This course offers an introduction to this fascinating subject. After a quick treatment of historic cryptographic schemes, we will set out the formal definitions to be able to investigate perfectlysecret and computationallysecure encryption, pseudorandomness, hash functions, and message authentication codes and block ciphers. While these primitives are referred to as symmetrickey primitives (because the involved parties use the same keys), another important class are publickey (or asymmetric) primitives which allow for publickey encryption and digital signatures. The most wellknown example is the widelyused RSA system.
If time allows, we will cover more advanced cryptographic notions such as secret sharing, bit commitment, zeroknowledge and multiparty computation.
Over the last years, cryptography has been transformed from an adhoc collection of mysterious tricks into a rigorous science based on firm mathematical grounds. Our treatment will therefore be rather formal and precise in the mathematical definitions. In particular, this is NOT a course in computer security. You will not learn how to break or hack systems. We will not teach you "how to secure your system"; cryptography is only one aspect of security.
There will be material and research articles to read which are not in the book. Here is a useful list of other text books and references by Jon Katz.
There will be homework exercises every week, handed out after the Tuesday lecture, to be handed in one week later before the start of the next lecture session. The answers should be in English. If you can, please send your solutions to Joachim (joachim@joachimschipper.nl) (LaTeXgenerated PDFs preferred, but readable scans of handwritten solutions are fine). Cooperation is allowed, but everyone has to hand in their own solution set in their own words.
Instead of a final exam, students are required to study a research paper about a topic not covered in class and give a 30minute presentation (20 minutes talk, 10 minutes questions) to the class in the week of 5 December. A list of possible topics is now online. For help in understanding the paper and preparing the presentation, students will have individual meetings with Joachim or Christian.
The final grade for the course consists by 2/3 of the average homework grade (ignoring the worst 2 grades) and 1/3 of the grade given for the final presentation.
Questions about the material are always welcome, and should be sent to Joachim.
6 Sep 
Overview of the course, historical crypto systems
Chapter 1 of [KL] (available online). 
13 Sep 
PerfectlySecure Encryption, Shannon's theorem
Chapter 2 of [KL] Homework, Slides (including possibly useful information about probability theory) 
20 Sep 
Computationally Secure PrivateKey Encryption and Pseudorandomness
Chapters 3.13.4 of [KL] Homework, Slides (including possibly useful information about polytime Turing machines) 
27 Sep 
Pseudorandom Functions and ChosenPlaintext Security
rest of Chapter 3 of [KL] 
4 Oct 
Message Authentication Codes, CBCMAC and CCA encryption
Chapters 4.14.5 and 4.9 of [KL] 
11 Oct 
CollisionResistant Hash Functions, MerkleDamgaard construction, Application to MACs
rest of Chapter 4 of [KL] 
18 Oct 
Practical Block Ciphers: DES and AES
Chapter 5 of [KL] 
midterm break: time to relax and enjoy reading New Directions in Cryptography by Whitfield Diffie and Martin Hellman, 1976. 

1 Nov 
PrivateKey Management and the PublicKey Revolution
Chapter 9 of [KL] 
8 Nov 
Algorithmic Number Theory
Chapters 7 and 8 of [KL] 
15 Nov 
PublicKey Encryption
Chapter 10 in [KL] (except of Section 10.5, El Gamal) 
22 Nov 
Homomorphic PublicKey Encryption: El Gamal and Paillier Encryption
Sections 10.5 and 11.3 in [KL] 
29 Nov 
Digital Signature Schemes: Definitions, RSA FullDomain Hash,
PublicKey Infrastructures
Sections 12.112.3, 13.3, 12.8 in [KL] 
Tuesday, 6 Dec  Student presentations (topics & schedule) 
Thursday, 8 Dec  Student presentations (topics & schedule). We begin at 10:30! 
13 Dec  No class, no exercises this week. Please hand in the homework by email. 
end of semester 