image001.gif

Cryptography

Computer Science 6830
Cornell University
Fall 2011


Instructor: Rafael Pass

Time: TR 1:25-2:40
Place: Thurston 220
Course Web page: http://www.cs.cornell.edu/courses/cs6830/2011fa/

 

Office Hours: by appointment.

TA: Eleanor Birrell

 

Overview

 

The modern study of cryptography investigates techniques for facilitating interactions between distrustful entities. In our connected society, such techniques have become indispensable---enabling, for instance, automated teller machines, secure wireless networks, internet banking, satellite radio/television and more.

 

In this course we introduce some of the fundamental concepts of this study. Emphasis will be placed on the foundations of cryptography and in particular on precise definitions and proof techniques.

 

Topics include: one-way functions, encryption, signatures, pseudo-random number generation, zero-knowledge and basic protocols.

 

Note: This will be a theory course. You will be expected to read and write formal definitions and mathematical proofs. This is not a course in security: you will not learn how to secure your system. Cryptography is only one (important) part of security. We will not study cryptographic acronyms or all cryptographic protocols in use today. Rather we focus on some of the fundamental design paradigms and on notions that will allow you to critically evaluate cryptographic protocols.

 

Prerequisites

 

General ease with algorithms and elementary probability theory, maturity with mathematical proofs (to be able to read and write mathematical proofs)

 

Course Administration

 

We are using the course management system, CMS.  Please login to http://cms.csuglab.cornell.edu/ and check whether you are registered. There will be a list of courses you are registered for, and CS 6830 should be one of them.  If not, please send your full name and Cornell netid to the TA so he can register you.  You can check your grades and submit homework in CMS. 

 

Grading

 

There will be roughly 5 homeworks (and potentially a final project). The grade will be based on homework assignments, scribe and class participation (and the final project).

 

Homework Policy

 

You are free to collaborate with other students on the homework, but you must turn in your own individually written solution and you must specify the names of your collaborators. Additionally, you may make use of published material, provided that you acknowledge all sources used. Note that it is a violation of this policy to submit a problem solution that you are unable to explain orally to me. Typed problem sets are strongly preferred.

 

Homework 1 is due on Sep 6.

 

You will need the following notation and preliminaries.

 

Reading  

 

Lecture notes covering a large fraction of the course can be found here.

 

There is no required textbook for the course. However, most of the topics we will cover can be found in the following excellent reference.

 

 

Topics Outline (subject to change)

 

 

 

Hard-core bits. Constructions of a PRGs and PRFs.

Hard-core functions. The XOR Lemma.

 

Zero knowledge-based definitions of encryption. Equivalence with indistinguishability-based definitions.

Constant-round ZK.

1.     Computing on Secret Inputs:

2.     Composability:

1.     Composability of Encryption schemes.
Chosen challenge-text, Chosen plain-text, Chosen cipher-text 1 and 2 (CCA1, CCA2).
Malleability.

2.     Composability of Zero-Knowledge proofs.

3.      

Scribe Notes

Please note that scribe notes are only rough notes of the lectures. Scribers please follow this template. If you need help with LaTeX, here is a small tutorial file and its source. Don’t forget to hand in your LaTeX source as well along with your scribe!

 

Related Courses