6.897 | Spring 2004 | Graduate

Selected Topics in Cryptography

Lecture Notes

This section contains a set of lecture notes and scribe notes for each lecture. Scribe notes are latex transcriptions by students as part of class work. Scribe notes are used with permission of the students named.

week # TOPICS Lecture notes scribe notes
1 L1: Overview of the Course. The “Classic” Definitional Framework of Multiparty Function Evaluation (along the lines of [C00]): Motivation for the Ideal-Model Paradigm.

L2: The Basic Definition of Security. Variants.

(PDF) L1-L2: “Universal Composability” by Yoav Yerushalmi and Steve Weis (PDF)
2 L3: The Non-Concurrent Composition Theorem. Example: Casting Zero-Knowledge within the Basic Definitional Framework. The Blum Protocol for Graph Hamiltonicity.

L4: Sequential Composability of Zero-Knowledge. Problems with Non-Sequential Composability of Commitments and Zero-Knowledge.

(PDF) L3-L4: “Universal Composability” by Yael Tauman Kalai and Abhi Shelat (PDF)
3 L5: Theory of Cryptography Conference (TCC)

L6: Theory of Cryptography Conference (TCC) (cont.)

4 L7: The Universally Composable (UC) Security Framework: Motivation and the Basic Definition (based on [C01]).

L8: Alternative Formulations of UC Security. The Universal Composition Theorem. Survey of Feasibility Results in the UC Framework.

(PDF) L7: “The Universal Composability Framework - Definitions” by Vinod Vaikuntanathan (PDF)

L8: “The Dummy Adversary” by Jonathan Herzog (PDF)

5 L9: UC Commitments: Motivation. The Ideal Commitment Functionality. Impossibility of Realizations in the Plain Model.

L10: UC Commitment in the Common Reference String Model (based on [CF01]). Realizing the Ideal Commitment Functionality. The Multi-Commitment Functionality and Realization.

(PDF) L9: “UC Commitments and Other Feasibility Results” by Susan Hohenberger (PDF)
6 L11: UC Zero Knowledge from UC Commitments. Secure Realization of any Multi-Party Functionality with any Number of Faults: The Semi-Honest Case. (Static, Adaptive, Two-Party, Multi-Party.)

L12: Secure Realization of any Functionality: The Byzantine Case. The Case of Honest Majority without Set-Up.

(PDF) L11: Chris Peikert (PDF)

L12: Dah-Yoh Lim (PDF)

7 L13: Universal Composition with Joint State.

L14: UC Signatures. Equivalence with Existential Unforgeability Against Chosen Message Attacks (as in [GMRi88]). Usage for Certification and Authentication.

(PDF) L13-L14: “JUC; UC Signatures and Authentication” by Yoav Yerushalmi and Steve Weis (PDF)
8 L15: Authenticated Key Exchange and Secure-Session Protocols.

L16: UC Formulation of Public-Key Encryption. Equivalence with CCA Security.

9 L17: Electronic Voting/Introduction

L18: Electronic Voting/Introduction (cont.)

  L17: “Introduction to Electronic Voting” by Ben Adida (PDF)

L18: “Mix­-Net Voting Systems” by Yael Tauman Kalai (PDF)

10 L19: Verifiable Mix-Nets

L20: Verifiable Mix-Nets (cont.)

  L19: “Verifable Mix-Net Voting” by Susan Hohenberger (PDF)

L20: “Verifable Mix-Nets” by Matt Lepinski (PDF)

11 L21: Verifiable Mix-Nets (cont.)

L22: Verifiable Mix-Nets (cont.)

  L21: “Neff (VoteHere) Voting Scheme” by Chris Peikert (PDF)

L22: “Voter Verification in Mix-Net Voting Systems” by Yael Tauman Kalai (PDF)

12 L23: Chaum’s Voting Scheme

L24: Chaum’s Voting Scheme (cont.)

  L23: “Chaum’s Election Scheme” by Yoav Yerushalmi (PDF)

L24: “Neff Voting” by Abhi Shelat (PDF)

13 L25: Pairing-Based Cryptography

L26: Pairing-Based Cryptography (cont.)

  L25: “Pairing­-Based Cryptography” by Ben Adida (PDF)

L26: Dah-Yoh Lim (PDF)

Course Info

As Taught In
Spring 2004
Learning Resource Types
Lecture Notes