WIXLIB

Lecture 8: Asymmetric encryption: malleable and homomorphic encryption notion and schemes(e.g., Paillier, brief discussion of various schemes, including Gentry’s), additional schemes achievingvarious security notions in various models (e.g., Cramer-Shoup), identity-based encryption;implementation aspects: security-performance-features-trust tradeoffsLecture 9: Property-preserving public-key encryption, secure 2-party computation, secure multiparty computation; application case study 2: sugar beet auction; implementation aspects ofcryptographic protocols: transport layer, protocols over secure channelsLecture 10: Digital Signatures, hashing and signing, Hashed RSA, El Gamal and DSA signatureschemes, public-key infrastructures, certificates, cryptography in TLS, IPSec and virtual privatenetworks, NSA Suite B, application case study 3: secure online purchasing; implementation aspects:trust models, PKI implementation challengesLecture 11: Key protocols: key transport, key agreement, notions and schemes (e.g., Diffie-Hellmanschemes); key management: concepts and lifecycle; code obfuscation, application case study 4: digitalrights management; quantum computing, quantum-resistant cryptography; implementation aspects:creating correct and secure programs, quality of code, side-channel attacks, implementation flawsLecture 12: Key lengths and recommendations, user authentication: password, challenge-responseand zero-knowledge protocols; server authentication; application case study 5: secure onlinebanking; digital cash, application case study 6: keeping/storing secrets, blockchain, application casestudy 7: cryptocurrencies; implementation aspects: weakest key, key modularityReadingsThe required texts for the course are:1) [KL] J. Katz and Y. Lindell, Introduction to Modern Cryptography: Principles and Protocol s,Chapman & Hall/CRC Press, 2nd edition (see http://www.cs.umd.edu/ jkatz/imc.html)2) [MOV] A. Menezes, P. Van Oorschot, S. Vanstone, Handbook of Applied Cryptography, CRCPress, August 2001, fully available online at http://www.cacr.math.uwaterloo.ca/hac/)Note: text (1) contains about 85% of the class material; text (2) contains about 50% of the classmaterial; past cs6903 students typically found it easier to study on lecture slides and to use (1) tostrengthen understanding.Optional and recommended texts are:1) One among the following two texts:a. [FSK] N. Ferguson, B. Schneier and T. Kohno, Cryptography Engineering: Design,Principles and Practical Applications, Wiley Publishing, Inc., 2010 (this book givesexposure to more cryptography engineering aspects and might be considered amodern follow-up of (1b), the first book that was written on the topic)b. B. Schneier, Applied Cryptography, 2nd edition, J. Wiley and Sons.2) W. Stallings, Cryptography and Network Security: Principles and Practice, 2nd edition,Prentice Hall.3) Books at f52.htmlCourse requirements

