- Lectures
- Omar Fawzi
- Wednesdays 10:15 to 12:15
- Amphi B

- Tutorials
- Mateusz Skomra
- Thursdays 15:45 to 17:45

- [BS] A Graduate Course on Applied Cryptography
- [KL] Introduction to Modern Cryptography
- [Gal] Mathematics of Public Key Cryptography for the mathematics behind the hard problems we will use in part of the course

- A final exam
- One midterm exam
- Two homeworks

Date | Topic | References |

Jan 15th | Introduction. Perfect security. One-time pad. Shannon's theorem: Secret key must be long. Relaxing perfect secrecy: stream ciphers and pseudo-random generators. |
Ch 2 and 3 of [BS], Ch 1 and 2 of [KL] |

Jan 22nd | Pseudo-random generetors. Security of a PRG. Unpredictability of a PRG. Equivalence between security and unpredictability. Semantic security for ciphers (for one-time key and chosen plaintext) |
Ch 2 and 3 of [BS], Ch 3 of [KL] |

Jan 29th | Semantic security for stream ciphers. Pseudo-random functions, construction from PRG. Block ciphers (or PRPs). Brief overview of DES and AES. Encryption with block cipher (deterministic counter mode). | Ch 4 of [BS] |

Feb 5th | CPA security. Randomized countermode is CPA secure. Message authentication codes. | Ch 5 and 6 of [BS] |

Feb 12th | Message authentication codes from PRF. Signing longer messages with CBC-MAC. Authenticated encryption. | Ch 6 and 9 of [BS] |