Overview of the course:

Over the last couple of years, advanced cryptographic solutions have been proposed by the community in order to guarantee both privacy and functionality in cloud-based services by offering fine-grained access control policies over encrypted data. The purpose of this class is to introduce these advanced primitives and the current challenges in research.

We will cover several recent advances in cryptographic protocols, such as:

  • Identity-based encryption
  • Attribute-based encryption
  • Functional encryption
  • Fully-homomorphic encryption
  • Multi-party computation
  • Constrained pseudorandom functions
  • Indistinguishability obfuscation
We will cover definitions and security models for each notion, and detail constructions and security reductions to the hardness of algorithmic problems that are conjectured hard.

Course objectives:

  • Understand advanced notions of cryptography: Definitions, security requirements, and their limitations.
  • Acquire a toolkit for modern research in cryptography.
  • Be able to read state-of-the art articles in cryptography.


There is no requirement for attending this class but it is highly recommended to have taken an introductory class on cryptography before. Students should also know basics in complexity theory, probabilities, and algebra.


Scribe or homework and article presentation. Presentations will be 20-minute talks followed by up to 20 minutes of questions. Students are free to use either slides or blackboard. At least one question will relate to the course (and not to the articles). Every student has to choose an article (or a pair of article in some cases) to present in the list below.

Course Notes:

  • Class 1 (Sep. 10):
    Public-key exchange, Diffie-Hellman assumptions, Collision-Resistant Hash Functions, and Public-Key Encryption
  • Class 2 (Sep. 17):
    Pairings, Identity-Based Encryption, Boneh-Franklin IBE
    [note] (scribe: Calvin Abou Haidar)
  • Class 3 (Sep. 24):
    A Tutorial on Hybrid Proofs in Cryptography
    [note] (scribe: Quentin Deschamps)
  • Class 4 (Oct. 1):
    BLS Signature and GPSW Attribute-Based Encryption
    [note] (scribe: Lison Blondeau-Patissier)
  • Class 5 (Oct. 8):
    Introduction to Lattice-Based Cryptography
    [note] (scribe: Julien Du Crest)
  • Class 6 (Oct. 15):
    Encrypting with Lattices
    [note] (scribe: Matthieu Vieira)
  • Class 7 (Oct. 22):
    Fully-Homomorphic Encryption
    [unedited note] (scribe: Étienne Vareille)
  • Class 8 (Nov. 5):
    GPV Signatures and IBE in the Standard Model (Benoit Libert)
    [note] (scribe: Rémy Neveu)
  • Class 9 (Nov. 12):
    GPV proofs and ABB IBE (Benoit Libert)
  • Class 10 (Nov. 19):
    Proof of ABB IBE and ABE for circuits (Benoit Libert)
    [note] (scribe: Nacim Oijid)
  • Class 11 (Nov. 26):
    ABE for Circuits from LWE (Benoit Libert)
    [note] (scribe: Denis Rochette)
  • Class 12 (Dec. 3):
    Public-key encryption with keyword search (Benoit Libert)
    [note] (scribe: Florent Guépin)
  • Class 13 (Dec. 17):
    Garbled Circuits and Functional Encryption
    [unedited note] (scribe: Fabrice Lécuyer)
  • Class 14 (Jan. 7):
    Indistinguishability Obfuscation

List of articles:

  • Functional Encryption for Threshold Functions (or Fuzzy IBE) from Lattices
    Shweta Agrawal, Xavier Boyen, Panagiotis Voulgaris, Vinod Vaikuntanathan, Hoeteck Wee
    [pdf] | PKC 2012

    To be presented by Julien Devevey
  • Functional Encryption for Inner Product Predicates from Learning with Errors
    Shweta Agrawal, David Mandell Freeman, Vinod Vaikuntanathan
    [pdf] | ASIACRYPT 2011

