Time and location

Event | Time | Location |
---|---|---|

Lectures and practice sessions | Mon 12:15 - 15:45 | Liivi 2-404 |

Thu 8:15 - 11:45 | Liivi 2-224 | |

(weeks 9—16) |

Lecturers:

- Peeter Laud
- Cryptographic protocols in the formal model
- Universal composability

- Bingsheng Zhang
- Secure multiparty computation

Grading is based on a number of take-home exercises during the course (making up two thirds of the grade) and an oral exam sometime after the lectures have ended (making up the rest of the grade) (if someone wants to make the exam in written form, this can be discussed). The oral exam consists of a conversation with me on one of the topics listed here. You will know the topic one hour before the conversation.

- The examination paper (if there will be one) will contain questions that are less suitable for take-home exercises.
- The exam is open-book.

The contents of the lectures is similar to the previous year. There is no single textbook that covers all material of the course. The first lectures somewhat (but only somewhat) follow certain chapters of Wenbo Mao's "Modern Cryptography: Theory and Practice". For the second part, Bingsheng has compiled a list of papers. For the third part, I put together a list.

Home exercises:

- First home exercise is the same as it was two years ago.
- Second home exercise.
- Third home exercise.
- Fourth home exercise can be found at the slides on universal composability. See this, page 57 in the pdf-file (slide number 48).

News:

**Jan 6th**Added the exam topics, and a list of papers covering material on universal composability.-
**Jan 2nd:**Mentioned the existence of the 4th home exercise. -
**Nov 29th:**Added 2nd and 3rd home exercise. -
**Oct 20th:**The final exam of Cryptology I will take place in November 8th, instead of the lecture. It will be administered by Bingsheng. I won't be in Estonia in that day. -
**Oct 20th:**I won't be in Estonia in October 28th. The lecture will be given by Bingsheng. The slides will appear below. -
**Oct 20th:**The first lecture is at October 25th!

Slides of the lectures:

- October 25th
- On October 28th, Bingsheng will finish with the protocols in the end of this set of slides. He will continue with attacks against these protocols and then talk about some Internet security protocols.
- On November 1st, we start with the analysis of protocols using ProVerif. Here and here (changed 03.11.2010) are some slides and here is some further explanation of ProVerif syntax, but in general, it is very much recommended to attend the lecture. You may also want to install ProVerif.
- On November 4th we continue. Depending on our progress, we also take a look at some protocols with advanced properties.
- On November 11th, we will finish with the protocol analysis part. I
want to go through the JFK protocol,
as well as talk about the relationship between symbolic and computational
models.
- Please also check the detailed slides about the indistinguishability of probability distributions and ways to prove it.

- Starting from November 15th, the course will cover secure multiparty computation. The lectures are given by Bingsheng Zhang. He is planning to use mostly the slides from the last year, which were the following:
- From Dec. 6th, we start with Universal composability. We continued on Dec. 9th and 13th.
- We finish the course on Dec. 16th by considering the universally composable cryptographic library. There is also an example somewhere.