CS 6260 web page

Fall 2014
CS 6260 - Applied Cryptography

Time: Tuesday and Thursday 12:05-1:25pm.
Place: IC 215.
Instructor: Alexandra (Sasha) Boldyreva.
Email: sasha (at) gatech (dot) edu. Please include "6260" in the subject.
Office hours: Tuesday 10:55-11:55am and Wednesday 2-3pm, Klaus 3144.
TA: Yi Ding, email: yiding (at) gatech (dot) edu, office hours: Monday 11:30am-12:30pm, Wednesday 11am-12pm, Klaus 2116 common area.

Textbooks. There is no required textbook. We are going to use the lecture notes by Bellare and Rogaway. Slides and some additional references will be posted on TSquare. If you want to have an additional reference, then you may consider buying a book by J. Katz and Y. Lindell "Introduction to Modern Cryptography".

Content. This is a 3-credit graduate-level introduction to modern cryptography course. We focus on the classical goals of cryptography such as data privacy, authenticity and integrity. Topics include pseudorandom functions and permutations, block ciphers, symmetric encryption schemes, security of symmetric encryption schemes, hash functions, message authentication codes (MACs), security of MACs, PKI, public-key (asymmetric) encryption, digital signatures, security of asymmetric encryption and digital signature schemes, secret sharing, threshold cryptography.

You will learn how various cryptographic schemes work and will discuss how they are used in practice. For example, you will learn what AES, CBC, RSA, TLS, IBE stand for and how they "work". But the main objective is more fundamental. The goal is to build the understanding of what "secure" is and how to evaluate and measure security. We try to understand what does it mean for a cryptographic scheme to be "secure" by studying definitions of security of various primitives. You will learn how to analyze security of a cryptographic scheme and determine whether or not it is secure.

Cryptography is only one part of a much broader area of computer security. There are many topics that are beyond the scope of cryptography and will not be covered in this course, such as viruses, worms, buffer overflow and denial of service attacks, access control, intrusion detection and etc. These topics are covered in Systems Security and Network Security classes.

Prerequisites. No previous knowledge of cryptography is necessary. This course is about applying theory to practical problems, but it is still a theory course. The main requirement is basic "mathematical maturity". You have to be able to read and write mathematical definitions, statements and proofs. I expect that you did well in your undergraduate discrete math class and took basic algorithms and computibility/complexity theory classes. In particular, you have to know how to measure the running time of an algorithm and it is helpful to understand the notion of reducing one problem to another. You also have to know very basic probability theory. All necessary elements of number theory will be presented in class. No programming will be required. If you have doubts whether you have the right background please email or come to see me.

Requirements. Homeworks (6-9 homeworks) 15%, 3 exams 20% each, a project 25%. I will post the detailed information about the project later. I will aslo share the examples from previous years. In short, the goal of the project is to see how provable security can help practical protocols. You are asked to find an example of a crypto scheme used in some product or being part of a protocol suggested in a research paper, standards document, open source software or a patent, and to suggest the ways the provable security methodology can help to assess security (or insecurity) of the proposal. You don't have to do the full analysis, but you are asked to identify what needs to be done and why, and provide some ideas towards the solution. The write-up (up for 4 pages excluding the bibliography) will be due on the beginning of the finals week.

Rules. Georgia Tech and College of Computing academic Honor Code applies. Homeworks are announced by email and are posted on TSquare. You can work on the homeworks individually or in pairs, but you have to write and turn in your own solutions and indicate the name of your collaborator, if any. You cannot use the Internet to find the solutions. You cannot ask your friends for the solutions from the previous years. Homework solutions should be turned in in class, stapled, before the lecture starts, on a due day (usually Thursday). If you are unable to attend a lecture when a homework is due, you can submit a PDF file with your solutions to TSquare before the time of the class. No late homeworks will be accepted. Please report any typos you find in the notes, slides, homeworks or the solutions. During exams you can use the on-line lecture notes and slides posted on the class web page and your own notes.