    To be presented by Matthieu Vieira
  • Direct chosen ciphertext security from identity-based techniques
    Xavier Boyen, Qixiang Mei, Brent Waters
    [pdf] | ACM CCS 2005
    Chosen-Ciphertext Security from Tag-Based Encryption
    Eike Kiltz
    [pdf] | TCC 2006
  • Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products
    Jonathan Katz, Amit Sahai, Brent Waters
    [pdf] | Eurocrypt 2008

    To be presented by Samuel Humeau
  • Predicate encryption for circuits from LWE
    Sergey Gorbunov, Vinod Vaikuntanathan, Hoeteck Wee
    [pdf] | CRYPTO 2015

    To be presented by Nacim Oijid
  • New Techniques for Dual System Encryption and Fully Secure HIBE with Short Ciphertexts
    Allison Lewko, Brent Waters
    [pdf] | TCC 2010
  • Fast cryptographic primitives and circular-secure encryption from hard learning problems
    Benny Applebaum, David Cash, Chris Peikert, Amit Sahai
    [pdf] | CRYPTO 2009

    To be presented by Hadrien Brochet
  • Lattice Basis Delegation in Fixed Dimension and Shorter-Ciphertext Hierarchical IBE
    Shweta Agrawal, Dan Boneh, and Xavier Boyen
    [pdf] | CRYPTO 2010

    To be presented by Fabrice Lécuyer
  • Circuit-ABE from LWE: Unbounded Attributes and Semi-Adaptive Security
    Zvika Brakerski and Vinod Vaikuntanathan
    [pdf] | Crypto 2016

    To be presented by Denis Rochette
  • Two Round Multiparty Computation via Multi-Key FHE
    Pratyay Mukherjee and Daniel Wichs
    [pdf] | Eurocrypt 2016

    To be presented by Julien Du Crest
  • Key Homomorphic PRFs and Their Applications
    Dan Boneh, Kevin Lewi, Hart William Montgomery, and Ananth Raghunathan
    [pdf] | Crypto 2013

    To be presented by Léo Paviet Salomon
  • Riding on Asymmetry: Efficient ABE for Branching Programs
    Sergey Gorbunov and Dhinakaran Vinayagamurthy
    [pdf] | Asiacrypt 2015

    To be presented by Rémy Neveu
  • Leveled Fully Homomorphic Signatures from Standard Lattices
    Sergey Gorbunov, Vinod Vaikuntanathan, and Daniel Wichs
    [pdf] | STOC 2015

    To be presented by Florent Guépin
  • Towards Tightly Secure Short Signature and IBE
    Xavier Boyen and Qinyi Li
    [pdf] | Asiacrypt 2016
  • Identity-Based Encryption Gone Wild
    Michel Abdalla, Dario Catalano, Alexander W. Dent, John Malone-Lee, Gregory Neven, Nigel P. Smart
    [pdf] | ICALP 2006
    Generalized Key Delegation for Hierarchical Identity-Based Encryption
    Michel Abdalla and Eike Kiltz and Gregory Neven
    [pdf] | ESORICS 2007

    To be presented by Calvin Abou-Haidar
  • Functional Encryption for Quadratic Functions, and Applications to Predicate Encryption
    Romain Gay
    [pdf] | Crypto 2017

    To be presented by Quentin Deschamps
  • ABE for Deterministic Finite Automata from k-Lin
    Junqing Gong, Brent Waters, and Hoeteck Wee
    [pdf] | CRYPTO 2019

    To be presented by Lison Blondeau-Patissier
  • Attribute Based Encryption (and more) for Nondeterministic Finite Automata from LWE
    Shweta Agrawal, Monosij Maitra, Shota Yamada
    [pdf] | CRYPTO 2019

    To be presented by Théophile Dubuc
  • Space-Efficient Identity Based Encryption Without Pairings
    Dan Boneh, Craig Gentry, and Mike Hamburg
    [pdf] | FOCS 2007
    An Identity Based Encryption Scheme Based on Quadratic Residues
    Clifford Cock
    [pdf] | IMA Int. Conf. 2001

    To be presented by Herménégilde Valentin