S. Dziembowski: Dydaktyka

Libri di testo:

Libro principale: Jonathan Katz and Yehuda Lindell Introduction to Modern Cryptography (non ancora disponibile in biblioteca, ma ho gia' provveduto ad ordinarne 3 copie).
Altri libri:

Doug Stinson Cryptography Theory and Practice, Third Edition (disponibile in biblioteca)
Shafi Goldwasser and Mihir Bellare Lecture Notes on Cryptography (disponibile on-line)
Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone Handbook of Applied Cryptography (disponibile on-line)

Lezione 1 Introduction (27.02)
slides [ppt] (non abbiamo avuto il tempo di commentare le slide numero 35 - 38, ma il contenuto delle slide numero 34-36 e 38 e' stato poi trattato durante l'esercitazione)
Esercitazioni (28.02)
- breve introduzione alla crittografia visuale [link]
- secret-sharing: qui potete trovare gli appunti (gli argomenti trattati nelle Sezioni 4 e 5 non sono obbligatori al fine del superamento dell'esame)
Lezione 2 Introduction to provable security (5.03)
slides [ppt]
Esercitazioni [pdf]
Lezione 3 Symmetric encryption (13.03)
slides [ppt]
Exercises cancelled (aula alfa was occupied)
Lezione 4 Block ciphers (19.03)
slides [ppt]
Esercitazioni

Complementation property of DES [Handbook of Applied Cryptography, Chapter 7, page 256]
One-way function from a block cipher [see, e.g., here]

Lezione 5 Message authentication and hash functions (26.03)
slides [ppt]
Esercitazioni
Exercises for the book of Katz and Lindell: 4.3, 4.4(a,b), and 4.12
Lezione 6 Introduction to the Number Theory (2.04 e 9.04)
slides [ppt]
Important: Chinese Remainder Theorem is also true if p and q are just relatively prime. We discussed it during the exercises. It is also explained [here] and [here], or in the book of Katz and Lindell (page 257)

Esercitazioni

the "two cats" exercise [link, exercise 3b]
Baby-step giant-step algorithm for solving discrete-logarithm [link] or [Handbook of Applied Cryptography, Chapter 3, page 104]

Lezione 7 Introduction to the Public-Key Cryptography (16.04)
slides [ppt]
Esercitazioni

Small encryption exponent attack on RSA [Handbook of Applied Cryptography, Chapter 8, page 288], or [Katz and Lindell, page 359]
A fault attack on CRT-RSA [Boneh, DeMillo and Lipton On the Importance of Checking Computations, Section 2.2]
in RSA: finding an element in ZN \ Z*N is as hard as factoring N [Katz and Lindel, page 357]
RSA works also over ZN (on the lecture we defined it only over Z*N) [Handbook of Applied Cryptography, Chapter 8, page 286],
Security of the least significant bit of RSA [see Alexi, Chor, Goldreich, and Schnorr On the hardness of the least-signficant bits of the RSA and Rabin functions]

Lezione 8 Public-Key Encryption (30.04)
slides [ppt]
No Exercises (1st of May)
Lezione 9 Signature Schemes (7.05)
slides [ppt]
Esercitazioni
- theoretical constructions of the signature schemes (Sections 12.5 and 12.6 of Katz and Lindell book) :
Lezione 10 Public-Key Infrastructure (14.05)
slides [ppt]
Esercitazioni
- the "padlock idea" for the key-agreement (it is described e.g. in Section 4.1 of Peter J. Cameron Notes on cryptography [link])
- we discussed why the proof-of-possesion is (sometimes) usefull. It is explained [here]
- coin flipping by telephone and the commitment schemes (see [here]):
Lezione 11 Chosen-Ciphertext Security (22.05)
slides [ppt]
Exercises cancelled (aula alfa was occupied)
Lezione 12 Private-Information Retrieval (28.05)
slides [ppt]
this lecture is based on:
Benny Chor, Eyal Kushilevitz, Oded Goldreich and Madhu Sudan, Private Information Retrieval,
Eyal Kushilevitz, Rafail Ostrovsky Replication Is Not Needed: Single Database, Computationally-Private Information Retrieval

Info about the exam:

dates:
the exam will be written,
it will consist of number of questions and exercises (written in English and in Italian),
here are some more details.

Subscribe to Crittografia2008

Email: