CS 290G: Introduction to Modern Cryptography (Winter 2014)
Instructor: Stefano Tessaro, tessaro(at)cs(dot)ucsb(dot)edu
Class time and location: TR 12:50pm (Phelps 3526)
Office hours: TR 34pm or by appointment (HFH 1117)
Class webpage: http://www.cs.ucsb.edu/~tessaro/teaching/cs290w14/
Piazza: We will be using Piazza for classrelated discussions. The Piazza page for this class is available at https://piazza.com/ucsb/winter2014/cs290g/home.
Announcements
 [Nov 7, 2013]: Home page set up. Please check regularly for updates (there will be some!) A class mailing list will be set up.
 [Nov 20, 2013]: Added tentative schedule, assessment information updated.
 [Jan 5, 2014] Warning: Classroom has changed!
 [Jan 7, 2014] Slight change in homework policy
 [Jan 24, 2014] There is a typo in HW1, 3a). The exponent was meant to be something different. Sorry for this (I will just not count the task towards the total if you could not solve it.)
 [Feb 26, 2014] Today's class is canceled due to illness. Sorry!
 [Mar 11, 2014] The final has been posted here (use the same username and password as for slides!)
Course Description
Cryptography provides the basic technology to protect information and to communicate securely. This class is a selfcontained graduatelevel introduction to modern cryptography. We will study tools and techniques to design systems with provable security guarantees.
We will discuss basic cryptographic building blocks like RSA, AES, and SHA and their abstractions. More importantly, we will see how to combine these components to achieve richer functionalities, like key agreement, secret and publickey encryption, secure identification, message authentication, and digital signatures.
A main highlevel objective of the class is to learn how security of cryptographic algorithms is properly defined, and to understand security proofs and what type of guarantees they provide.
Required background: Even though the material has direct practical applications, the class will take a rigorous approach: Exposure to undergraduatelevel basics of probability, algebra / elementary number theory (modular arithmetic) and complexity theory (in particular, to reductions) is expected, as well as a certain level of mathematical maturity (students should be ready to understand mathematical proofs, and to write simple ones). If in doubt, contact the instructor!
Assessment: Final assessment will depend on a combination of homework (there will be four problem sets, accounting overall to 2/3 of the grade) and takehome final (accounting to 1/3 of the grade, i.e., the equivalent of two problem sets).
Textbook: No textbook will be required, but the following two are great resources to support the class:
 J. Katz and Y. Lindell. Introduction to Modern Cryptography
 M. Bellare and P. Rogaway. Introduction to Modern Cryptography (Lecture Notes)
Schedule
The following is a tentative schedule, and is intended to give a rough idea about what I hope to cover in the class and in which order. There will be (slight) changes depending on the pace of the class.
Week  Date  Lecture contents  Reading material / Slides  Assignments 

1  20140107 
Welcome to CS290G
 
20140109 
Foundations I
 
2  20140114 
Foundations II

 
20140116 
Foundations III
 
3  20140121 
Foundations IV
 
20140123  Symmetric Cryptography I
 
4  20140128  Symmetric Cryptography II
 
20140130  Symmetric Cryptography III
 
5  20140204  Symmetric Cryptography IV
 
20140206  Symmetric Cryptography V
 
6  20140211  Symmetric Cryptography VI
 
20140213  Publickey Encryption I
 
7  20140218 
Publickey Encryption II
 
20140220 
PublicKey Encryption III
 
8  20140225  Class is canceled!  
20140227  Class is canceled!  
9  20140304  Digital Signatures I
 
20140306  Digital Signatures II

 
10  20140311  Special Topics I
 
20140313  Special Topics II
