Warning! The directory is not yet complete and will be amended until the beginning of the term.
250005 VO Topics in Algebra: Cryptography (2024W)
Labels
Registration/Deregistration
Note: The time of your registration within the registration period has no effect on the allocation of places (no first come, first served).
Details
Language: English
Examination dates
- Wednesday 29.01.2025 13:15 - 19:00 Seminarraum 5 Oskar-Morgenstern-Platz 1 1.Stock
- N Thursday 13.03.2025 08:00 - 18:15 Seminarraum 4 Oskar-Morgenstern-Platz 1 1.Stock
Lecturers
Classes (iCal) - next class is marked with N
- Tuesday 08.10. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
- Tuesday 15.10. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
- Tuesday 22.10. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
- Tuesday 29.10. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
- Tuesday 12.11. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
- Tuesday 19.11. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
- Tuesday 26.11. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
- Tuesday 03.12. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
- Tuesday 10.12. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
- Tuesday 07.01. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
- Tuesday 14.01. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
- Tuesday 21.01. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
- Tuesday 28.01. 09:45 - 11:15 Seminarraum 13 Oskar-Morgenstern-Platz 1 2.Stock
Information
Aims, contents and method of the course
This introductory course is on selected chapters of modern cryptography. We discuss both classical and rather recent cryptographic topics. These include currently the most popular RSA (= Rivest-Shamir-Adleman) and ECC (= Elliptic Curve Cryptography) public-key cryptosystems as well as the use of cryptography in blockchain technology. Theoretical results are supported by exercises and concrete real-life examples such as the discussion on security issues in messengers and in the design of Bitcoin.
Assessment and permitted materials
Oral exam.
Minimum requirements and assessment criteria
The knowledge of the following fundamental concepts is required: groups, vector spaces, linear transformations, basics in number theory and probability.
Examination topics
Content of the lectures and exercises.Exam questions:
(1) Cryptography principles: definitions, (non) examples. Basic cryptography concepts (primitive, protocol, cover time, etc.). Basic model for secrecy: (non)-examples. Cryptosystem for secrecy: definition, examples. Symmetric versus asymmetric cryptosystems.(2) Main attacks on encryption algorithms. Passive versus active attacks. Keys: length, size. Brute-force attack: assumptions, estimates on key lengths.(3) Examples of symmetric cryptosystems: Caesar and Substitution ciphers. The letter frequency analysis. Monoalphabetic and polyalphabetic cyphers. Vigenère cipher. If the given key of a Vigenère Cipher has repeated letters, does it make it any easier to break?(4) Computational complexity of basic mathematical operations and of the exhaustive key search attack. Complexity classes of algorithms.(5) Three types of security. Perfect secrecy: definition, examples, equivalent formulations (with proof). Perfect secrecy: Shannon’s Theorem (with proof).(6) RSA cryptosystem: definition, examples, correctness (encryption and decryption are inverse operations). Parameter generation, its complexity. Main attacks.(7) One-way function, with trapdoor. Theorem: RSA keys vs Factoring (formulation and sketch of proof).(8) Hash function: definition, types of resistance, (non)-examples. Optimal asymmetric encryption padding.(9) Discrete logarithm problem. The DLP assumption. The DLP in (Z/(p-1)Z, +) Is breaking the ECC cryptosystem equivalent to solving the DLP?(10) ElGamal cryptosystem and parameter generation: definition, correctness (encryption and decryption are inverse operations). Theorem: ElGamal keys versus DLP (with proof).(11) Elliptic curve: definition, singularities, normal forms, tangents. Theorem: intersection of E with a projective line (with proof).(12) Group structure on the elliptic curve over the algebraic closure, geometrically: definition and theorem (with proof).(13) Cayley-Bacharach’s theorem (sketch of proof).(14) Associativity (sketch of proof).(15) Elliptic curves over finite fields: theorems (without proof) and examples. Check that for a prime q, each natural number in the Hasse interval occurs as the order of the elliptic curve group over the field of q elements.(16) Diffie-Hellman key agreement: protocol, attacks. The DHP problem. The ECDHE.(17) Digital Signature Scheme. RSA signature algorithm. Attacks: definitions and examples.(18) DSS with hashing. Hash functions from block ciphers: definition and example.(19) DSS and Public-key cryptosystem: sign-then-encrypt versus encrypt-versus-sign.(20) ElGamal variant of DSS: definition and correctness. Security assumptions.(21) ElGamal variant of DSS: example of misuse (with proof). ECDSA: definition and correctness.(22) Digital currency: definition and security requirements. Distributed ledgers. Blockchain. Security assumptions underlying the generation of the bitcoin address.(23) Bitcoin transaction and its verification. Merkle tree. Bitcoin mining.(24) Bit generator. Linear feedback shift register: definition, periods, security. RSA bit generator.(25) Distinguisher. Next bit predictor. Yao’s theorem (sketch of proof).(26) Error-correcting codes and expander graphs.(27) Describe the probabilistic pidgeonhole principle and explain, with examples, why it is relevant in cryptography (i.e hash functions, birthday paradox etc).(28) Describe a variety of attacks that rely on structural weaknesses in respective cryptosystems (for instance, known message attacks for multiplicative systems, or weaknesses of El Gamal under weak random choices).
