Course Number 705068 and 705069 | Sommersemester 2021

Cryptanalytic attacks and how they guide cryptographic design


Cryptanalytic attacks define the security of cryptographic algorithms, and understanding them is crucial to understand cryptographic design. This lecture aims to give you some in-depth knowledge of several recent state-of-the-art topics in cryptography, with a focus on cryptanalysis. Topics to be covered include:

  • Modern algorithms for factoring
  • Cryptanalysis of block ciphers
  • Cryptanalysis of hash functions
  • Algebraic attacks
  • Lattices and continued fractions in cryptanalysis
  • Multi-party computation

In the exercises, you will implement some of these attacks to solve cryptanalytic challenges.

In the seminar, additional selected topics may be presented by participants — see below for a list of suggested topics.

COVID-19 Exam Rules

To comply with the TU Graz COVID-19 guidance, the exams held during summer term 2020 will follow special rules.
The written exam dates have fewer seats available; we will adjust the number of exam dates according to demand.
If you are reluctant to participate in an on-campus exam (e.g., risk group), contact to arrange a virtual oral exam.

The question format and general rules (90 minutes, closed-book, etc.) for the written exams remain unchanged, but please observe the TU Graz hygiene guidelines (see below).
Virtual oral exams are conducted via WebEx and obviously cover the same content, but the question format and duration is adapted for the medium (shorter, more interactive, order of questions set by examiner).

You can find upcoming exam dates in TUGRAZonline. If no upcoming dates are listed, ask us!

Further information:


Lecture slides

Date Who Topic
05.03.2020 DK L1 – Factoring and Continued Fractions
12.03.2020 DK L2 – Secure Multi-Party Computation 1
19.03.2020 DK L3 – Secure Multi-Party Computation 2
26.03.2020 ME L4 – Lattices
02.04.2020 ME L5 – Differential Cryptanalysis
23.04.2020 ME L6 – Linear Cryptanalysis
30.04.2020 ME L7 – Tools for Cryptanalysis
07.05.2020 MS L8 – Algebraic Attacks
14.05.2020 CR L9 – Hash Function Cryptanalysis
28.05.2020 MS L10 – Advanced Differential Attacks
25.06.2020 ME Conclusion
Exam Questions


Date Who Topic
04.06.2020 T4 S1 – Password Hashing
04.06.2020 T7 S2 – Authenticated Encryption: OCB
18.06.2020 T6 S3 – Post-Quantum Crypto
18.06.2020 T5 S4 – (Fully) Homomorphic Encryption
25.06.2020 T2 S5 – Algebraic Attacks


Date Topic
19.03.2020 T1 – Asymmetric Cryptanalysis and MPC (assignment, skeleton)
23.04.2020 Q1 – Asymmetric Cryptanalysis and MPC, Question Session (slides)
07.05.2020 T2 – Symmetric Cryptanalysis (assignment, slides)
04.06.2020 Q2 – Symmetric Cryptanalysis, Question Session (slides, tikz)

Previous versions of this course:

Administrative Information

  • Important dates and deadlines

    Date Event
    01.03.2020 VO/KU registration deadline (TUGRAZonline)
    19.03.2020 Team registration deadline (STicS)
    19.03.2020 Assignment 1 release
    23.04.2020 Assignment 1 question time
    30.04.2020 Assignment 1 submission (23:59)
    07.05.2020 Assignment 2 release
    04.06.2020 Assignment 2 question time
    12.06.2020 Assignment 2 submission (23:59)
    02.07.2020 VO written exam

    Exercises (KU)

    In the exercises, you implement cryptanalysis techniques from the lecture in teams of 2. To get a grade, you submit your implementations for 2 assignments, which we will discuss with you in a final interview (“Abgabegespräch”). Use the Student Tick System (STicS) to register your team and upload your submissions. We usually won’t need the 16:30–17:15 KU timeslots (except for question times and seminar presentations).

    Lecture exams and seminar talks (VO)

    There are 2 ways to get a grade for the VO:

    • Exam mode: Write exam at the end of the term or take an oral exam later
    • Seminar mode: Participate actively in KU+VO and give a seminar presentation in one of the last lectures (45 minutes)

    You can find the exam dates and registration in TUGRAZonline.

    Suggested seminar topics include:

    • Discrete Logarithm Problem
    • Block Ciphers: MitM Attacks, Biclique, etc.
    • Block Ciphers: Lightweight Crypto
    • Block Ciphers: Statistical Attacks
    • Block Ciphers: Division Property
    • Hash Functions: Multi-Collisions
    • Hash Functions: Rebound Attack
    • Authenticated Encryption: Modes, Robustness, Security notions, etc.
    • Authenticated Encryption: Permutation-based Cryptography, Tweakable Block Ciphers, etc.
    • Algebraic Attacks: Gröbner Basis, etc.
    • Elliptic-Curve Cryptography: Advanced topics
    • Lattices: The NTRU cryptosystem
    • Lattices: Learning with errors
    • Selected Topics: Tools in Symmetric Crypto (MILP, SAT, etc.)
    • Selected Topics: Backdoors in Cryptography
    • Selected Topics: Password Hashing
    • Selected Topics: Secure Multi-Party Computation
    • Selected Topics: (Fully) Homomorphic encryption
    • Selected Topics: Error correcting codes and cryptography


    The lecture slides are reasonably self-contained, but often briefly phrased.
    If you prefer full-text resources, you may find some of the following books interesting:


Maria Eichlseder

Assistant Professor

View more
Christian Rechberger


View more
Daniel Kales

PhD Student

View more
Markus Schofnegger

PhD Student

View more