**Lectures:**Tuesday, Thursday 12:30-1:45 PM, IRB 1116**Instructor:**Daniel Gottesman (e-mail: dgottesm@umd.edu, office hours Tuesday 10:00-11:30 AM, Atlantic 3251)**Teaching Assistant:**Mahathi Vempati (e-mail: mahathi@umd.edu, office hours Monday 12:30-2:30 PM, AVW 4160)**Textbook:**Katz and Lindell, Introduction to Modern Cryptography, 3rd ed.

**Mid-term:**Thursday, October 19 (in class)**Thanksgiving:**Thursday, November 23 (no class)**Last lecture:**Thursday, December 7**Final exam:**Monday, Dec. 18, 1:30 - 3:30 PM (in-person)

(To be turned in on Gradescope)

- Problem Set 1 (pdf): Due Thurs., Sep. 7 at noon.
- Problem Set 2 (pdf): Due Thurs., Sep. 14 at noon.
- Problem Set 3 (pdf): Due Thurs., Sep. 21 at noon. You will also need this file: attack.py.
- Problem Set 4 (pdf): Due Thurs., Sep. 28 at noon.
- Problem Set 5 (pdf): Due Thurs., Oct. 5 at noon.
- Problem Set 6 (pdf): Due Thurs., Oct. 12 at noon.
- Problem Set 7 (pdf): Due Thurs., Nov. 9 at noon.
- Problem Set 8 (pdf): Due Thurs., Nov. 16 at noon. You will also need this file: forge.py
- Problem Set 9 (pdf): Due Thurs., Nov. 30 at noon.
- Problem Set 10 (pdf): Due Thurs., Dec. 7 at noon.

Practice problems for the

These are lists of problems from the textbook that you can try.

Topics covered in class: pdf

Solution sets are available on ELMS roughly 1 week after the due date for the assignment.

If you are reading these slides before you see the lecture and you see a "Vote" on the slide, stop and think about your answer before proceeding. The point of those votes is to get you to think about the material during the lecture.

- Lecture 1 (Aug. 29, 2023): introduction to class, substitution cipher
- Lecture 2 (Aug. 31, 2023): Vernam cipher, one-time pad, intro to probability
- Lecture 3 (Sep. 5, 2023): Perfect secrecy, threat models, Big-O
- Lecture 4 (Sep. 7, 2023): Pseudorandomness, EAV security, reductions
- Lecture 5 (Sep. 12, 2023): Security of pseudo one-time pad, Stream ciphers, RC4
- Lecture 6 (Sep. 14, 2023): CPA security, block ciphers
- Lecture 7 (Sep. 19, 2023): Avalanche effect, DES
- Lecture 8 (Sep. 21, 2023): AES, introduction to modular arithmetic
- Lecture 9 (Sep. 26, 2023): Euclid's algorithm, modular exponentiation
- Lecture 10 (Sep. 28, 2023): Group theory, Lagrange's theorem
- Lecture 11 (Oct. 3, 2023): Totient function, Chinese remainder theorem, discrete logarithm
- Lecture 12 (Oct. 5, 2023): Diffie-Hellman
- Lecture 13 (Oct. 10, 2023): Security of key exchange, El Gamal encryption
- Lecture 14 (Oct. 12, 2023): Security of public key encryption, KEM/DEM
- Lecture 15 (Oct. 17, 2023): Midterm review (private key protocols)
- Lecture 16 (Oct. 24, 2023): RSA
- Lecture 17 (Oct. 26, 2023): MACs
- Lecture 18 (Oct. 31, 2023): Quantum key distribution
- Lecture 19 (Nov. 2, 2023): Post-quantum cryptography, learning with errors
- Lecture 20 (Nov. 7, 2023): Hash functions
- Lecture 21 (Nov. 9, 2023): Applications of hash functions
- Lecture 22 (Nov. 14, 2023): CCA security
- Lecture 23 (Nov. 16, 2023): CCA security of public key systems, introduction to digital signatures
- Lecture 24 (Nov. 28, 2023): Digital signatures and identification protocols with RSA and DSA
- Lecture 25 (Nov. 30, 2023): PGP, certificate authorities, and TLS
- Lecture 26 (Dec. 5, 2023): Other cryptographic protocols: e.g., secret sharing, multiparty computation, zero-knowledge proofs
- Lecture 27 (Dec. 7, 2023): Review

- Week 1: Classical cryptography (basic concepts, substitution and Vignere ciphers, one-time pad), Textbook: Chapter 1
- Weeks 2-4: Modern private-key cryptography (including pseudorandom generators and functions, security definitions and proofs, stream and block ciphers, DES, AES). Textbook: Chapters 2, 3, sections 7.1.4, 7.2
- Weeks 5-8: Modular arithmetic and public key encryption (including purpose and applications, Diffie-Hellman, RSA). Texbook: Chapters 9, 11, 12
- Weeks 9-12: Authentication (including message authentication codes, digital signatures, hash functions, CCA security, and TLS). Textbook: Chapters 4, 5, 6, 13, sections 7.3.1, 7.3.2
- Additional advanced topics, as time permits (likely possibilities include post-quantum cryptography and quantum key distribution)

- Terminology, types, and techniques of cryptographic protocols
- What makes a protocol secure or insecure
- Basic understanding of particular protocols used in real world, such as AES and RSA.

Your grade will have 3 components:

- Problem sets (30%)
- Mid-term exam (30%)
- Final exam (40%)

For each of the three components of the grade, 120 points will be available, but the maximum possible score will be 100. There is the possibility of further curving any individual problem set or exam if I decide it was substantially harder than I expected. I will not curve down grades if the assignment is easier than expected.

- The problem sets will be available on this web page (https://www.cs.umd.edu/class/fall2023/cmsc456-0201/).
- The problem sets will be turned in on Gradescope.
- The problem sets will be a mix of theory-focused problems and programming assignments.
- The problem set grade will be determined by dropping the highest and lowest grades and then averaging the remaining scores.
- By default, the scores will not be curved. However, I may curve up the grades for any problem set or exam if I decide it was substantially harder than I expected. I will not curve down grades if the assignment is easier than expected.
- For the problem sets, if you use any external material to solve it (other than the lectures and textbook), cite the source and indicate what you took from it. This includes AI tools such as ChatGPT.
- You may discuss problem sets with other students, but you must understand and write up your solution or code by yourself. If you do collaborate, indicate who you talked to on your assignment.
- Late problem sets will not be accepted unless an extension is granted by me or one of the TAs
*before*the problem set is due. - Note that the extension must be
*granted*before the deadline, not*requested*before the deadline. Be sure to leave enough time to get a response (24 hours should be sufficient). - Extension requests should specify a valid reason and how long an extension you are requesting. Medical, religious, family emergency are examples of valid reasons (not an exhaustive list). "I have an assignment due in another class" is not a valid reason: Plan ahead!
- Maximum extension is 1 week, so that we can distribute solutions. If you have a valid reason for a longer extension, discuss with me.
- Regrade requests should be submitted within 1 week after both the grades and solution set are available.

- Lectures will be recorded and available through the course's page on ELMS. However, I strongly recommend that you attend class and not rely on the recordings to follow the class.
- There will be a Piazza for asking questions on the class. Unless you have a question that is very specific to you personally, please use the Piazza to ask questions. This includes questions about both the content and administration of the course.