Handouts

All handouts in the course will be available here.

General Information

• Course description.
• Instructions for talks.
• Rules for solving problems and handing in solutions.

• Example of compiled solution set and the corresponding LaTeX source. Note that this is an example that should not be used to typeset any real set of solutions. It is only used to illustrate what is expected from students. There will be a separate template for each homework.

Latex and Running Ubuntu on Windows

• The Not So Short Introduction to LaTeX (see also the template above).
• VM Ware Player (free for non-commercial use)
• Download Ubuntu ISO-file
• ubuntu.tar.gz

To install Ubuntu in your VM Ware player, start the player, create a new virtual machine, and browse for the ISO-file. All you need to do is enter your name and password, the rest is taken care of by VM Ware player. When this is done you open a browser inside your Ubuntu and download ubuntu.tar.gz from this page. Look inside the scripts and comment out the things you do not want, the script is reasonably well documented.

Homework

• Homework 1.

  Problem 1a). You may view the output of A as its guess of which oracle it has access to.

  More precisely, suppose that A attempts to output 1 if and only if it has access to R. If A gives output 1 with roughly the same probability regardless of which oracle it has access to, then it can not distinguish which oracle it has access to.

  This is a general principle used in many definitions of security for various notions (we will see more examples of this in the course). The goal of the problem is to work with negligible functions and oracle Turing machines and gain experience with indistinguishability-based definitions of security.

  We thank Alex Loiko for asking us to clarify this.

  Problem 8d). The notion of pseudo-random permutation used is the one where the adversary has access to two oracles: one for evaluating the permutation and one for evaluating its inverse. This corresponds to a cipher for which we can mount both chosen plaintext attacks and chosen ciphertext attacks. If only the permutation-oracle is available (and not the inverse-oracle), then three rounds suffice, so the distinction is important.

  We thank Alex Loiko for asking us to clarify this.

  Problem 3. Note that the input and output in this problem is binary.

  We thank Bastian Fredriksson for pointing out these issues.

  solution_template_homework1.tex

• Homework 2.
  solution_template_homework2.tex
• Homework 3.
• Homework 4.

Slides From Lectures

• Lecture 1.
• Lecture 2.
• Lecture 3.
• Lecture 4.
• Lecture 5. (Much of the material was on the blackboard this day.)
• Lecture 6.
• Lecture 7.
• Lecture 8.
• Lecture 9.
• Lecture 10.
• Lecture 11.
• Lecture 12.
• Lecture 13.
• Lecture 14. CANCELED FOR NOW. WE WILL TRY TO FIND A NEW DATE!
• Lecture 15. NOTE THAT THIS LECTURE HAS BEEN MOVED FROM 13:00 TO 10:00. Guest lecture by Mats Näslund, Ericsson Research. This is always interesting and appreciated by the students. Mats describes several real world examples of issues and solutions found in real mobile networks and covered in the course. He also describes the security solutions found in next generations' mobile networks.

  Feel free to invite your friends that do not follow the Krypto15 course. Parts of this lecture is accessible to students that followed the computer security course or a simply interested in the topic.