CS 7810 - Foundations of Cryptography, Fall 2017

Course Description

Cryptography is the science of protecting information against adversarial eavesdropping and tampering. Although people have been fascinated with cryptography since ancient times, it has only recently blossomed into a scientific discipline with rigorous mathematical foundations and methodologies. In this graduate course, intended for students at the PhD level, we will provide an accelerated introduction to modern cryptography and quickly progress to advanced topics that are at the forefront of current research. We will start by understanding what kind of security properties can be achieved by relying solely on probability and information theory, without restricting the adversary's computational power. We will then study the complexity-theoretic basis of modern cryptography and the connection between computational hardness and pseudoradnomness. As the main component of the course, we will explore how to take a few well-studied problems in number theory and algebra and use them to build powerful cryptosystems with advanced functionality and security properties such as public-key encryption, digital signatures, multi-party computation, fully-homomorphic encryption, etc.

Prerequisites: The main pre-requisite is a high degree of mathematical maturity. We will also rely on some rudimentary knowledge of probability, algorithms, and theory of computation. No prior knowledge of cryptography or number theory is required (but some familiarity will be helpful).

Although the course is intended for PhD students, interested undergraduate and Masters students are encouraged to contact the instructor.

Logistics

Lecture Time: Monday, Wednesday: 2:50 pm - 4:30 pm
Location: Ryder Hall 157
Instructor: Daniel Wichs. Email: (instructor's five-letter last name)@ccs.neu.edu.
Office hours: By appointment. Office 622 ISEC.

Grading

Problem Sets 70%, Scribe Notes 10%, Class Project 20%

Resources

Students will be asked to scribe lecture notes in latex, which will serve as the main resource for the course. The following textbook is useful as a reference: Introduction to Modern Cryptography by Katz and Lindell.
Other useful resources include:
Graduate Crypto Book by Dan Boneh and Victor Shoup.
Lecture Notes by Rafael Pass and Abhi Shelat.
Lecture notes by Yevgeniy Dodis
Lecture notes by Chris Peikert
Lecture notes by Boaz Barak.
Slides by Stefan Dziembowski.
Slides,Notes by Gil Segev.

Scribing

You should scribe notes in LaTex. Use the following example notes as a template. You also need this preamble to compile. The scribed notes are due one week after the lecture.

Problem Sets

Problem sets will be posted here. Use latex to write up your solutions. A template file is provided for you for each problem set. You should try to solve each problem on your own. If you can't solve the problem on your own, you are allowed to discuss with others from the class. However, you must write down the solution on your own. You should also write down who you discussed each problem with. You are not allowed to use any other external resources.

Lectures

See also course notes from prior course.

Class/Date Topic Covered Notes
Class 1, 9/6: introduction, perfect secrecy, one-time pad, optimality. notes , slides
Class 2, 9/11: authentication, secret sharing scribe notes.
Class 3, 9/13: multiparty computation, statistical distance scribe notes.
Class 4, 9/18: statistical security, computational security, indistinguishability scribe notes.
Class 5, 9/20: pseudorandom generators (PRGs), increasing the output sizescribe notes
Class 6, 9/25: pseudorandom functions (PRFs), GGM construction from PRGs, CPA security PRF notes, CPA notes (from 2015)
Class 7, 9/27: CPA encryption from PRFs, MACs from PRFs, one-way functions scribe notes
Class 8, 10/3: Goldreich-Levin theorem scribe notes I, scribe notes II (from 2015)
Class 9, 10/4: randomness extractors scribe notes
Class 10, 10/11: weak OWFs, hardness amplification, universal OWFs scribe notes
Class 11, 10/16: hash functions, Merkle-Damgaard, Merkle Tree, random oracle scribe notes
Class 12, 10/18: number theory, cyclic groups scribe notes
Class 13, 10/23: discrete logarithms, CDH and DDH assumptions, Diffie-Hellman Key-Agreement scribe notes
Class 14, 10/25: ElGamal Encryption, hash functions from DL, PRGs from DDH, Naor-Reingold PRF scribe notes
Class 15, 10/30 trapdoor-permutations, RSA scribe notes
Class 16, 11/1: squaring modulo N, Rabin TDP, signatures from TDP in RO model scribe notes
Class 17, 11/6: signatures from CRHFs (and OWFs), begin ID scheme scribe notes
Class 18, 11/8: Schnorr ID Scheme, Schnorr signatures scribe notes
Class 19, 11/13: zero-knowledge proofs for NP scribe notes
Class 20, 11/15: CCA security, construction in the RO model, begin Cramer-Shoup scribe notes
Class 21, 11/20: finish Cramer-Shoup scribe notes
Class 22, 11/27: learning with errors, Regev encryption scribe notes
Class 23, 11/29: fully homomorphic encryption scribe notes
Class 24, 12/04: bootstrapping FHE, lattice trapdoors, signatures and identity-based encryption scribe notes
Class 25, 12/06: obfuscation scribe notes


Tentative Syllabus

Information-Theoretic Cryptography
Foundations of Symmetric-Key Cryptography
Number-Theory Assumptions and Cryptosystems I Sigma Protocols, Signatures, and Zero-Knowledge Proofs Assumptions and Cryptosystems II Advanced Topics (depending on time and interest)