CS60088 Foundations of Cryptography |
Spring 2015, L-T-P: 3-1-0 |

Schedule | Notices | Syllabus | References | Tests | Spring 2014 | Home

## Schedule

Instuctor Abhijit Das Timing Slot C [MON (09:30–10:30), WED (07:30–09:30), THU (09:30–10:30, Tutorial)] Venue Room No CSE–120 Teaching Assistants Dhiman Saha, Abhrajit Sengupta. ## Notices and Announcements

- 05-Jan-2015
- I am going to follow Wenbo Mao's book which covers Topics 1–5 of the syllabus. If time permits, Topic 6 will be covered from Katz and Lindell's book.
## Tentative Coverage

Background and Basic AssumptionsCryptographic primitives (encryption, signatures, authentication), notion and need for security proofs, probabilistic polynomial-time algorithms, polynomial-time indistinguishability, trapdoor one-way functions and suspected candidates (IFP, DLP, DHP, RSA, SQRTP, QRP), bit security of the trapdoor one-way functions.Introduction to Formal SecurityTextbook encryption algorithms (RSA, Rabin, ElGamal), insecurity of textbook algorithms under active attacks, notion of semantic security and message indistinguishability (IND-CPA), semantically secure encryption algorithms (Goldwasser-Micali, ElGamal, cryptographically secure pseudo-random bit generator), security against chosen-ciphertext attacks (IND-CCA and IND-CCA2), attacks under message non-malleability (NM-CPA, NM-CCA, NM-CCA2), relations between indistinguishability and non-malleability.Provably Secure Public-Key CryptosystemsOptimal asymmetric encryption padding (OAEP), Cramer-Shoup cryptosystem, use of random oracles in security proofs.Data IntegrityMAC and cryptographic hash functions, digital signatures, textbook versions (RSA, Rabin, ElGamal), signature forgery, adaptive chosen-message attack, provably secure digital signature schemes, forking reduction, heavy-row reduction, probabilistic signature schemes, secure variants of ElGamal, RSA and Rabin signatures.Cryptographic ProtocolsNeedham-Schroeder and Woo-Lam authentication protocols, Bellare-Rogaway security model, interactive proof protocols, challenge-response protocols, zero-knowledge proofs, Schnorr and Fiat-Shamir protocols, non-interactive zero knowledge.Symmetric CryptographyOne-way functions, hard-core predicates, pseudo-random permutations, construction of pseudo-random generators, Luby-Rackoff construction, construction of pseudo-random and strong pseudo-random functions, equivalence of symmetric encryption and MAC with one-way functions.## Books and References

- Wenbo Mao,
Modern Cryptography: Theory and Practice, first edition, Pearson Education, 2004. [Buy from flipkart]- Jonathan Katz and Yehuda Lindell,
Introduction to Modern Cryptography, Chapman and Hall/CRC Press, 2007.- Hans Delfs and Helmut Knebl,
Introduction to Cryptography: Principles and Applications, second edition, Springer-Verlag, 2007.- Shafi Goldwasser and Mihir Bellare,
Lecture Notes on Cryptography, online document, 2008.

[This is an adaptation of Phillip Rogaway and Shafi Goldwasser's online lecture notes:Introduction to Modern Cryptography, 2005.]- Oded Goldreich,
The Foundations of Cryptography, Volume 1 and Volume 2, Cambridge University Press, 2001 and 2004.

[Low priced Indian editions are available.]## Tests

Schedule | Notices | Syllabus | References | Tests | Spring 2014 | Home