General Information

Instructor: Huijia (Rachel) Lin, rachel.lin(at)cs(dot)ucsb(dot)edu

TA: Abhabongse (Plane) Janthong, abhabongse (at) cs (dot) ucsb (dot) edu

Reader: Wei Dai, wdai (at) cs (dot) ucsb (dot) edu

Time and location:

• Class: Monday/Wednesday 11am-12:15pm, PSYCH 1902
• Session 1: Friday 11:00-11:50am, 387 103
• Session 2: Friday 12:00-12:50pm, GIRV 2123

Office hours:

• Abhabongse (Plane) Janthong: Thursday 5:00-7:00pm, Trailer #936
• Rachel Lin: Wednesday 4:00pm-5:00pm, HFH 1153

Piazza: We will be using Piazza for class-related discussions, posting homework and materials, and announcement. The Piazza page for this class is available at https://piazza.com/ucsb/winter2016/cs178/home.

Announcements

• Jan 5th : To all Extension Students: if you would like to enroll in the class, please send me an email with your transcript attached. I will email you back whether you can enroll or not. If the answer is yes, you should continue to attend the classes and I will sign the appropriate papers as soon as I am back.
• Jan 2nd : Due to reasons out of my control, I am currently in China and cannot go back to the US. For this reason, the first week lectures will be given by Professor Stefano Tessaro! I am sorry for not being able to be there to welcome you, but I am sure that you will enjoy Professor Tessaro's lectures.
• Jan 1st : Welcome to class!

Course Description

Cryptography provides important tools for ensuring the privacy, authenticity, and integrity of the increasingly sensitive information involved in modern digital systems. Nowadays, core cryptographic tools, including encryption, message authentication codes, digital signature, key agreement protocols, etc., are used behind millions of daily on-line transactions. In this course, we will unveil some of the "magic" of cryptography.

Modern Cryptography uses mathematical language to precisely pin down elusive security goals, design primitives and protocols to achieve these goals, and validate the security of designed primitives and protocols using mathematical proofs based on clearly stated hardness assumptions. Therefore, to learn cryptography, it is essential to understand its mathematical underpinning. In this class, we will see the inner-working of cryptography for several core cryptographic tools, from encryption, to message authentication codes, to hash functions, to digital signatures, etc.

Clarification: This class focuses on the foundation of cryptography. This class is not about learning all cryptographic acronyms or all cryptographic protocols in use today, nor about familiarizing with current implementations of cryptographic tools, and issues that arise when implementing cryptographic tools. Furthermore, this class is certainly not going to cover the more extensive topic of computer security. In particular, this class will not teach you about firewalls, malware detection, nor how to secure or hack a system. Rather, the class will strive to convey the ideas and principles behind cryptographic design, and cryptographic applications.

Required background: Though the presentation in this class will largely remain at an intuitive level, the class still requires a certain level of mathematical maturity (students should be ready to understand mathematical definition and proofs, and to write simple ones). Exposure to basic probability, algebra / elementary number theory and theory of computing is also expected. If in doubt, contact the instructor!

Textbook and Resources

There is no mandatory textbook. The class will take contents from the following textbook and lecture notes. The instructor will post reading material after each class.

• M. Bellare Introduction to Modern Cryptography (Click on the link "Course Notes" on the left panel)
  The page contains both lecture slides and notes. The notes are by Mihir Bellare and Phillip Rogaway. We will use mostly the slides.
• R. Pass and a. shelat. A Course in Cryptography (Lecture Notes)
• D. Stinson Cryptography, Theory and Practice (Third Edition)

Additional great resources that will help you to learn are:

• M. Bellare and P. Rogaway's more advanced lecture notes. Introduction to Modern Cryptography
• O. Goldreich. The Foundations of Cryptography
• J. Katz and Y. Lindell. Introduction to Modern Cryptography

Grading:

There will be five homework, one midterm exam, and one final exam. Each homework accounts for 10% points, midterm 20% points, and final 30% points. Your final grade will depend on the weighted total points, and your ranking in the class.

Class Policy:

• Every homework will be posted on-line on days indicated below in the syllabus by 11:59pm PST, and are due on days indicated below at 4:00pm PST. The homework can be submitted at the beginning of the class or to the homework box in the CS mail room.
• Each student has 3 late days. If you want to use a late day, indicate that before the due time on Piazza (a thread will be created for each homework). Beyond the late days, no late homework is accepted unless in case of emergency. You will be asked for documents as evidence of emergency.
• Students can form groups of 3 (or less) to discuss about the homework. But each student must write down his/her own solution and acknowledge the collaborators.
• The midterm and final exams must be completed independently. The only material allowed during the exam are 2 pages of hand-written notes. If additional material is allowed, the instructor will communicate before the exams.

Syllabus

The following is a rough list of topics to be covered in the class. This list will be changed and refined during the course depending on the pace of the class.