Cryptography Engineering

Module aims

Course aims:

The purpose of this course is to teach students cryptographic techniques can be used to design and implement secure communicating systems for a variety of different needs and applications, and to do so by considering all aspects from theory to more practical issues. The course will first cover key principles of modern cryptography: information theory, block ciphers, message authentication codes, hash functions, public key cryptography, digital signatures, key management, and key distribution. Student will see these concepts used in building advanced secure communication systems or protocols secret sharing schemes, commitment schemes, oblivious transfer, zero-knowledge proofs, and secure multi-party computation.

Along the way, we will emphasise definitions of security and understand which cryptographic schemes have proven security and which ones rely on other assumptions such as those rooted in reductions to hard problems.

NOTE: at times, this course may not cover some of the aspects above in order to discuss a recent application of cryptography engineering, such as Bitcoin, Blockchain Technology, and Cryptocurrencies. Please check the piazza web page of the course for its contents in any given year.

Learning outcomes

Learning outcomes:

1. Use cryptographic primitives and describe their basic properties. [Usage] 

2. Illustrate how to measure entropy and how to generate cryptographic randomness. [Familiarity] 

3. Use public-key primitives and their applications and understand their limitations/vulnerabilities. [Usage] 

4. Explain how key exchange protocols work and how they may fail. [Usage] 

5. Model cryptographic protocols and analyze their security properties in a tool. [Usage] 

6. Design real-world applications of cryptographic primitives and protocols. [Usage]  

7. Summarize security definitions related to attacks on cryptographic primitives, including attacker capabilities and goals. [Familiarity] 

8. Apply appropriate known cryptographic techniques for a given scenario. [Usage] 

9. Appreciate the dangers of inventing one’s own cryptographic methods. [Familiarity]

10. Appreciate the motivation for secure multi-party computation [Familiarity] and understand the theory behind practical such schemes [Usage].

Module syllabus

Cryptographic primitives: pseudo-random number generators, block ciphers, pseudo-random functions, hash functions, message authentication codes, key derivation functions

Symmetric key cryptography: perfect secrecy and the one-time pad, modes of operation for semantic security and authenticated encryption (e.g. encrypt-then-MAC, OCB, GCM), message integrity (e.g. CMAC, HMAC)

Public key cryptography: trapdoor permutations (e.g. RSA), public key encryption (e.g. RSA, El Gamal), digital signatures, public-key infrastructures and certificates, hardness assumptions (e.g. integer factoring and Diffie-Hellmann)

Authenticated key exchange protocols (e.g. TLS)

Cryptographic protocols: challenge-response authentication, zero-knowledge protocols, commitment, oblivious transfer, secret sharing and applications, anonymity (may pick different protocols from that list in different instances of that module)

Security definitions and attacks on cryptographic primitives: goals (e.g. indistinguishability, unforgability, collison-resistance, cryptographic games, etc.) and attacker capabilities (e.g. chosen message attacks for signatures, birthday attacks, side channel attacks, fault injection attacks.

Formal Verification of Security Protocols: use of automated tools for modelling and analysing security properties of protocols

Advanced topics such as Secure Multi-Party Computations: secret sharing schemes and other techniques needed for defining such computations; presentation of one full scheme for secure two-party computations.

(OPTIONAL) Cryptographic standards and references implementations

(OPTIONAL) Quantum cryptography


A basic understanding of algebra, modular arithmetic, and the ability to understand the very basic theory of finite cyclic groups.

Teaching methods

Course background and delivery methods:

Students need to know basic number theory such as modulo arithmetic, basic facts about finite, cyclic Abelian groups, and facts about prime numbers; background material will be provided that students can consult prior to taking this module. Students will also be expected to be able to read pseudo-code and to have a general understanding of programming concepts. Learning material will be offered in terms of slides, notes, and (where appropriate) online material. Slides, notes and coursework will be distributed electronically and should be easily accessible on Tablets and rendered in PDF format.


*This is a level 7/M course

Reading list

Core Reading

Supplemental Reading