ICS 268: Cryptography and Communication Security

Fall Quarter, 2004

Instructor:       Stanislaw Jarecki

Most important info:

Course Description:

This course is an introduction to modern cryptography and security for graduates and advanced undergraduates.   The class will try to balance between the breadth of the coverage and an attempt to develop a general approach to the study of security issues.  The first aim of the class is to introduce students to various cryptographic tools like symmetric and public-key encryption schemes, signature schemes, message authentication schemes, identification protocols, and others.  The second and equally important aim of this class is to develop a "provable-security" paradigm of approaching any communication security problem.  This paradigm consists of (1) understanding the security *goal* of any protocol, i.e. understanding what properties a protocol needs to achieve to be considered secure, and (2) designing a protocol together with a *proof* that the protocol achieves these properties under some well-understood computational hardness assumptions, for example under the assumption that it is computationally hard to factor large composite numbers.

The aim of the course is to introduce some fundamental cryptographic tools in such a way so that (1) you will be able to specify the security needs of the system you are designing and use existing cryptographic mechanisms in such a way so that your security needs are met, and (2) you will be able to develop new cryptographic mechanisms and protocols yourself. 

To help further these goals, we'll end the class with conference-style presentations by the *graduate* students on some security/cryptography topic chosen by the student.

What this class is not about:

This class will not teach you all there is to know to make computers and networks secure.  Cryptography is only one layer in the stack of engineering issues that need to be solved to make computers and networks secure.  Computer security deals with lots of issues we will not touch on in the class, like buggy code, viruses, denial of service attacks, network monitoring techniques, preventing bad passwords, integrating various network services securely, and many more.  This class will  stay firmly on the layer of algorithms for the so-called "cryptographic primitives", i.e. the design of cryptographic tools like encryption, signatures, authentication.  While some of these tools will be probably very useful in solving any of the real-world security issues above, we will not be analyzing any such systems in this class.  On the other hand, we will often mention the real-world security issues like those listed above in motivating the security properties required of the cryptographic tools we will be designing.

Another note of warning is that in this class we will not concentrate on techniques used to design and analyze block ciphers (like DES or AES) and hash functions (like MD5 and SHA), although the class will offer you some insight into security of such constructions.  We will focus instead on public key crypto, but we will spend a few lectures on private key algorithms too.

Grading policy:



Problem sets are due at the beginning of the class.  You are not allowed to work on the homework problems together with other students.  You are also not allowed to consult solutions from previous years or solutions available on-line.  You are allowed to consult other sources, such as textbooks, lecture notes, or research papers, but you must clearly mark any material you reference.

Textbook and lecture notes:

The (recommended) textbook is Douglas R. Stinson's "Cryptography: Theory and Practice", which is available through the UCI bookstore.  It is very good as a reference for a lot of the material we will be covering, but we will not follow it in great detail, and a lot of the lecture material is not covered by Stinson. 

The primary source of the material will be the lecture notes and handouts which I will be posting on the web and distributing in class.


The formal prerequisites are ICS 6.A and ICS.161.  However, what you really need in general is this:

More specifically, you need the following:

Other UCI classes on cryptography:

This class is complimentary to the MATH.173A - 173B classes on number theory and cryptography which are taught by Prof. Margulies in the math department.  Having that class or any other preparation in number theory is a very good background for this class, but it is not necessary.  However, if you think you'd like to work on cryptography and security, and you do not have a strong background in number theory, I recommend that you take both classes this quarter.  Prof. Margulie's class is taught MWF 3-3:50 in ET 204, and the ICS students can either take it for a grade or pass/fail as a special topic course, ICS.299.

Security Seminar Announcement:

Students who want to learn more about crypto/security are encouraged to attend a weekly seminar of the SCONCE group, which takes place on Fridays 11:30-12:30, in ICS2 room 144.