Cryptographic protocols (Autumn 2009)

Time and location

Event Time Location

Lectures Mon 12:15 - 13:45 Liivi 2-404 Peeter Laud

Tue 12:15 - 13:45 Liivi 2-403

Practice sessions Mon 14:15 - 15:45 Liivi 2-315

Wed 10:15 - 11:45 Liivi 2-405

(weeks 9—16)

As both the lectures and practice sessions are given by the same teacher, their split will be pretty dynamic.

Event	Time	Location
Lectures	Mon 12:15 - 13:45	Liivi 2-404	Peeter Laud
Tue 12:15 - 13:45	Liivi 2-403
Practice sessions	Mon 14:15 - 15:45	Liivi 2-315
Wed 10:15 - 11:45	Liivi 2-405
(weeks 9—16)

Grading is based on a number of take-home exercises during the course (making up two thirds of the grade) and an oral exam sometime after the lectures have ended (making up the rest of the grade) (if someone wants to make the exam in written form, this can be discussed).

The examination paper (if there will be one) will contain questions that are less suitable for take-home exercises.
The exam is open-book.

The contents of the lectures is similar to the previous year. There is no single textbook that covers all material of the course. The first lectures somewhat (but only somewhat) follow certain chapters of Wenbo Mao's "Modern Cryptography: Theory and Practice".

Home exercises:

First: find an attack against the Yahalom protocol (from these slides) where the attacker can masquerade himself as Bob to Alice. Deadline: November 2nd before class (later it isn't interesting any more).
Second Deadline: November 30th.
Third home exercise is the same as the fourth exercise from the last year.
Fourth
Fifth

News:

Nov 14th: The second home exercise has been posted.
Oct 24th: The final exam of Cryptology I will take place in November 9th, from 12 to 14. Hence the class will meet only from 14 to 16.
Oct 24th: The first lecture is at October 26th!

Slides of the lectures:

October 26th and the following day(s)
- We searched for attacks against these protocols in the practice session of October 26th.
In the next lectures we continue, but will also consider some Internet security protocols and protocols with advanced properties.
In November 2nd, we start with the analysis of protocols using ProVerif. The examples will appear here.
We continued in November 3rd and will also continue in November 4th by considering the applied pi-calculus like input language of ProVerif.
In November 9th-11th, we speak about the relationship between the perfect cryptography assumption, and the complexity-theoretic security definitions. Slides will be those and those.
In November 16th, we start with secure multiparty computation.
In November 17th, we continue. If we have any time left over (probably we won't), then we start with secret sharing. Indeed, this was covered in November 18th.
In November 23rd, we finish the secret sharing issues. After that we cover more multiparty computation protocols (slides last updated: November 30th at 21:40). We continue until November 30th.
In December 1st, we take a look at protocols used by the Sharemind system.
The lecture in December 2nd is based on these slides by Helger Lipmaa.
In December 7th we start with universal composability. This will occupy next days, also.
We are finished for this year. The last topic of the course was the universally composable cryptographic library.