdf
| PKE in practice: PGP ||
| Digital signatures ||pdf ||pdf
| Signatures in practice ||
| Key exchange ||pdf ||-
| KE in practice: TLS, SSH ||
| Further topics: secure function evaluation, homomorphic encryption ||
We'll be using the cryptography lecture notes of Bellare and Rogaway,
research papers, standards/RFCs, and open source implementations.
The Bellare-Rogaway notes will be available from this website when
the class starts.
I'll have a list of specific example projects for the course in the first couple weeks of
the class. To give a sense of flavor, projects could range from cryptanalyzing standards or
implementations, investigating insecurity of cryptographic protocols in cloud environments,
proving (in)security of protocols from the research literature,
novel implementations that include significant cryptographic component(s), etc.