Welcome to the Fall 2020 web page for CS498AC3/AC4, ECE498AC3/AC4: Applied Cryptography!

Course Overview

This course will cover a selection of topics in applied cryptography. We will learn how cryptographic primitives work, how to use them correctly, and how to provably reason about their security. 

No prior cryptography background is assumed, however, students are expected to have mathematical maturity. Students are expected to be comfortable with writing mathematical proofs. A working knowledge of discrete mathematics and probability is assumed. Familiarity with algorithmic reductions will be useful.

Instructor: Dakshita Khurana, dakshita@illinois.edu. Office hours: Tuesday 12.30 pm - 1.30 pm, or by appointment.
TA: Ruta Jawale, jawale2@illinois.edu. Office hours: Thursday 2 pm - 3 pm.

Course Credits: 3/4
Time: Tuesdays and Thursdays, 11.00 - 12.15 pm
Location: Zoom. If you are registered for the course, you should have received an email with a link to join zoom meetings, and to join Piazza.
Piazza: Please sign up for Piazza at  to get a zoom link.

If you are not registered, please email the TA to get an access code for Piazza and a zoom link.

Note: Students are encouraged to drop by during office hours (or set up, by email, an appointment to meet) within the first 4 weeks. This will help me learn more about your interests and what you hope to learn from this class. I can also help you with a choice of topic for your project.

Students will be asked to scribe lecture notes. These notes will serve as a key resource for this course. We will closely follow the book:

Additional Resources: Books/Lecture Notes

Grading for CS 498 AC3/4, ECE 498 AC 3/4.

(Bonus) 5%: Class Participation. 
The class intends to encourage deep, careful thought. I want the lectures be as interactive as possible: you are strongly encouraged to ask questions and offer answers. I will end lectures with open questions that we will answer interactively during the next class. These questions will be easy to answer if you attend every lecture. Reading the prescribed book before the next lecture is recommended to better understand the contents of the course. Students that ask insightful questions and offer insightful answers in class, or as part of assignment solutions, or on Piazza will be rewarded with extra credit.

10%: Scribe Notes.
Scribe notes are a complete, polished write-up of a lecture, with references and technical details carefully filled in. Every student should expect to scribe once, likely in teams of 2 depending on class size. At the beginning of every lecture, I will ask for volunteers to write the scribe notes for the day. Please do not volunteer if there is a chance that you will drop the course before you submit your scribe notes. Preparing these notes will help you internalize the material at a new level, by thinking through the significance of the material and converting every proof outline discussed in class to a rigorous proof. Please typeset your scribe notes in LaTeX using the template here. You have 4 days to prepare the scribe notes. More precisely, the scribe notes for a Tuesday lecture are due at 5 pm the following Saturday, and the scribe notes for a Thursday lecture are due at 5 pm the following Monday. Please email the TA your .pdf file and the source files (.tex and .bib, as well as figure files if any). Please email your files as a single ZIP archive.

60%: Assignments.
There will be 4 assignments, each worth 15%. These will range from cryptanalytic attacks, to implementations of secure cryptographic primitives, to mathematically rigorous proofs of security.

30%: Exam (Take-home). 
There will one final take-home exam, with 5-6 questions, that you will have 24 hours to solve. To be successful in the exam, I highly recommend that you attend class, participate and ask questions, and give careful and deep thought to topics discussed in class.

FOR THE 4 CREDIT COURSES (CS498AC4/ECE498AC4) ONLY -- (25 out of a total of 125 points): Project.
The purpose of the project is to expose students to research in cryptography. You can pick a project topic of your choice (you can refer to this list for some nice ideas). The project can be a literature survey, or an attempt at original research to answer an open problem in cryptography. I am happy to consult individually with you during office hours or by appointment to provide guidance. You should feel free to work individually, or in teams of 2-3, and spend 1-2 weeks on the project.

Students will have the option to waive the exam requirement if they aim to advance the field of cryptography via original research. 
In this case, the project will account for 55 out of 125 points. If you choose to waive your exam, you will be expected to allot several weeks and a good deal of effort to the research project. Research is an unpredictable game, so your project evaluation will take into account the thought and effort you put in and the ideas you develop along the way. Students interested in choosing this option must contact me within the first 3 weeks.

Course Schedule

This is a tentative schedule and is subject to change. Please keep checking this page for updates to topics and for scribe notes. Much of the content has been borrowed from the Boneh-Shoup textbook and Dan Boneh's course.

Date Topic Slides Lecture Video Reading (Boneh-Shoup) Scribe Notes (have not been vetted)
08/25 Introduction, Overview, Historical Perspective Lecture 1 Lecture 1 video Chapters 1, 2  
08/27 Pseudorandom Generators (PRGs), Stream Ciphers Lecture 2 Lecture 2 video Chapters 2, 3 Scribe notes lec. 2
09/01 Block Ciphers I Lecture 3 Lecture 3 video Chapters 3, 4 Scribe notes lec. 3
09/03 Block Ciphers II Lecture 4 Lecture 4 video Chapters 4, 5 Scribe notes lec. 4
09/08 Message Authentication Lecture 5 Lecture 5 video Chapter 6 Scribe notes lec. 5
09/10 Collision-Resistance

Lecture 6 Lecture 6 video Chapter 8  
09/15 Authenticated Symmetric Encryption Lecture 7 Lecture 7 video Chapter 9  
09/17 Advanced Symmetric Encryption, Number Theory

Lecture 8 Lecture 8 video Chapter 9  
09/22 Public Key Encryption 1        
09/24 Public Key Encryption 2        
09/29 CCA Secure Encryption        
10/01 Authenticated Key Exchange

10/06 Commitments        
10/08 Digital Signatures

10/13 Zero-Knowledge        
10/15 Pairing-based ZK: 1        
10/20 Pairing-based ZK: 2        
10/22 Succinct ZK

10/27 Garbled Circuits        
10/29 Oblivious Transfer

11/03 Election Day, NO CLASS        
11/05 Multiparty Computation 1: Secret Sharing        
11/10  Multiparty Computation 2: Multiplications        
11/12 Quantum Attacks on Classical Cryptography        
11/17 Postquantum Cryptography: Lattices 1        
11/19 Postquantum Cryptography: Lattices 2

11/24 Thanksgiving, NO CLASS        
11/26 Thanksgiving, NO CLASS        
12/01 Postquantum Cryptography: Isogenies

12/03 Ethics 1        
12/08 Ethics 2        

Web Analytics