Welcome to the Fall 2020 web page for CS/ECE 498 AC3/4: Cryptography!
This course will cover a selection of topics in applied cryptography. We will learn how cryptographic primitives work, how to use them correctly, and how to provably reason about their security.
No prior cryptography background is assumed, however, students are expected to have mathematical maturity. Students are expected to be comfortable with writing mathematical proofs. A working knowledge of discrete mathematics and probability is assumed. Familiarity with algorithmic reductions will be useful.
Instructor: Dakshita Khurana, dakshita@illinois.edu. Office hours: Tuesday 12.30 pm  1.30 pm, or by appointment.
TA: Ruta Jawale, jawale2@illinois.edu. Office hours: Thursday 2 pm  3 pm.
Course Credits: 3/4
Time: Tuesdays and Thursdays, 11.00  12.15 pm
Location: Zoom. If you are registered for the course, you should have received an email with a link to join zoom meetings, and to join Piazza.
Piazza: Please sign up for Piazza at https://piazza.com/illinois/fall2020/ececs498ac/home to get a zoom link.
If you are not registered, please email the TA to get an access code for Piazza and a zoom link.
Note: Students are encouraged to drop by during office hours (or set up, by email, an appointment to meet) within the first 4 weeks. This will help me learn more about your interests and what you hope to learn from this class. I can also help you with a choice of topic for your project.
Students will be asked to scribe lecture notes. These notes will serve as a key resource for this course. We will closely follow the book:
Additional Resources: Books/Lecture Notes
(Bonus) 5%: Class Participation.
The class intends to encourage deep, careful thought. I want the lectures be as interactive as possible: you are strongly encouraged to ask questions and offer answers. I will end lectures with open questions that we will answer interactively during the next class. These questions will be easy to answer if you attend every lecture. Reading the prescribed book before the next lecture is recommended to better understand the contents of the course. Students that ask insightful questions and offer insightful answers in class, or as part of assignment solutions, or on Piazza will be rewarded with extra credit.
10%: Scribe Notes.
Scribe notes are a complete, polished writeup of a lecture, with references and technical details carefully filled in. Every student should expect to scribe once, likely in teams of 2 depending on class size. At the beginning of every lecture, I will ask for volunteers to write the scribe notes for the day. Please do not volunteer if there is a chance that you will drop the course before you submit your scribe notes. Preparing these notes will help you internalize the material at a new level, by thinking through the significance of the material and converting every proof outline discussed in class to a rigorous proof. Please typeset your scribe notes in LaTeX using the template here. You have 4 days to prepare the scribe notes. More precisely, the scribe notes for a Tuesday lecture are due at 5 pm the following Saturday, and the scribe notes for a Thursday lecture are due at 5 pm the following Monday. Please email the TA your .pdf file and the source files (.tex and .bib, as well as figure files if any). Please email your files as a single ZIP archive.
60%: Assignments.
There will be 4 assignments, each worth 15%. These will range from cryptanalytic attacks, to implementations of secure cryptographic primitives, to mathematically rigorous proofs of security.
30%: Exam (Takehome).
There will one final takehome exam, with 56 questions, that you will have 24 hours to solve. To be successful in the exam, I highly recommend that you attend class, participate and ask questions, and give careful and deep thought to topics discussed in class.
FOR THE 4 CREDIT COURSES (CS498AC4/ECE498AC4) ONLY  (25 out of a total of 125 points): Project.
The purpose of the project is to expose students to research in cryptography. You can pick a project topic of your choice (you can refer to this list for some nice ideas). The project can be a literature survey, or an attempt at original research to answer an open problem in cryptography. I am happy to consult individually with you during office hours or by appointment to provide guidance. You should feel free to work individually, or in teams of 23, and spend 12 weeks on the project.
NEW! Please find the project template here.
Students will have the option to waive the exam requirement if they aim to advance the field of cryptography via original research. In this case, the project will account for 55 out of 125 points. If you choose to waive your exam, you will be expected to allot several weeks and a good deal of effort to the research project. Research is an unpredictable game, so your project evaluation will take into account the thought and effort you put in and the ideas you develop along the way. Students interested in choosing this option must contact me within the first 3 weeks.
This is a tentative schedule and is subject to change. Please keep checking this page for updates to topics and for scribe notes. Much of the content has been borrowed from the BonehShoup textbook and Dan Boneh's course.
Date  Topic  Slides  Lecture Video  Reading (BonehShoup)  Scribe Notes (have not been vetted) 

