Cryptanalysis (SS 2022)

Course Number 705068 | Sommersemester 2022

Cryptanalytic attacks and how they guide cryptographic design

Lecturers

Maria Eichlseder

Table of Content

Content

Cryptanalytic attacks define the security of cryptographic algorithms, and understanding them is crucial to understand cryptographic design. This lecture aims to give you some in-depth knowledge of several recent state-of-the-art topics in cryptography, with a focus on cryptanalysis:
  • Classic and quantum algorithms for factoring and discrete log
  • Cryptanalysis of block ciphers (differential, linear, algebraic)
  • Cryptanalysis of hash functions and stream ciphers
  • Lattices and continued fractions in cryptanalysis
In the exercises, you will implement some of these attacks to solve cryptanalytic challenges. In the seminar, additional selected topics may be presented by participants -- see below for a list of suggested topics.

Material

Lecture and Seminar

Date Who Lecture (16:00-17:30 in HS i1) Video (2021)
03.03.2022 ME L1 – Factoring and Continued Fractions YouTube
10.03.2022 ME L2 – Discrete Logarithm YouTube
17.03.2022 MS L3 – Quantum Cryptanalysis YouTube
24.03.2022 RW L4 – Lattices YouTube
31.03.2022 MS L5 – TLS security & Protocol Attacks YouTube
07.04.2022 MN L6 – Differential Cryptanalysis YouTube
28.04.2022 ME L7 – Linear Cryptanalysis YouTube
05.05.2022 ME L8 – Advanced Differential Attacks YouTube
12.05.2022 MS L9 – Sponges & Stream Ciphers YouTube
19.05.2022 MS LA – Algebraic Attacks YouTube
02.06.2022 you Seminars (T1, T2, T6)
09.06.2022 you Seminars (T7, T8)
23.06.2022 Seminars
30.06.2022 you Exam
We have two guest talks this year by Roman Walch (L4) and Marcel Nageler (L6). All videos from SS 2021 are listed in the YouTube playlist.

Exercises

Date Topic Where
17.03.2022 Team registration deadline TeachCenter
17.03.2022 T1 – Asymmetric Cryptanalysis After L3 in HS i1
28.04.2022 T1 – Submission deadline (23:59) git
05.05.2022 T1 – Assignment interviews (individual slots) Office
05.05.2022 T2 – Symmetric Cryptanalysis After L8 in HS i1
09.06.2022 T2 – Submission deadline (23:59) git
15.06.2022 T2 – Assignment interviews (individual slots) Office
23.06.2022 T2 – Assignment interviews (individual slots) Office

Administrative Information

Exercises (KU)

In the exercises, you implement cryptanalysis techniques from the lecture in teams of 2. To get a grade, you submit your implementations for 2 assignments, which we will discuss with you in a final interview ("Abgabegespräch"). Use TeachCenter to register your team and git for your submissions. We usually won't need the 16:30–17:15 KU timeslots (except for question times and seminar presentations).

Lecture exams and seminar talks (VO)

There are 2 ways to get a grade for the VO:
  • Exam mode: Write exam at the end of the term or take an oral exam later. Register for an exam date in TUGRAZonline or contact us if none is available.
  • Seminar mode: Participate actively in KU+VO and give a seminar presentation in one of the last lectures (30 minutes) accompanied by a short report (10 pages) in your team, for example on
    • Block Ciphers: Division Property | MitM and Biclique Attacks | Boomerang Attacks | ...
    • Hash Functions: Rebound Attack | Cryptanalytic Exploits (MD5 Certificates etc.) | ...
    • Authenticated Encryption: Security Proofs and Robustness | ...
    • RSA: (In)Security in Practice | Secure Key Generation | ...
    • Post-Quantum: Coding-based Cryptography | Lattices and Learning with errors | ...
    • Implementation Security: Secure Masking | Statistical Ineffective Fault Attacks | ...

COVID-19 Info

All lectures and exercises are conducted in presence this year. From the virtual lecture in SS 2021, recordings are available on Youtube. Exercise interviews and question hours will be conducted either in presence or on Discord, where you can also ask written questions at any time. For the optional seminar talk, you will have the choice between online and live presentations if conditions permit. The alternative is a written on-campus lecture exam.

Literature

The lecture slides are reasonably self-contained, but often briefly phrased. If you prefer full-text resources, you may find some of the following books interesting:

Lecturers

Maria Eichlseder
Maria
Eichlseder

Assistant Professor

View more