Homework assignments are multiple-choice tests where you are presented a set of questions andare required to choose the correct answer among 4 possible ones. You will also be asked to provide abrief rationale for your answer to these questions. For i 1, ,4, homework hw[i] typically refers tolectures 3i-2, 3i-1, 3i and is due by the end of the week dedicated to Lecture 3i. During the weeklyonline meeting, the instructor will go over hw problem explanations, the students will have a chanceto answer the questions, and the instructor will go over hw solutions (or, if there is no time, possiblymade the answer available in a recorded video). Homeworks should be considered (the only)practice problems for your midterm and final exams. Homework is graded for effort (i.e., how manyquestions are answered with a rationale that shows that the student tried to answer the question)and not for correctness of answers. Of course, for more successful practice for midterm and final, thestudent should answer hw questions as if they were midterm or final questions.The projects consist of solving practical problems (via software implementation) including: (1) thebreaking or design of (variations of) a number of known cryptographic primitives (e.g., encryptionschemes, authentication schemes, etc.); and (2) designing and implementing privacy and securitysolutions, based on the cryptography studied in class, as an improvement to a real-life system. Inaddition to implementation tasks, the projects will require a presentation document possiblyincluding details on software documentation, cryptography design, cryptanalysis, performanceanalysis, etc. A project will have to be realized by a team of a number of students (to be decidedduring the class), and comes with a minimal assignment. Any additional work performed by thestudent(s) will be considered extra credit work. We will have a workshop day where each studentwill have a chance to present at least one of the projects. Students with the best projects will receiveextra credit. Authorized sources: personal notes, required or recommended textbooks, and other websources (only if they are properly quoted and not plagiarized). No collaboration is authorized withstudents beyond your team, or with parties external to the course. The following collaboration withinstructor and TAs is authorized: you can ask via e-mail or during office hours for clarifications onthe project problem statement (or about any solutions, after grades have already been posted).The midterm is based on lectures 1-6; you will be given a number of questions in some “enhancedmultiple-choice format”, for which the answers may require writing a brief rationale, as forhomework questions, and you will be given a time limit (i.e., 3 hours) to write your answers. Themidterm is a proctored test where you are allowed to inspect your textbook and lecture slides. Formore detailed info on authorized (or not) sources, see info posted by the instructor. If the instructoris proctoring your exam, you can ask the instructor for clarifications on question statements. Nocollaboration is authorized with anyone else.The final is based on lectures 7-12; you will be given between a number of in some “enhancedmultiple-choice format”, for which the answers may require writing a brief rationale, as forhomework questions, and you will be given a time limit (i.e., 3 hours) to write your answers. The finalis a proctored test where you are allowed to inspect your textbook and lecture slides. For moredetailed info on authorized (or not) sources, see info posted by the instructor. If the instructor i sproctoring your exam, you can ask the instructor for clarifications on question statements. Nocollaboration is authorized with anyone else.The following opportunities for extra credit (for which collaboration among students is allowed)will be offered:1)2)3)4)5)6)seminar attendance,useful feedback provided to the instructor at the end of the semester,highest numbers of correct answers on a weekly meeting,best projects,additional work on projects, andadvanced topic surveys.

You can take opportunities 1,2,3,4 and no more than one among 5,6.All your work (homework, projects, midterm, final, extra credit) should be submitted on NYU Classes,under Tests and Quizzes, or will likely be not evaluated for class grade purposes.Generally, students are very much encouraged to e-mail their technical and non-technicalquestions (including class organization, etc.) to the instructor; questions can be sent at any time,and an answer would likely appear within 1 or 2 business days. For real-time answers, office hoursare more appropriate. We will also have an online forum which can be more appropriate forquestions among fellow students, live updates to course material or real-time communication fromthe instructor, etc. The instructor is also happy to make time for a limited number of one-on-oneoffice hours outside of the designated times. The diligent student is expected to generate a weekly listof unclear technical issues to clarify with the instructor and/or the TA through the above channels.The student’s course grade will be tentatively determined as a weighted average, as follows: classparticipation through attendance and hw answer attempts (5%), homework completion (10%),project1 (15%), project2 (20%), midterm (25%), final (25%). Weights are tentative and mightslightly change (for instance, slightly increasing the weight of the final is possible). Incomplete gradeswill not be given, unless under exceptional circumstances. Homework submitted later than the duedate is eligible for partial credit that decreases with time. Submitting homework late will always bemore convenient than submitting no homework but never more convenient than submittinghomework before the due date. The instructor will not drop students’ lowest homework score.The course’ schedule and due student activities are summarized below:Week123456789101112131415Class EventsLecture 1 (Tu, Sep 8)Lecture 2 (Tu, Sep 15)Lecture 3 (Tu, Sep 22)Lecture 4 (Tu, Sep 29)Lecture 5 (Tu, Oct 6)Lecture 6 (Tu, Oct 13)Midterm exam (Tu, Oct 20)Lecture 7 (Tu, Oct 27)Lecture 8 (Tu, Nov 3)Lecture 9 (Tu, Nov 10)Lecture 10 (Tu, Nov 17)Lecture 11 (Tu, Nov 24)Lecture 12 (Tu, Dec 1)Workshop (project presentations) and finalreview (Tu, Dec 8)Final exam (Tu, Dec 15)What’s due?HW1 on Lectures 1-3 (Sat, Sep 26)HW2 on Lectures 4-6 (Thu, Oct 15)Project 1 (Sun, Oct 25)HW3 on Lectures 7-9 (Sat, Nov 14)HW4 on Lectures 10-12 (Thu, Dec 3)Project 2 (Mon, Dec 7)Extra credit (Sun, Dec 20)Moses Center Statement of DisabilityIf you are student with a disability who is requesting accommodations, please contact New YorkUniversity’s Moses Center for Students with Disabilities (CSD) at 212-998-4980 ormosescsd@nyu.edu. You must be registered with CSD to receive accommodations. Informationabout the Moses Center can be found at www.nyu.edu/csd. The Moses Center is located at 726Broadway on the 3rd floor.NYU School of Engineering Policies and Procedures on Academ ic Misconduct – com pleteStudent Code of Conduct hereA. Introduction: The School of Engineering encourages academic excellence in anenvironment that promotes honesty, integrity, and fairness, and students at theSchool of Engineering are expected to exhibit those qualities in their academic work.