(1) Cryptography principles: definitions, (non) examples. Basic cryptography concepts (primitive, protocol, cover time, etc.). Basic model for secrecy: (non)-examples. Cryptosystem for secrecy: definition, examples. Symmetric versus asymmetric cryptosystems.(2) Main attacks on encryption algorithms. Passive versus active attacks. Keys: length, size. Brute-force attack: assumptions, estimates on key lengths.(3) Examples of symmetric cryptosystems: Caesar and Substitution ciphers. The letter frequency analysis. Monoalphabetic and polyalphabetic cyphers. Vigenère cipher. If the given key of a Vigenère Cipher has repeated letters, does it make it any easier to break?(4) Computational complexity of basic mathematical operations and of the exhaustive key search attack. Complexity classes of algorithms.(5) Three types of security. Perfect secrecy: definition, examples, equivalent formulations (with proof). Perfect secrecy: Shannon’s Theorem (with proof).(6) RSA cryptosystem: definition, examples, correctness (encryption and decryption are inverse operations). Parameter generation, its complexity. Main attacks.(7) One-way function, with trapdoor. Theorem: RSA keys vs Factoring (formulation and sketch of proof).(8) Hash function: definition, types of resistance, (non)-examples. Optimal asymmetric encryption padding.(9) Discrete logarithm problem. The DLP assumption. The DLP in (Z/(p-1)Z, +) Is breaking the ECC cryptosystem equivalent to solving the DLP?(10) ElGamal cryptosystem and parameter generation: definition, correctness (encryption and decryption are inverse operations). Theorem: ElGamal keys versus DLP (with proof).(11) Elliptic curve: definition, singularities, normal forms, tangents. Theorem: intersection of E with a projective line (with proof).(12) Group structure on the elliptic curve over the algebraic closure, geometrically: definition and theorem (with proof).(13) Cayley-Bacharach’s theorem (sketch of proof).(14) Associativity (sketch of proof).(15) Elliptic curves over finite fields: theorems (without proof) and examples. Check that for a prime q, each natural number in the Hasse interval occurs as the order of the elliptic curve group over the field of q elements.(16) Diffie-Hellman key agreement: protocol, attacks. The DHP problem. The ECDHE.(17) Digital Signature Scheme. RSA signature algorithm. Attacks: definitions and examples.(18) DSS with hashing. Hash functions from block ciphers: definition and example.(19) DSS and Public-key cryptosystem: sign-then-encrypt versus encrypt-versus-sign.(20) ElGamal variant of DSS: definition and correctness. Security assumptions.(21) ElGamal variant of DSS: example of misuse (with proof). ECDSA: definition and correctness.(22) Digital currency: definition and security requirements. Distributed ledgers. Blockchain. Security assumptions underlying the generation of the bitcoin address.(23) Bitcoin transaction and its verification. Merkle tree. Bitcoin mining.(24) Bit generator. Linear feedback shift register: definition, periods, security. RSA bit generator.(25) Distinguisher. Next bit predictor. Yao’s theorem (sketch of proof).(26) Error-correcting codes and expander graphs.(27) Describe the probabilistic pidgeonhole principle and explain, with examples, why it is relevant in cryptography (i.e hash functions, birthday paradox etc).(28) Describe a variety of attacks that rely on structural weaknesses in respective cryptosystems (for instance, known message attacks for multiplicative systems, or weaknesses of El Gamal under weak random choices).
Reading list
1. Martin, Keith M. Everyday cryptography. Fundamental principles and applications. Second edition. Oxford University Press, Oxford, 2017. xxx+674 pp. ISBN: 978-0-19-878801-0; 978-0-19-878800-3
2. Stinson, Douglas R. Cryptography. Theory and practice. Third edition. Discrete Mathematics and its Applications (Boca Raton). Chapman & Hall/CRC, Boca Raton, FL, 2006. xviii+593 pp. ISBN: 978-1-58488-508-5; 1-58488-508-4
3. Daniel J. Bernstein & Tanja Lange, Post-quantum cryptography, Nature, 2017, Vol.549, 188–194. ISSN: 0028-0836 ; E-ISSN: 1476-4687 ; DOI: 10.1038/nature23461
2. Stinson, Douglas R. Cryptography. Theory and practice. Third edition. Discrete Mathematics and its Applications (Boca Raton). Chapman & Hall/CRC, Boca Raton, FL, 2006. xviii+593 pp. ISBN: 978-1-58488-508-5; 1-58488-508-4
3. Daniel J. Bernstein & Tanja Lange, Post-quantum cryptography, Nature, 2017, Vol.549, 188–194. ISSN: 0028-0836 ; E-ISSN: 1476-4687 ; DOI: 10.1038/nature23461
Association in the course directory
MALV
Last modified: Tu 21.01.2025 11:06