Introductory Course in

                Cryptography

                       2008 version, Jesper Buus Nielsen

[last update: Oct 15, 2008]

This is the home page of the introductory course in Cryptography intended for second part students in computer science
and mathematics (and whoever else may be interested).

We cover some basic concepts and results in theoretical and practical cryptography. The course will end with student
projects, where students can either do something practical, related e.g. to programming, or a theoretical study.

Time and place

Monday          9:15 – 11:00                          (Typically preparing exercise from 9:15-10:00 and presenting exercise from 10:15-11:00)

Wednesday     9:15 – 11:00                          (Typically lecture)

Lectures and exercises are in IT-huset-112.

Documentation

The documentation will consist of hand-in exercises during the course, and project work plus presentation of project at the end
of the course.
Approximately 10 hand-in exercises will be given, and you must hand in and have approved at least 7 of these.

The deadline for handing in the week’s hand-in is 10:14 Monday.

Here is a list of suggestions for projects.

Course Material

A main source will be Stinson's book "Cryptography, Theory and Practice", THIRD edition.
but in parallel with this, the notes below will play a major role, most importantly
"Definitions and results for cryptosystems",
"Signature and Authentication systems" and
"Discrete log based cryptosystems".

The slides I used for the first lecture are available here as pdf file (Updated Aug 27 2008)

WARNING: the versions posted below are from last year, and may be revised, as we go along.

A note on Modular arithmetic and groups is available here as pdf file.

A note on Definitions and results for cryptosystems and their modes of use is available
here as pdf file. It covers both conventional and public-key systems.

A note on Discrete log based cryptosystems. Replaces (most of) Sec 6 of Stinson. Available
here as pdf file.

A corresponding note on results and definitions for Signature and Authentication Systems is available
here as pdf file.

A note on Key Management are available here as pdf file.

A note on Secret Sharing, available here as ps file

More material will be added here as we move along, in case I have it available electronically.

Slides

Lecture 1: Classical Cryptosystems [Lec1.pdf] (Updated Sep 2 2008)
Lecture 2: Classical Cryptanalysis [Lec2.pdf] (Updated Sep 3 2008)
Lecture 3: Shannon’s Theory  [Lec3.pdf] (Updated Sep 10 2008)
Lecture 4: Modern Block Ciphers  [Lec4.pdf] (Updated Sep 17 2008)
Lecture 5: AES [Lec5.pdf] (Updated Sep 24 2008)

Background Material

A paper by Stefan Wolf containing an introduction to information theory and uncontionally
secure cryptography.

A report on the Rijndael cipher (chosen as the new AES algorithm), written by the inventors.
   

Student Project Reports

To be announced.

Course Plan

We will be covering the following main points, although not necessarily in the order listed.
Some of the points mentioned are not covered in the course as such, and may in stead be used as subjects
for student projects.  

·         Introdution to some basic concepts and models

·         A quick look at conventional ciphers,

o        AES, DES etc.

o        Modern cryptanalysis

·         One-way functions,

o        Variants: one-way permutations, trapdoor functions

o        Examples: RSA, Discrete log, etc.

·         Secure Public-Key Encryption,

o        Passive security definitions

o        Example systems

·         The hard-core bit theorem and connections to encryption

·         Chosen ciphertext security,

o        Definitions

o        Cramer-Shoup system

·         Digital Signatures

o        Hash functions, the hash-and-sign paradigm

o        Tree-based authentication

·         Unconditional Security

o        Information theory

o        Shannon's perfect security results

o        Universal hashing and privacy amplification

o        Key exchange over noisy channels

·         Key management

o        Certificate systems

o        Secret Sharing, threshold crypto

Links

Here are some assorted links to various places of interest:
 

·         The Cryptology Group at the university of Århus.

·         The home page of IACR, the International Association for Cryptologic Research. Info on conferences, journals etc. IACR is behind most worthwhile activities of this sort in the area.

·         DigiCrime, where you can have almost any digitial crime committed that your heart desires: you can ask them to break into other peoples systems, counterfeit electronic money, etc. Of course it's all a joke, and hilariously funny too, but with a serious purpose: you can find a seemingly endless list of real-life security problems and break-in's that really happened. Of course, DigiCrime were not responsible for those - or so they say...:-)

·         The EPRINT Archive, nice source of the very latest papers in the area, hosted by IACR (see above)

·         The theory group at MIT, houses one of the best cryptography research groups in complexity based cryptography. They also have several nice literature search tools on-line.

·         The crypto group at ETH Zurich, the leading research group in information theory based cryptography.

·         Cryptomathic AS, local software and consulting company. Have a look here to get a feeling for some of the things happening in real life implementations of cryptography.

·         Home page of Mihir Bellare, who is one the well known figures in crypto research. He has one of the most informative personal home pages in the area. Good source of all kinds of links and publications.

·         Helger Lipmaa’s Crypto Pointers. A great categorized collection of publications on cryptographic research.