It is through the process of submitting their own work and receiving honest feedbackon that work that students may progress academically. Any act of academicdishonesty is seen as an attack upon the School and will not be tolerated.Furthermore, those who breach the School’s rules on academic integrity will besanctioned under this Policy. Students are responsible for familiarizing themselveswith the School’s Policy on Academic Misconduct.B. Definition: Academic dishonesty may include misrepresentation, deception,dishonesty, or any act of falsification committed by a student to influence a grade orother academic evaluation. Academic dishonesty also includes intentionallydamaging the academic work of others or assisting other students in acts ofdishonesty. Common examples of academically dishonest behavior include, but arenot limited to, the following:1. Cheating: intentionally using or attempting to use unauthorized notes, books,electronic media, or electronic communications in an exam; talking withfellow students or looking at another person’s work during an exam;submitting work prepared in advance for an in-class examination; havingsomeone take an exam for you or taking an exam for someone else; violatingother rules governing the administration of examinations.2. Fabrication: including but not limited to, falsifying experimental data and/orcitations.3. Plagiarism: intentionally or knowingly representing the words or ideas ofanother as one’s own in any academic exercise; failure to attribute directquotations, paraphrases, or borrowed facts or information.4. Unauthorized collaboration: working together on work meant to be doneindividually.5. Duplicating work: presenting for grading the same work for more than oneproject or in more than one class, unless express and prior permission hasbeen received from the course instructor(s) or research adviser involved.6. Forgery: altering any academic document, including, but not limited to,academic records, admissions materials, or medical excuses.NYU School of Engineering Policies and Procedures on Excused Absences – com plete policy hereA. Introduction: An absence can be excused if you have missed no more than 10 daysof school. If an illness or special circumstance has caused you to miss more thantwo weeks of school, please refer to the section labeled Medical Leave of Absence.B. Students may request special accommodations for an absence to be excused in thefollowing cases:1.2.3.4.Medical reasonsDeath in immediate familyPersonal qualified emergencies (documentation must be provided)Religious Expression or PracticeDeanna Rayment, deanna.rayment@nyu.edu, is the Coordinator of Student Advocacy,Compliance and Student Affairs and handles excused absences. She is located in 5 MTC,LC240C and can assist you should it become necessary.NYU School of Engineering Academic Calendar – complete list here.

The last day of the final exam period is . Final exam dates for undergraduate courses willnot be determined until later in the semester. Final exams for graduate courses will be held on thelast day of class during the week of . If you have two final exams at the same time, reportthe conflict to your professors as soon as possible. Do not make any travel plans until the examschedule is finalized.Also, please pay attention to notable dates such as Add/Drop, Withdrawal, etc. For confirmationof dates or further information, please contact Susana: sgarcia@nyu.edu

Lecture 3: Algorithmic number theory, number theory and cryptographic assumptions, Reductions, proofs by reductions, number theory candidates for cryptographic primitives (e.g., factoring and related problems), public-key cryptosystems from number theory problems; brief discussion of