
Instructor  Dominique Unruh <<surname> at ut dot ee> 
Teaching assistant 
Tore Vincent Carstens <<firstname dot thirdname at gmx dot de> 
Lecture Period  February 13 – 
Lectures  Wednesday, 10:1511:45, room 220 (Paabel)
(Unruh; may sometimes be switched with practice) 
Practice sessions 
Wednesday, 14:1515:45, room 220 (Paabel) (Unruh/Carstens) 
Course Material  Lecture notes, blackboard photos (of practice), and exam study guide. 
Language  English 
Mailing list  utcrypto1@googlegroups.com 
Contact  Dominique Unruh <<surname> at ut dot ee> 
20190213 (lecture)  Historical ciphers. Perfect secrecy. Onetime pad.  [video] 
20190220 (practice)  Breaking a substitution cipher. Malleability of onetimepad (bank transfer).  
20190227 (lecture)  Limitations of onetimepad/perfect security. Streamciphers. INDOTCPA security.  [video] 
20190227 (practice)  Brief introduction to PRGs. Security proof: If G is PRG, then H(x,y):=G(x)y is PRG. Very short intro to linear feedback shift registers (LFSR).  
20190306 (lecture)  Pseudorandom generators (PRG). Security proof for G(k)⊕m encryption scheme. Blockciphers. AES (started).  [video] 
20190306 (practice)  Gamebased security of onetime pad.  
20190313 (lecture)  AES (continued). Feistel networks. Definition: strong pseudorandom permutation (PRP).  [video] 
20190313 (practice)  Security of AES with missing AddRoundKey/SubBytes/MixColumns/ShiftRows. Insecurity of 1round, 2round and 3roundFeistel.  
20190320 (lecture)  Definition INDCPA. ECB mode (and its weakness). CBC mode. INDCPA security of CBC.  [video] 
20190320 (practice)  Malleability of CBC mode. Recap: Strong PRP. 3roundFeistel is not strong PRP. 
Out  Due  Homework  Solution 

20190302  20190316  Homework 1, wordlist.txt  Solution 1, otpxoradvanced.py, otpxor.py 
The course "Cryptology I" introduces the basics of
cryptography. After discussing historic ciphers and their weaknesses, we
introduce modern cryptographic primitives such as encryption and signature
schemes, hash functions, oneway functions etc. We explain how the
security of cryptographic schemes is defined and proven. We study advanced
cryptographic schemes such as zeroknowledge proofs and secure function
evaluation.
"Elements of Discrete Mathematics" or some
comparable mathematical foundations.