1 / 13

CAS CS 538

CAS CS 538. Cryptography. Administrativia. General info. Instructor: Gene Itkis ( itkis+cs5 38 @cs.bu.edu ) Course page: www.cs.bu.edu/fac/itkis/ 538 Also found from the CS dept. courses page. General Info. Prerequisite: CS 332 or consent of instructor Relation to CS 458

lharms
Download Presentation

CAS CS 538

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CAS CS 538 Cryptography

  2. Administrativia

  3. General info • Instructor: • Gene Itkis (itkis+cs538@cs.bu.edu) • Course page: • www.cs.bu.edu/fac/itkis/538 • Also found from the CS dept. courses page Gene Itkis, CS538 Crypto

  4. General Info • Prerequisite: CS 332 or consent of instructor • Relation to CS458 • Overlap exists, butapproach is different • Here (cs538) much more formal & rigorous • Homeworks • pen & paper • ~weekly Gene Itkis, CS538 Crypto

  5. Info sources • WEB page www.cs.bu.edu/~itkis/538 • Office hours: M 12-1pm, W 2:30-4:30pm • email – mailing list:csmail –a cs538 • For personal mail remember: there are many of you, 1 of me. So please do not take it personally in case of delays. Do not hesitate to call or stop by, esp. in case of delays! Gene Itkis, CS538 Crypto

  6. Collaboration NO!!! • Discussing concepts and ideas, as well as system features is OK (encouraged!!!) • Always give credit when using someone else’s work • See web page for more details Gene Itkis, CS538 Crypto

  7. Grading • Approximately: 70% - homeworks30% - final No midterm! Gene Itkis, CS538 Crypto

  8. Questions? End of Administrativia

  9. Topics • Perfect security: Shannon's lowerbound & the Vernam cipher (one-time pad) • Pseudorandom generators (a.k.a. stream ciphers): definition, discrete log problem, and Blum-Micali construction • Indistinguishability-based definition and composability theorem for pseudorandom generators • Integer factorization, Chinese remainder theorem, and Blum-Blum-Shub pseudorandom generator • Intuition and first examples of public-key encryption: RSA, Rabin. Definition of security. • Encrypting long messages with RSA, Blum-Goldwasser and PKCS #1 • Brief history. Diffie-Hellman key agreement, decisional Diffie-Hellman assumption, and ElGamal encryption • Introduction to one-way and trapdoor functions, hardcore bits, Goldreich-Levin construction.Definition of digital signatures. • Signature schemes and hash functions. Merkle trees. Random oracle model. Full-domain hashRSA and Rabin • Symmetric ciphers and message authentication codes • Zero-Knowledge proofs • Secret sharing • Multiparty computation Gene Itkis, CS538 Crypto

  10. Topics (coarse grain) • Perfect Info-Theoretic Security • Pseudo-Randomness (definitions and constructions) • Generators & Functions • Computational Security – definitions & constructions • Encryption, Signatures • One-Way & Trap-Door functions (integrated above) • Hashing: collision-resistance, random oracle • Extra: ZKP, multi-party computation Gene Itkis, CS538 Crypto

  11. How (and why) • Rigorous: formal definitions and proofs • Often the defined goals will look impossible to achieve, but we’ll prove that our constructions satisfy such strong definitions (under some reasonable assumptions) • Explicit: precise formal assumptions • Unified: theoretical and applied together • Though focus is more on theory, this theory is directly relevant to applications • Background reviewed in the book’s Appendices • Big-O, number-theoretic algorithms, reductions, complexity Gene Itkis, CS538 Crypto

  12. “Generic Template” • Functional definition • “modules” and “interfaces” • Security definition • Possibly many for the functional definition • Construction • Typically many • Security proof • For a <construction – security definition> pair Gene Itkis, CS538 Crypto

  13. Information-Theoretic Security:Perfect secrecy & One-Time Pad Let’s dive in! Gene Itkis, CS538 Crypto

More Related