The Joy of Cryptography - Oregon State University


The Joy of Cryptography Undergraduate textbook by Mike Rosulek CONTENTS



The Joy of Cryptography is a textbook that I've been writing for CS427, my undergraduate course in cryptography.

WHAT'S SO SPECIAL ABOUT IT? It's free and will always be free (Creative Commons license)! It is supported by the Oregon State University open textbook initiative. The pedagogical approach is anchored in formal definitions/proof of security, but in a way that I believe is more accessible than what is "traditional" in crypto. All security definitions are written in a unified and simplified "game-based" style. For an example of what security definitions look like in this style, see the index of security definitions (which will make more sense after reading chapters 2 & 4). For example proofs of security in this style, see the supplementary material below. It contains over 120 exercises.

DISCLAIMERS: Everything here is in draft form. This will become evident as you read through the text. Still, I've been successful using the text as the primary reference in an actual course. My course CS427 is only a 10-week course. For that reason, much important material is still missing from the text! "The Joy of Cryptography" is a silly title, but all the sensible titles were already taken. It was at least better than "You Can't Spell Cryptography without Cry". Anyway, actual joy not guaranteed.

CONTENTS Download the current draft (PDF, Sep 7, 2017) Current table of contents (links are for PDFs of individual chapters): Foreword 0. Review of Concepts & Notation 1. One-Time Pad One-Time Pad Definition Properties of One-Time Pad 2. The Basics of Provable Security Reasoning about Information Hiding via Code Libraries A General-Purpose Security Definition for Encryption How to Prove Security with the Hybrid Technique How to Demonstrate Insecurity with Attacks 3. Secret Sharing Definitions A Simple 2-out-of-2 Scheme Polynomial Interpolation Shamir Secret Sharing Visual Secret Sharing 4. Basing Cryptography on Limits of Computation Polynomial-Time Computation Negligible Probabilities Indistinguishability Sampling with Replacement & the Birthday Bound 5. Pseudorandom Generators Definition Application: Shorter Keys in One-Time-Secret Encryption Taking the Contrapositive Point-of-View Extending the Stretch of a PRG 6. Pseudorandom Functions Definition Attacking Insecure PRFs A Theoretical Construction of a PRF from a PRG 7. Pseudorandom Permutations Definitions Switching Lemma Feistel Ciphers Strong Pseudorandom Permutations 8. Security against Chosen Plaintext Attacks Implications of CPA Security Pseudorandom Ciphertexts CPA-Secure Encryption from PRFs 9. Block Cipher Modes of Operation Common Modes CPA Security for Variable-Length Plaintexts Security of OFB Mode Padding & Ciphertext Stealing 10. Chosen Ciphertext Attacks Padding Oracle Attacks What Went Wrong? Defining CCA Security CCA Insecurity of Block Cipher Modes A Simple CCA-Secure Scheme 11. Message Authentication Codes Security Definition A PRF is a MAC CBC-MAC Encrypt-Then-MAC 12. Hash Functions Defining Security Hash-Then-MAC Merkle-Damgård Construction Length-Extension Attacks 13. The RSA Function Modular Arithmetic & Number Theory The RSA Function Chinese Remainder Theorem The Hardness of Factoring N Malleability of RSA, and Applications 14. Diffie-Hellman Key Agreement Cyclic Groups Diffie-Hellman Key Agreement Decisional Diffie-Hellman Problem 15. Public-Key Encryption Security Definitions One-Time Security Implies Many-Time Security ElGamal Encryption Hybrid Encryption Index of security definitions

SUPPLEMENTARY MATERIAL I have also provided some slide decks that visually illustrate the steps of some hybrid proofs from the text: One-time secrecy of one-time pad (§2.2) Security of additive 2-out-of-2 secret sharing (§3.2) One-time secrecy of "pseudo-one-time pad" (§5.3) Security of extending a PRG's stretch via a feedback construction (§5.5) CPA security of the classical PRF-based encryption scheme (§8.3) CCA security of encrypt-then-MAC (§11.4) CPA security public-key hybrid encryption (§15.4)

OTHER For a second opinion, you might want to check out these other excellent references. They are also the reason I had to choose a silly name for mine -- all the good names were taken. A Course in Cryptography, Rafael Pass & abhi shelat (free) Cryptography, An Introduction, Nigel Smart (free) Introduction to Modern Cryptography, Jonathan Katz & Yehuda Lindell Introduction to Modern Cryptography, Mihir Bellare & Phil Rogaway (free)


The Joy of Cryptography - Oregon State University

The Joy of Cryptography Undergraduate textbook by Mike Rosulek CONTENTS SUPPLEMENTARY OTHER The Joy of Cryptography is a textbook that I've been wr...

280KB Sizes 3 Downloads 37 Views

Recommend Documents

Rodenticides - Oregon State University
Rodents include not only rats and mice, but also squirrels, woodchucks, chipmunks, porcupines, nutria, and beavers. Alth

donart - Oregon State University
While earlier and more traditional theories focused attention on kindergarten through high school-aged students, many of

oktoberpest - Oregon State University
aprenderán la anatomía/estructura básica de lo que es un insecto y un ácaro (arañuela), ciclos de vida y ecología.

:: Oregon State University Open
Jun 8, 2017 - KDE (Linux) window settings can cause the whole window to move when dragging a note. Changing the window s

Reading 2 - Oregon State University
READING TECHNIQUES: Five Step Approach. Please note: These steps are designed to be used with an Übungsblatt; there is

Benny Kuo | Oregon State University Advantage | Oregon State
He aspires to commercialize consumer technology products and to mentor young people in areas of college, career, and ent

Roger Ely - Oregon State University
Advisory Board, Idaho National Engineering and Environmental Laboratory Test Area North. Bioremediation, Parsons Enginee

Comparative Statics - Oregon State University
Sep 2, 2008 - graduate courses, but they are still absent from undergraduate mathematical economics courses and textbook

nuclear fallout - Oregon State University
or design, there is a chance of survival for a large portion of the population if proper protective measures ..... const

Rational Functions - Oregon State University
Significance. "Rational function" is the name given to a function which can be represented as the quotient of polynomial