Introduction to (Post-)Modern Cryptography - FS20, USI

Course information

Time Room Professor(s)

Friday 12:30 - 13:45 SI-007 → Cecilia Boschini (→ Stefan Wolf)

Subject of this seminar

As seen in the case of the COVID-19 contact-tracing apps, one of the hardest tasks when designing a service that collects and processes users' data is putting in place measures to protect such data. This is done through cryptographic protocols. Their design requires to investigate many aspects, both technical and ethical, to identify what data has to be protected and from whom, and to prevent the service to be (ab)used for surveillance purposes. The goal of this course is to introduce the approach (i.e., provable security) and tools (e.g., encryption schemes, digital signatures, ZK proofs) that can be used in this scenario.

After an introductory part by the teacher, the course is carried out as a seminar, where each participant presents a research article in a talk. Lectures will be 2 hours long, once a week or every other week. There is no attendance condition. The grade is derived only from the talk of the students, so there will not be any final exam. No particular background knowledge is required.

Students unhappy with the pre-selected papers can always propose one of their own choice. For questions please contact Xavier Coiteux-Roy or Cecilia Boschini.

Preliminary list of papers

Papers Date and speakers
[1]Mass-surveillance without the State: Strongly Undetectable Algorithm-Substitution Attacks., Mihir Bellare, Joseph Jaeger, Daniel Kane (In CCS 2015) PDF
[2]Ratcheted Encryption and Key Exchange: The Security of Messaging., Mihir Bellare, Asha Camper Singh, Joseph Jaeger, Maya Nyayapati, Igors Stepanovs (In CRYPTO 2017) PDF
[3]A Concrete Security Treatment of Symmetric Encryption., Mihir Bellare, Anand Desai, E. Jokipii, Phillip Rogaway (In FOCS 1997) PDF
[4]A forward-secure digital signature scheme., Mihir Bellare, Sara K. Miner. (In CRYPTO 1999) PDF
[5]Security of Symmetric Encryption against Mass Surveillance., Mihir Bellare, Kenneth G. Paterson, Phillip Rogaway (In CRYPTO 2014) PDF
[6]Random Oracles are Practical: A Paradigm for Designing Efficient Protocols., Mihir Bellare, Phillip Rogaway (In CCS 1993) PDF
[7]Forward-Security in Private-Key Cryptography., Mihir Bellare, Bennet S. Yee (In CT-RSA 2003) PDF
[8]Why Textbook ElGamal and RSA Encryption Are Insecure., Dan Boneh, Antoine Joux, Phong Q. Nguyen (In ASIACRYPT 2000) PDF
[9]Breaking RSA May Not Be Equivalent to Factoring., Dan Boneh, Ramarathnam Venkatesan (In EUROCRYPT 1998) PDF
[10]Off-the-record communication, or, why not to use pgp., Nikita Borisov, Ian Goldberg, and Eric A. Brewer (In WPES 2004.) PDF
[11]The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability., David Chaum (In Journal of Cryptology 1988) PDF
[12]Undeniable Signatures., David Chaum, Hans Van Antwerpen (In CRYPTO 1989) PDF
[13]Untraceable Electronic Cash., David Chaum, Amos Fiat, Moni Naor ( In CRYPTO 1988) PDF
[14]Group Signatures., David Chaum, Eugène van Heyst (In EUROCRYPT 1991) PDF
[15]A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms., Taher El Gamal (In CRYPTO 1984) PDF
[16]Cryptographic Assumptions: A Position Paper., Shafi Goldwasser, Yael Tauman Kalai (In TCC 2016) PDF
[17]New directions in Cryptography., Whitfield Diffie, Martin E. Hellman (1976.) PDF
[18]A Public-Key Cryptosystem Based on Algebraic Coding Theory., Robert J. McEliece (1978) PDF
[19]A Hard-Core Predicate for all One-Way Functions., Oded Goldreich, Leonid A. Levin (In STOC 1989) PDF
[20]The knowledge complexity of interactive proof systems., Shafi Goldwasser, Silvio Micali, Charles Rackoff (In STOC 1985) PDF
[21]A Paradoxical Solution to the Signature Problem (Abstract)., Shafi Goldwasser, Silvio Micali, Ronald L. Rivest (In CRYPTO 1984) PDF
[22]A Method for Obtaining Digital Signatures and Public-Key Cryptosystems., Ronald L. Rivest, Adi Shamir, Leonard M. Adleman (1978) PDF
[23]The Moral Character of Cryptographic Work., Phillip Rogaway (2015) PDF
[24]How to Share a Secret., Adi Shamir (1979) PDF
[25]A mathematical theory of communication., Claude E. Shannon (1948) PDF