Budapest University of Technology and Economics, Faculty of Electrical Engineering and Informatics

    Belépés
    címtáras azonosítással

    vissza a tantárgylistához   nyomtatható verzió    

    Provable Security

    A tantárgy neve magyarul / Name of the subject in Hungarian: Bizonyított biztonság

    Last updated: 2017. január 30.

    Budapest University of Technology and Economics
    Faculty of Electrical Engineering and Informatics
    PhD Course
    Course ID Semester Assessment Credit Tantárgyfélév
    VIHID022   4/0/0/v 5  
    3. Course coordinator and department Dr. Vajda István,
    4. Instructors István Vajda    Professor    Department of Networked Systems and Services
    5. Required knowledge MSc level knowledge in Discrete Mathematics, Probability Theory and in Theory of Algorithms
    7. Objectives, learning outcomes and obtained knowledge This subject provides an introduction into the techniques of constructions of cryptographic primitives and protocols with formally provable security guarantees. In contrast to ad-hoc approaches in the usual practice.
    8. Synopsis 1. week:  Paradigms in provable security:  Algorithmic reduction, algorithmic indistinguishability, simulatability.  Security by indistingushability (security game) vs. security by simulation of ideal functionality.
    2. week: Standard secure cryptographic primitives: Public key encryption: semantic security, message-indistinguishability (IND-CPA, IND-CCA2), non-malleability. Digital signature. Message authentication.
    3. week: Standard secure cryptographic protocols: Stand-alone setting. GMW oblivious transfer protocol. Fiat-Shamir party authentication protocol.
    4. week: Secure Multiparty Computation. Secure function evaluation.
    5. week: Universal composability (UC): Modular composition. Concurrent setting. UC-security vs. non-concurent (stand-alone) security.
    6. week: Models in the UC security framework: Computational model. Model of protocol execution. Bare model. Plain model. Trusted setups and trusted third parties.  Adversarial models. Hybrid protocol.
    7-10. week: Ideal functionalities and trusted setup models in the UC:  Authenticated communication. Secure communication channel. Key exchange. Public key encryption. Digital signature. Commitment. Oblivious transfer. Remote coin tossing.  Zero knowledge proofs (ZKP). Secure function evaluation.  The Common Reference String and Key setup models.
    11. week: The UC composition theorem.
    12. week: UC with joint state (JUC).
    13. week: Realizability issues in the UC framework.
    14. week: Protocol applications: E-voting, E-auction.  

    9. Method of instruction lectures with plenty of analysis/construction examples
    10. Assessment a. During the semester: One in-class test (ZH) in the second half of the semester.
    Condition for the signature is the pass mark of ZH test (40% above). There is a possibility to rewrite the in-class test (ZH). In the rectification period (repeat period) there is another (final) possibility to rewrite the in-class test (ZH).
    b. Examination: Oral exam.

    12. Consultations Consultation is possible at pre-arranged time.
    13. References, textbooks and resources - Goldreich: Foundations of Cryptography, Cambridge Press, 2004
    - R.Canetti: Universally Composable Security: A New Paradigm for Cryptographic Protocols, 2005
    - presentation slides

    14. Required learning hours and assignment
    Kontakt óra42
    Félévközi készülés órákra10
    Felkészülés zárthelyire20
    Házi feladat elkészítése 
    Kijelölt írásos tananyag elsajátítása 
    Vizsgafelkészülés48
    Összesen120
    15. Syllabus prepared by István Vajda    Professor    Department of Networked Systems and Services