Cryptography (CY 4770)

This is the webpage for the Northeastern University course Cryptography (CY 4770) in Spring, 2021.

Logistics | Course Description | Schedule | Resources | Syllabus

Logistics

Lecture Time: Monday/Thursday 11:45–13:25

Instructor: Ran Cohen (email: rancohen@northeastern.edu)
TA: Eysa Lee (email: lee.ey@northeastern.edu)
Office hours:
- Ran: Fridays 10:30–11:30 or by appointment
- Eysa: Wednesdays 11:30am–12:30pm
The course forum and zoom links are in Piazza.

Course Description

This course serves as an introduction to modern cryptography. The aim of this course is to teach the basic principles and concepts of modern cryptography, focusing on cryptographic problems from the real world (such as encryption, message authentication, and digital signatures) and their solutions. We will present definitions of security of every such problem and will prove the security of the constructions we see according to these definitions. If time permits we will cover at the end of the course advanced topics such as zero-knowledge proofs and secure multi-party computation. We will follow the textbook Introduction to Modern Cryptography by Jonathan Katz and Yehuda Lindell, but all required material will be covered in class.

Pre-requisites:The main pre-requisite is mathematical maturity and comfort with understanding/writing proofs. Familiarity with basic probability and discrete math is assumed (e.g., of conditional probability, modular arithmetic, and the big O notation). Prior knowledge on number theory is not assumed, but may be useful - we will cover the required background in class.

Grading: The final grade will be based on:

Participation (5%): As we are having a virtual course, and not all students can attend the lectures, participation can be expressed either by attending the lectures, or by being actively involved in Piazza discussions (asking/answering questions).
Quizzes (20%): During the course we will have 11 short quizzes. These quizzes are meant to be easier than problem sets and are designed to be completed quickly (~15 minutes). They are not meant to cause grief, and the questions will be straightforward. The goals of the quizzes are to encourage careful study of the lecture material.
Problem Sets (40%): We will have 6 problem sets during the course. Homeworks should be submitted in PDF format. We recommend using typesetting, e.g., using LaTeX, but scanned handwritten solutions will also be accepted, as long as they are clearly readable. The submission date of each problem set will be two weeks after publishing it.
Final (35%): At the end of the semester we will have a final exam covering the material studied in the course.

Each assignment will include a breakdown of how it will be graded. Some assignments may include extra credit components that can boost your grade above the maximum score.

Lateness and Collaboration Policy:

In general, we will not accept late submissions (with the exception of extreme circumstances), however, the problem set with the lowest grade and the quiz with the lowest grade will not be taken into account when computing the final grade.
Collaborating with other students in the class on homework problems is encouraged, though we urge you to first attempt working out all of the problems by yourself. It is ok to ask your peers about the concepts, algorithms, or approaches needed to do the assignments. We encourage you to do so; both giving and taking advice will help you to learn.
However, you must write up, prepare, and submit your solutions, in your own words. Looking at written homework solutions from other people or the Web is strictly prohibited. The solution must be entirely the work of the student turning them in. If you have any questions about using a particular resource, ask the course staff or post a question to the class forum.
If you consult any outside reference such as a textbook or lecture notes, you must acknowledge it on your submission, and make sure all the solutions you submit are your own.
All students are subject to the Northeastern University’s Academic Integrity Policy. Per Khoury College policy, all cases of suspected plagiarism or other academic dishonesty must be referred to the Office of Student Conduct and Conflict Resolution (OSCCR). This may result in deferred suspension, suspension, or expulsion from the university.
We are more than happy to answer/discuss any question about the material covered in class during office hours. However, we will not look at homework solutions or discuss an assignment before its submission date. In case there are questions about the meaning of a question in an assignment, please ask the question in the Piazza forum so that all students can benefit.

Schedule (subject to change)

