2017-02-15 (lecture) | Classical ciphers. | [video] |
2017-02-15b (lecture) | Perfect secrecy. One-time pad. Security and limitations of OTP.
Streamciphers (basic construction). LFSR. | [video] |
2017-02-22 (lecture) | Stream ciphers (ctd.). IND-OT-CPA security. Pseudo-random generators (PRG). Security proof for stream ciphers. | [video] |
2017-02-22 (practice) | Breaking a substitution cipher. Malleability of one-time-pad (bank transfer). Attacking the linear congruence randomness generator. |
2017-03-01 (lecture) | Block ciphers. AES (construction). Feistel networks. Provable security vs. best effort. | [video] |
2017-03-01 (practice) | Security proof: If G is PRG, then H(x,y):=G(x)||y is PRG. Insecurity of 3-round-Feistel. |
2017-03-08 (lecture) | Security notions of block ciphers: strong PRP.
Provable security & "best-effort security".
Security of encryption: IND-CPA. Modes of operation: ECB, CBC.
Insecurity of ECB. IND-CPA security of CBC (only claim). | [video] |
2017-03-08 (practice) | Security of AES with missing AddRoundKey/SubBytes/MixColumns/ShiftRows |
2017-03-15 (lecture) | Public key encryption. Textbook RSA. RSA-assumption. Weaknesses of textbook RSA. | [video] |
2017-03-15 (practice) | Malleability of CBC mode, "Crypto competition": Authenticated encryption |
2017-03-22 (lecture) | ElGamal. Decisional Diffie-Hellman (DDH) assumption.
IND-CPA (public-key). Security of ElGamal. | [video] |
2017-03-22 (practice) | Breaking 3RSA for small messages. RSA with N=pqr |
2017-03-29 (lecture) | Malleability of ElGamal. Definition IND-CCA. Hybrid Encryption.
Message authentication codes (MACs). Hash functions. Collision-resistance. | [video] |
2017-03-29 (practice) | Repetition ElGamal |
2017-04-05 (lecture) | Iterated hash. Merkle-Damgård construction.
Insecurity of Merkle-Damgård as a MAC. HMAC. | [video] |
2017-04-05 (practice) | Insecurity of ElGamal mod p. Quadratic residues. |
2017-04-12 (lecture) | EF-CMA definition. MAC from block cipher/PRF.
Extending message space of MACs. CBC-MAC, DMAC, and their security.
Davies-Meyer. Miyaguchi-Preneel. Birthday attacks for hashes. | [video] |
2017-04-12 (practice) | Breaking Iterated Hash / Merkle-Damgård with various compression functions. |
2017-04-19 (lecture) | Signatures. EF-CMA. One-way functions. One-time signature construction. | [video] |