Introduction to Modern Cryptography
Problem Set 3
Tom Shrimpton
Notes. If submitting by email ([email protected]), the assignment is due by 6pm on Friday 3/11.
If submitting hardcopy, the assignment is due in-class on Thursday 3/10. You may choose which
you

Introduction to Modern Cryptography
Problem Set 4
[your names and section(s)]
Notes. If submitting by email ([email protected]), the assignment is due by 6pm on Wednesday
3/30. If submitting hardcopy, the assignment is due in-class on Tuesday 3/29. You may

Introduction to Modern Cryptography
Problem Set 3
Tom Shrimpton
Notes. If submitting by email ([email protected]), the assignment is due by 6pm on Friday 3/11.
If submitting hardcopy, the assignment is due in-class on Thursday 3/10. You may choose which
you

An invitation to
Modern Cryptography
Mihir Bellare
UCSD
1
Mihir Bellare, UCSD
I like Cryptography because it is
Fascinating
and
Useful
Cool ideas
Pretty math
Philosophy made precise
Cyber shopping
Electronic banking
Bitcoin
Tor
2
Mihir Bellare, UCSD
I
Fas

PSEUDO-RANDOM FUNCTIONS
Mihir Bellare
UCSD
1
Recall
We studied security of a block cipher against key recovery.
But we saw that security against key recovery is not sufficient to ensure
that natural usages of a block cipher are secure.
We want to answer t

SYMMETRIC ENCRYPTION
Mihir Bellare
UCSD
1
Syntax
A symmetric encryption scheme SE = (K, E, D) consists of three
algorithms:
K and E may be randomized, but D must be deterministic.
Mihir Bellare
UCSD
2
Correct decryption requirement
Formally: For all K and

MESSAGE AUTHENTICATION CODES
and
PRF DOMAIN EXTENSION
Mihir Bellare
UCSD
1
Integrity and authenticity
The goal is to ensure that
M really originates with Alice and not someone else
M has not been modied in transit
Mihir Bellare
UCSD
2
Integrity and auth

HASH FUNCTIONS
Mihir Bellare
UCSD
1
Hashing
Hash functions like MD5, SHA1, SHA256, . are amongst the most
widely-used cryptographic primitives.
Their primary purpose is collision-resistant data compression, but they
have many other purposes and properties

BLOCK CIPHERS
Mihir Bellare
UCSD
1
Permutations and Inverses
A function f : cfw_0, 1 cfw_0, 1 is a permutation if there is an inverse
function f 1 : cfw_0, 1 cfw_0, 1 satisfying
x cfw_0, 1 : f 1 (f (x) = x
This means f must be one-to-one and onto, meaning

Introduction to Modern Cryptography
Problem Set 2
Tom Shrimpton
Notes. If submitting by email ([email protected]), the assignment is due by 6pm on Friday 2/19.
If submitting hardcopy, the assignment is due in-class on Thursday 2/18. You may choose which
you

Introduction to Modern Cryptography
Problem Set 1 (Solutions)
Due dates. If submitting by email ([email protected]), the assignment is due by 6pm on Friday
1/29. If submitting hardcopy, the assignment is due in-class on Thursday 1/28. You may choose
which y

Parallelizable and Authenticated Online Ciphers
Elena Andreeva1,2 , Andrey Bogdanov3 , Atul Luykx1,2 , Bart Mennink1,2 ,
Elmar Tischhauser1,2 , and Kan Yasuda1,4
1
Department of Electrical Engineering, ESAT/COSIC, KU Leuven, Belgium.
2
iMinds, Belgium.
3