Lecture	Topics Covered	Relevant Reading (based on KL, 2nd edition)	Problem Set	Quiz
L1 (Jan 21)	Introduction, encryption problem, perfect secrecy	Chapters 1, 2.1
L2 (Jan 25)	One-time pad, Shannon's Theorem, computational security, PRG	Chapters 2.2-3, 3.1-3	PS1, due Feb 8
L3 (Jan 28)	More on PRG, OWF, encrypting multiple messages, CPA security	Chapters 7.1.1, 7.4.2, 3.4		Quiz 1, due Feb 1
L4 (Feb 1)	PRF, CPA-secure encryption from PRF	Chapter 3.5
L5 (Feb 4)	PRF from PRG, PRP, block ciphers	Chapter 3.5		Quiz 2, due Feb 8
L6 (Feb 8)	Modes of operation	Chapter 3.6	PS2, due Feb 22
L7 (Feb 11)	CCA security, padding-oracle attacks	Chapter 3.7		Quiz 3, due Feb 15
No lecture (Feb 15)	Presidents' Day
L8 (Feb 18)	MACs	Chapter 4		Quiz 4, due Feb 24
L9 (Feb 22)	Hash functions	Chapters 5.1, 5.2, 5.4	PS3, due Mar 8
L10 (Feb 25)	Hash functions continued, basic number theory	Chapters 5.5, 8.1.1		Quiz 5, due Mar 3
L11 (Mar 1)	Modular arithmetic, basic group theory	Chapters 8.1.2, 8.1.3, B.1
L12 (Mar 4)	Basic group theory, the factoring assumption	Chapters 8.1.4, 8.2.1, 8.2.3, 8.4.1		Quiz 6, due Mar 10
L13 (Mar 8)	The RSA assumption, CRT, cyclic groups	Chapters 8.1.5, 8.2, 8.3.1	PS4, due Mar 22
L14 (Mar 11)	DL, CDH, DDH	Chapters 8.3, 8.4.2, 9.2.1, 9.2.2		Quiz 7, due Mar 17
L15 (Mar 15)	Key Agreement, the Diffie-Hellman protocol	Chapter 10
L16 (Mar 18)	El Gamal encryption	Chapters 11.1, 11.2, 11.4.1		Quiz 8, due Mar 24
L17 (Mar 22)	KEM, Textbook RSA	Chapters 11.3, 11.4.2, 11.4.3, 11.5.1	PS5, due Apr 5
L18 (Mar 25)	Padded RSA	Chapters 11.5.2, 11.5.4		Quiz 9, due Mar 31
L19 (Mar 29)	RSA-based KEM (CPA/CCA)	Chapter 11.5.5
L20 (Apr 1)	Digital signatures, RSA-FDH	Chapters 12.1, 12.2, 12.3, 12.4		Quiz 10, due Apr 7
L21 (Apr 5)	Schnorr's signatures	Chapter 12.5.1	PS6, due Apr 19
L22 (Apr 8)	(EC)DSA, Lamport's signatures, certificates, TLS	Chapters 12.5.2, 12.6, 12.7, 12.8		Quiz 11, due Apr 14
No lecture (Apr 12)
L23 (Apr 15)	Signcryption, pairings, 3-party KA, BLS, IBE, Boneh-Franklin
L24 (Apr 19)	MPC, oblivious transfer, garbled circuits, Yao's protocol

Resources

We will follow the textbook Introduction to Modern Cryptography by Jonathan Katz and Yehuda Lindell. There is no need to purchase the book as we will cover all relevant material in class. Note that there are 3 editions to this book, but we will cover basic material that is clearly presented in all 3 editions, so prior editions will also be very useful.

Other useful resources include:

A Course in Cryptography by Rafael Pass and Abhi Shelat
Lecture Notes on Cryptography by Shafi Goldwasser and Mihir Bellare
The Joy of Cryptography by Mike Rosulek
Lecture Notes on Cryptography by Luca Trevisan
An Intensive Introduction to Cryptography by Boaz Barak
Cryptography, An Introduction : Third Edition by Nigel Smart
A Graduate Course in Applied Cryptography by Dan Boneh and Victor Shoup
Lecture Notes on Cryptographic Protocols by Berry Schoenmakers
Foundations of Cryptography by Yehuda Lindell

Tentative Syllabus

The following is an ambitious list of topics to be covered. Depending on time, some of the topics may be omitted.

Introduction: What is modern cryptography and historical perspectives.
Perfectly-Secret Encryption: Definitions, the one-time pad, Shanon's theorem.
Private-Key (Symmetric) Encryption: Passive security and constructions from PRG. CPA security and constructions from PRF. Modes of operation.
Message Authentication Codes: Message integrity, security definition, MAC from PRF, CCA secure encryption.
Collision-Resistant Hash Functions: Definitions, Birthday attacks, the Merkle-Damgard transform.
Constructions of Pseudorandom Permutations (Block Ciphers) in Practice: Substitution-permutation and Feistel networks, DES, triple DES, AES.
Number Theory: Basic group theory, factoring and RSA, discrete log in cyclic groups, CRH from discrete log.
Public-Key (Asymmetric) Cryptography: Introduction, Diffie-Hellman key exchange.
Public-Key (Asymmetric) Encryption: The model, ElGamal, RSA.
Digital Signatures: Definition and applications, Hash and sign, RSA signatures, Schnorr signatures, Certificates and PKI, SSL/TLS.
Advanced Cryptography: Secret sharing, oblivious transfer, secure computation, zero-knowledge proofs.