1 Official Yale course listing

2 Course Description

This course is about cryptography and its applications to the real world of computing. We think of cryptography primarily with respect to information security, but like any tool, it can be used for unanticipated purpuses such as blockchain and ransomware. Privacy and security are central to our emerging “information society”, and cryptography is a key technology for achieving them. It is also a fascinating field of study in its own right.

Information security, broadly defined, involves managing the collection, storage, and use of information. It includes issues of confidentiality, data integrity, availability, authenticity, and authority. Confidentiality refers to preventing information flow to unintended recipients. Data integrity ensures that information is correct and undamaged. Availability provides for information to be usable when needed. Authenticity identifies information with a source. Authority describes what actions are permitted by whom.

Because of the ease with which information can be copied and transmitted, traditional physical means of control are of limited efficacy. Cryptography gives a way to build logical controls on the flow of information that are largely independent of the physical properties of the media through which the data passes.

Information and computer security are broad fields that go way beyond what will be covered in this course. Privacy and information security are not simply technical problems but involve the legal, political, and social frameworks in which they are used. Computer security includes topics such as physical security, access restrictions, activity monitoring, and control of software defects. While some of these topics will be mentioned in passing, the focus of this course is to understand the uses and limitations of the cryptographic tools that have application to privacy and security.

3 Tentative Schedule

The course comprises eight modules, each consisting of roughly three lectures and a homework assignment.

1. Information Security
2. Classical Cryptography
3. One-key Cryptosystems
4. Two-Key Cryptosystems
5. Digital Signatures
6. Cryptographic Hash Functions
7. Authentication
8. Multiparty protocols

4 Course materials

Course Websites: This class will use two websites:

• Canvas: https://yale.instructure.com/courses/44181
• Zoo website: http://zoo.cs.yale.edu/classes/cs467/2020f/index.html

Canvas will be used for homework assignments and submissions, grading feedback, and emailed announcements. The Zoo website will be used for the detailed syllabus, handouts, lecture notes, general announcements, and other course-related materials. Some materials will be available on both sites.

Online Resources: Technical material on cryptography will be available in lecture notes and supplemented by several Yale-licensed e-books. This means you can read them online or download PDF’s and use them for free. The first two are nice introductions to cryptography, and you will see that there is considerable overlap between the two. The first tends to be more focused on basic cryptographic theory and the second is a bit more applied, but both are well written and useful for the material they cover.

The von zur Gathin book contains a wealth of material from the basics to fairly advanced. It is a good reference for filling in gaps in the lectures. It also contains fascinating historical material in the lettered chapters that are intermixed with the modern technical material!

• Christof Paar and Jan Pelzl, Understanding Cryptography, Springer, 2010, ISBN-13: 978–3–642–04100–6, ISBN-10: 364204100. Available at Yale as a licensed online book.
• Kościelny, Czesław, Kurkowski, Mirosław, Srebrny, Marian, Modern Cryptography Primer, Springer, 2013, ISBN 978–3–642–41386–5. Available at Yale as a licensed online book.
• Joachim von zur Gathen, CryptoSchool, Springer, 2015, Online ISBN 978–3–662–48425-8. Available at Yale as a licensed online book.

Additional references: Additional references can be found on the Zoo website under Resources. It will be updated from time to time during the term.

5 Course Mechanics

Prerequisites: This course will be taught at an advanced undergraduate level. It assumes a familiarity with basic concepts of mathematics and computer programming such as are covered in CPSC 202 and CPSC 223. Some C/C++ programming will be required.

Requirements: Course requirements include written homework and papers, problem sets and programming assignments, class engagement, and other assessment activities. The weights of each in determining the course grade will depend on the number and difficulty of the assignments actually given.

In order to measure class engagement, I ask that everyone write at least one question or comment into the Zoom chat window during each class. That will let me know who attended class that day and was engaged in the material to at least that extent.

Assignments and other announcements: Written assignments and announcements will be posted from time to time on the on the Zoo website or on Canvas, generally on both.

Help with the Course: The teaching fellow (TF) for this course is Talley Amir. She will be holding scheduled office hours during the term. Times will be announced on Canvas. She can also be reached by email. You are encouraged to contact her with questions about the grading, lectures, textbook, and problem sets.

