**Instructors:** Nilanjan Datta and Subhabrata Samajder**Teaching Assistant:** Hrithik Nandi and Mriganka Dey

`Course Objective:`

`Course Objective:`

Cryptology is concerned with the conceptualization, definition, and construction of computing systems that address security concerns. The objective of this course is to provide a basic understanding of cryptographic concepts, mathematical tools used for cryptography and how to use these tools in solving cryptographic problems, building new cryptographic primitives, analyzing the security of cryptographic protocols, and understanding key management and key exchange issues at a basic level. The focus is given on the basic mathematical tools as well as some new advanced cryptographic tools and the advances in research using those tools.

`Syllabus:`

`Syllabus:`

**Introduction:**Classical Ciphers, Shannon Cipher, Perfect Security, Computational Ciphers and Semantic Security.**Encryption:**Stream Ciphers, Pseudo random generators, LFSR based stream ciphers, RC4 and its Cryptanalysis; Block ciphers: Design principle, AES and its design rationale, light-weight block cipher design; Security Notions, Modes of operation: ECB, CBC, OFB, Counter mode.**Cryptanalysis:**Goal and power of an adversary; Differential and Linear Cryptanalysis; Some advanced cryptanalysis (integral, impossible differential) and its applications.**Hash Function:**Collision resistant (CR) hash functions, birthday attacks CR hash, The Merkle- Damgard paradigm, Joux’s multi-collsion attacks; Universal hash functions (UHF), constructing UHFs.**Message Integrity:**Message authentication codes (MACs); Designing MACs from CR hash, Case Study: HMAC, Sponge based MACs; Designing MACs from UHF, The Carter-Wegman MACs, Nonce based MACs.**Authenticated Encryption (AE):**Motivation, Security, Designing AE: Generic Paradigm, Integrated AE; Features of AE, Light-weight AE design.**Public Key Cryptosystems:**Discrete Logarithm Problem, Diffie Hellman Key Exchange Protocol – security proofs and some related hardness results on CDH and DDH, RSA Encryption and Its variants, Elgamal Encryption Scheme, Digital Signatures – Attacks on Plain RSA signatures, Full Domain RSA, Identification Scheme, Fiat-Shamir Transform, Schnorr Signatures, DSA and ECDSA, PKI.

`References:`

`References:`

[1] J. Katz and Y. Lindell: Introduction to Modern Cryptography, Chapman & Hall/CRC, 2007. [Online Link]

[2] D. Boneh, V. Shoup: A Graduate Course in Applied Cryptography. [Online Link].

[3] D. R. Stinson, M. B. Paterson: Cryptography Theory and Practice, 4th ed., Chapman & Hall/CRC, 2018. [Online Link]

[4] K. Sakiyama, Y. Li and Y. Sasaki: Security of Block Ciphers: From Algorithm Design to Hardware Implementation, Published by Wiley & Sons, Incorporated, John, 2016. ISBN 10: 1118660013. [Available in Library]

[5] V. Shoup: A Computational Introduction to Number Theory and Algebra, Cambridge University Press. [Online Link]

[3] D. R. Stinson, M. B. Paterson: Cryptography Theory and Practice, 4th ed., Chapman & Hall/CRC, 2018. [Online Link]

[4] K. Sakiyama, Y. Li and Y. Sasaki: Security of Block Ciphers: From Algorithm Design to Hardware Implementation, Published by Wiley & Sons, Incorporated, John, 2016. ISBN 10: 1118660013. [Available in Library]

[5] V. Shoup: A Computational Introduction to Number Theory and Algebra, Cambridge University Press. [Online Link]

**Board-works and Slides:**

**Board-works and Slides:**

** Symmetric Key Cryptography**

- Lecture 1: Introduction to Cryptology. [Boardwork]
- Lecture 2: Classical Ciphers and their Cryptanalysis, Introduction to Modern Cryptography. [Boardwork]
- Lecture 3: An Introduction to Perfect Secrecy [Boardwork]
- Lecture 4: Alternate Definitions of Perfect Secrecy, One Time Pad, and Limitations of Perfect Secrecy. [Boardwork]
- Lecture 5: Computational Security, Necessary Relaxations, Indistinguishability under Eavesdropper, Semantic Security. [Boardwork]
- Lecture 6: Proof by Reduction: Concept and Some Motivating Examples, Indistinguishability under Eavesdropping Adversary implies Unpredictability in Message Bit-guessing. [Boardwork]
- Lecture 7: Equivalence of Computational Indistinguishability and Semantic Security, Pseudo Random Generators, A Computational Indistinguishable Encryption Scheme from PRG. [Boardwork]
- Lecture 8: IND-CPA Security Notion, Left-or-Right and Real-or-Random Indistinguishability, Pseudo Random Function, An IND-CPA Secure Construction from PRF. [Boardwork]
**Public Key Cryptography**All board works and notes on public-key cryptography will be uploaded here.

**Assignments and/or Practice Problems:**

**Assignments and/or Practice Problems:**