08/25  Introduction, Overview, Historical Perspective  Lecture 1  Lecture 1 video  Chapters 1, 2  
08/27  Pseudorandom Generators (PRGs), Stream Ciphers  Lecture 2  Lecture 2 video  Chapters 2, 3  Scribe notes lec. 2 
09/01  Block Ciphers I  Lecture 3  Lecture 3 video  Chapters 3, 4  Scribe notes lec. 3 
09/03  Block Ciphers II  Lecture 4  Lecture 4 video  Chapters 4, 5  Scribe notes lec. 4 
09/08  Message Authentication  Lecture 5  Lecture 5 video  Chapter 6  Scribe notes lec. 5 
09/10  CollisionResistance ASSIGNMENT 1 RELEASED 
Lecture 6  Lecture 6 video  Chapter 8  Scribe notes lec. 6 
09/15  Authenticated Symmetric Encryption  Lecture 7  Lecture 7 video  Chapter 9  Scribe notes lec. 7 
09/17  Advanced Symmetric Encryption, Number Theory ASSIGNMENT 1 DUE 
Lecture 8  Lecture 8 video  Chapter 9  Scribe notes lec. 8 
09/22  Public Key Encryption 1  Lecture 9  Lecture 9 video  Chapter 10  Scribe notes lec. 9 
09/24  Public Key Encryption 2  Lecture 10  Lecture 10 video supplementary video  Chapter 10  Scribe notes lec. 10 
09/29  CCA Secure Encryption  Lecture 11  Lecture 11 video  Chapter 11  Scribe notes lec. 11 
10/01  Digital Signatures ASSIGNMENT 2 RELEASED (FRIDAY) 
Lecture 12  Lecture 12 video  Chapters 13,14  Scribe notes lec. 12 
10/06  Schnorr Signatures, Commitments  Lecture 13  Lecture 13 video  Chapter 19  Scribe notes lec. 13 
10/08  Identification Schemes and ZeroKnowledge  Lecture 14  Lecture 14 video  Chapter 19  
10/13  ZeroKnowledge II  Lecture 15  Lecture 15 video  Chapter 19  Scribe notes lec. 15 
10/15  ZeroKnowledge III  Lecture 16  Lecture 16 video  Chapter 19  Scribe notes lec. 16 
10/20  Or Composition, Pairings  Lecture 17  Lecture 17 video  Chapter 19  Scribe notes lec. 17 
10/22  Pairingbased ZK  Lecture 18  Lecture 18 video  These notes  Scribe notes lec. 18 
10/27  Pairingbased ZK: II ASSIGNMENT 3 RELEASED 
Lecture 19  Lecture 19 video  Additional reading  Scribe notes lec. 19 
10/29  Oblivious Transfer  Lecture 20  Lecture 20 video  Additional reading  Scribe notes lec. 20 
11/03  Election Day, NO CLASS ASSIGNMENT 3 DUE 

11/05  Two Party Computation 1: Secret Sharing and Computations  Lecture 21  Lecture 21 video  Chapter 14 here  Scribe notes lec. 21 
11/10  Two Party Computation 2: Garbled Circuits  Lecture 22  Lecture 22 video  Chapter 14 here  Scribe notes lec. 22 
11/12  On the Security of Garbled Circuits  Lecture 23  Lecture 23 video  Chapter 14 here  Scribe notes lec. 23 
11/17  Learning with Errors 1  Lecture 24  Lecture 24 video  Scribe notes lec. 24  
11/19  Learning with Errors 2 ASSIGNMENT 4 RELEASED 
Lecture 25  Lecture 25 video  Scribe notes lec. 25 If interested: Leftover Hash Lemma 

11/24  Thanksgiving, NO CLASS  
11/26  Thanksgiving, NO CLASS  
12/01  Q&A, Crypto Unicorns ASSIGNMENT 4 DUE 
Lecture 26  Lecture 26 Video  
12/03  Ethics 1  
12/08  Ethics 2 