CS 178: Introduction to Cryptography (Winter 2016)
General Information
Instructor: Huijia (Rachel) Lin, rachel.lin(at)cs(dot)ucsb(dot)edu
TA: Abhabongse (Plane) Janthong, abhabongse (at) cs (dot) ucsb (dot) edu
Reader: Wei Dai, wdai (at) cs (dot) ucsb (dot) edu
Time and location:
 Class: Monday/Wednesday 11am12:15pm, PSYCH 1902
 Session 1: Friday 11:0011:50am, 387 103
 Session 2: Friday 12:0012:50pm, GIRV 2123
Office hours:
 Abhabongse (Plane) Janthong: Thursday 5:007:00pm, Trailer #936
 Rachel Lin: Wednesday 4:00pm5:00pm, HFH 1153
Piazza: We will be using Piazza for classrelated discussions, posting homework and materials, and announcement. The Piazza page for this class is available at https://piazza.com/ucsb/winter2016/cs178/home.
Announcements
 Jan 5th : To all Extension Students: if you would like to enroll in the class, please send me an email with your transcript attached. I will email you back whether you can enroll or not. If the answer is yes, you should continue to attend the classes and I will sign the appropriate papers as soon as I am back.
 Jan 2nd : Due to reasons out of my control, I am currently in China and cannot go back to the US. For this reason, the first week lectures will be given by Professor Stefano Tessaro! I am sorry for not being able to be there to welcome you, but I am sure that you will enjoy Professor Tessaro's lectures.
 Jan 1st : Welcome to class!
Course Description
Cryptography provides important tools for ensuring the privacy, authenticity, and integrity of the increasingly sensitive information involved in modern digital systems. Nowadays, core cryptographic tools, including encryption, message authentication codes, digital signature, key agreement protocols, etc., are used behind millions of daily online transactions. In this course, we will unveil some of the "magic" of cryptography.
Modern Cryptography uses mathematical language to precisely pin down elusive security goals, design primitives and protocols to achieve these goals, and validate the security of designed primitives and protocols using mathematical proofs based on clearly stated hardness assumptions. Therefore, to learn cryptography, it is essential to understand its mathematical underpinning. In this class, we will see the innerworking of cryptography for several core cryptographic tools, from encryption, to message authentication codes, to hash functions, to digital signatures, etc.
Clarification: This class focuses on the foundation of cryptography. This class is not about learning all cryptographic acronyms or all cryptographic protocols in use today, nor about familiarizing with current implementations of cryptographic tools, and issues that arise when implementing cryptographic tools. Furthermore, this class is certainly not going to cover the more extensive topic of computer security. In particular, this class will not teach you about firewalls, malware detection, nor how to secure or hack a system. Rather, the class will strive to convey the ideas and principles behind cryptographic design, and cryptographic applications.
Required background: Though the presentation in this class will largely remain at an intuitive level, the class still requires a certain level of mathematical maturity (students should be ready to understand mathematical definition and proofs, and to write simple ones). Exposure to basic probability, algebra / elementary number theory and theory of computing is also expected. If in doubt, contact the instructor!
Textbook and Resources
There is no mandatory textbook. The class will take contents from the following textbook and lecture notes. The instructor will post reading material after each class. M. Bellare Introduction
to Modern Cryptography (Click on the link "Course Notes" on the
left panel)
The page contains both lecture slides and notes. The notes are by Mihir Bellare and Phillip Rogaway. We will use mostly the slides.  R. Pass and a. shelat. A Course in Cryptography (Lecture Notes)
 D. Stinson Cryptography, Theory and Practice (Third Edition)
 M. Bellare and P. Rogaway's more advanced lecture notes. Introduction to Modern Cryptography
 O. Goldreich. The Foundations of Cryptography
 J. Katz and Y. Lindell. Introduction to Modern Cryptography
Grading:
There will be five homework, one midterm exam, and one final exam. Each homework accounts for 10% points, midterm 20% points, and final 30% points. Your final grade will depend on the weighted total points, and your ranking in the class.Class Policy:
 Every homework will be posted online on days indicated below in the syllabus by 11:59pm PST, and are due on days indicated below at 4:00pm PST. The homework can be submitted at the beginning of the class or to the homework box in the CS mail room.
 Each student has 3 late days. If you want to use a late day, indicate that before the due time on Piazza (a thread will be created for each homework). Beyond the late days, no late homework is accepted unless in case of emergency. You will be asked for documents as evidence of emergency.
 Students can form groups of 3 (or less) to discuss about the homework. But each student must write down his/her own solution and acknowledge the collaborators.
 The midterm and final exams must be completed independently. The only material allowed during the exam are 2 pages of handwritten notes. If additional material is allowed, the instructor will communicate before the exams.
Syllabus
The following is a rough list of topics to be covered in the class. This list will be changed and refined during the course depending on the pace of the class.
Week  Date  Content  Reading Material  Assignment 

1  20160104 


20160106 



2  20160111 


20160113 



3  20160118 


20160120 



4  20160125 


20160127 



5  20160201 


20160203 



6  20160208 


20160210 



7  20160215 


20160217 



8  20160222 


20160224 



9  20160229 



20160302 



10  2016037 



20160309 



11  20160317 