I am also happy to offer help by email and will try to establish regular office hours via Zoom once the term gets underway.

6 Policies

Late Policy: Assignments will be due at 11:59 pm on the night of the stated due date. Late work will generally be subject to a penalty of 5% per day late unless accompanied by a Dean’s excuse. A 2-hour grace period following the original due date will be granted during which no late penalty will be assessed. However, there will be no grace period in counting the number of days late for assignments turned in after the grace period. Work more than 4 days late will not be accepted, but alternative means for making up missed work may be arranged on an individual basis with a Dean’s excuse.

Please contact the instructor or TF as soon as you know that you will be unable to submit work on time or to attend a scheduled test so that suitable makeup arrangements can be made.

Policy on Working Together: This course follows the Yale College Undergraduate Regulations policies regarding cheating, plagiarism, and documentation, with which you should familiarize yourself. Briefly, if you use someone else’s work, you must acknowledge it. If it’s a piece of code, place the acknowledgment in your source file and explain clearly what parts are not your own. Similarly, if it’s in a paper, the acknowledgment belongs in the paper itself. All work not so acknowledged must be your own.

You may of course discuss the lectures and readings with your classmates in order to improve your understanding of the subject matter. Helping each other learn to use the tools in the Zoo is also okay. However, the design and implementation of all programs and all submitted work must be your own except where other sources are explicitly noted.

You must never let another student see your work, either before or after the due date of the assignment. Sometimes you may be tempted to “help” your friends by letting them see your solution. Don’t! This doesn’t help them. To the contrary, it allows them to avoid the hard work of learning the material and deprives them of the educational experience they came to Yale to get.

You are always free (and encouraged) to come in and ask the TA or instructor for help about anything concerning the course. Please talk to the instructor if you have any questions about this policy.

Avoiding Plagiarism: You may neither copy from another student nor permit your own work to be copied, unless explicit permission is given for such collaborations. If your work is found in the possession of another student, you and the other student are equally guilty of plagiarism. To avoid unintended involvement in plagiarism, your work should never be in the possession of another student. Do not ask someone else to deliver or pick up your work. Do not let another student “borrow” your code to compare with theirs. Keep your files protected so that others cannot read them and carefully guard your password. Do not leave printed work in public areas such as the Zoo or in accessible wastebaskets. If you think your password may have been compromised, you must change it immediately and notify the instructor.

Policy on Computer Problems: The Yale College policy on “Use of Computers and Postponement of Work” in the Yale College Programs of Study, Academic Regulations, applies to this course. It is reproduced below.

Particularly relevant for this course are the cautions against leaving a programming assignment to the last minute when machines might be busy, printers broken, and so forth, and about safeguarding your data.

7 Computing Facilities

The Zoo: This course will use the Computer Science Department’s educational computing facility, affectionately known as the Zoo. This facility contains modern workstations running Fedora 32 Linux. You will need to use these machines to prepare some of the coursework. A Zoo account will be automatically created for you if you don’t already have one when you register as a shopper for this course.

These days, most of you have your own laptops and may be wondering why you should be bothered with using a new computer system. The answer is because code development software is still not completely compatible across multiple platforms. If it works on your Mac or Windows PC but fails when the graders run it on the Zoo, you will lose points. If you ask for help with compiler errors on your personal machine, we might not be in a position to answer your questions. If you lack needed software that has been installed on the Zoo for your use, you’re on your own. In short, develop your code on the Zoo! Regardless of where the code is developed, your assignments will be graded according to how well they work on the Zoo. Submission of assignments will be through Canvas.

Because of COVID-19 restrictions, in-person access to the Zoo is not allowed, so all access will need to be remote. The Zoo machines support remote access via the SSH and VNC protocols. The FastX client in the Yale Software Library is supposed to allow remote use of graphics applications, but it has not been verified to work as of the date of this syllabus.

Course directory: The shared course directory, /c/cs467, is located on the Zoo server. You can access it from your Zoo course account. It will contain any software needed for this course and miscellaneous documentation and files. Public files there can also be accessed via the web.