Cryptographic protocols (Autumn 2009)
Time and location
As both the lectures and practice sessions are given by the same teacher,
their split will be pretty dynamic.
|| Mon 12:15 - 13:45
|| Liivi 2-404
| Tue 12:15 - 13:45
|| Liivi 2-403
| Practice sessions
|| Mon 14:15 - 15:45
|| Liivi 2-315
| Wed 10:15 - 11:45
|| Liivi 2-405
| (weeks 9—16)
Grading is based on a number of take-home exercises during the course
(making up two thirds of the
grade) and an oral exam sometime after
the lectures have ended (making up the rest of the grade) (if someone wants
to make the exam in written form, this can be discussed).
- The examination paper (if there will be one) will contain questions that are less suitable for
- The exam is open-book.
The contents of the lectures is similar to the previous year. There is no single textbook that
covers all material of the course. The first lectures somewhat (but only
somewhat) follow certain chapters of Wenbo
Mao's "Modern Cryptography: Theory and Practice".
- First: find an attack against the Yahalom protocol (from these slides) where the attacker can masquerade
himself as Bob to Alice. Deadline: November 2nd before class (later it isn't
interesting any more).
- Second Deadline: November 30th.
- Third home exercise is the same as the fourth exercise from the last year.
- Nov 14th: The second home exercise has been posted.
- Oct 24th: The final exam of Cryptology I will take place in November 9th, from
12 to 14. Hence the class will meet only from 14 to 16.
- Oct 24th:
The first lecture is at October 26th!
Slides of the lectures:
- October 26th and the following day(s)
- We searched for attacks against these
protocols in the practice session of October 26th.
- In the next lectures we continue, but will also consider some Internet security protocols and protocols with advanced properties.
- In November 2nd, we start with the analysis of
protocols using ProVerif. The
examples will appear here.
- We continued in November 3rd and will also continue in November 4th by
considering the applied pi-calculus like input language of ProVerif.
- In November 9th-11th, we speak about the relationship between the
perfect cryptography assumption, and the complexity-theoretic security
definitions. Slides will be those and those.
- In November 16th, we start with secure multiparty computation.
- In November 17th, we continue. If we have any time left over (probably
we won't), then we start with secret
sharing. Indeed, this was covered in November 18th.
- In November 23rd, we finish the secret sharing issues. After that we
cover more multiparty computation
protocols (slides last updated: November 30th at 21:40). We continue
until November 30th.
- In December 1st, we take a look at protocols
used by the Sharemind
- The lecture in December 2nd is based on these slides by
- In December 7th we start with universal
composability. This will occupy next days, also.
- We are finished for this year. The last topic of the course was the universally composable cryptographic