CS 290G: Advanced Topics in Cryptography (Fall 2017)
Instructor: Huijia (Rachel) Lin, rachel.lin(at)cs(dot)ucsb(dot)edu
Class time and location: MW 11:00am12:50pm, Phelps 2510
Office hours: Mon 4:305:30pm or by appointment, HFH 1153
Piazza: We will be using Piazza for classrelated discussions. https://piazza.com/ucsb/fall2017/cs292f/home.
Course Description
This class is meant to open to you research in Cryptography, both theoretical and applied. To do so, the class will involve reading research papers, reviewing them, discussing them, and doing a project.
Course Setups and Requirements: At the beginning of the course, I will give some lectures on the bare basics of cryptography for 4 lectures.
Next, the class will move to reading research papers. In each class, we will read one or two papers. Two students will be assigned as the lead, who will be responsible in understanding the papers thoroughly (collaboration is recommended), and do the following:
 Write down reviews for the papers, which summarize and evaluate the papers. The review must be typed using Latex and submitted 12 hours before the class on Piazza.
 Prepare and give together a 1 hour presentation of the papers (you can use the board, but slides are recommended). There is no restriction on the forms of presentation. You can present sequentially, each 30 minutes, or act a play together, or anything else.
 Lead a discussion in the remaining 30 minutes of the class about the strength and weakness of the paper, and open questions following the paper.
What papers will we read? There are many exciting research directions in theoretical and applied cryptography, such as, the following ones and many others.
 Crypto Currency (BitCoin)
 Program Obfuscation
 Computing over encrypted data
 Verifiable Computation (SNARK)
 Cryptographic protocols (Multiparty computation, TLS/SSL)
 Passwordbased Cryptography
I will publish an initial list of papers of my choice. But you should also contribute to the list. One first task to you is contributing to the list, by the end of the second week, as many papers you recommend, and at least one. You can find interesting papers on cryptography in top crypto venues (EuroCrypt, Crypto, TCC) or in top security venues (Security and Privacy, Usenix Security, CCS, NDSS). You do not need to be restrcted to the topics mentioned above, but the paper must be related to crypto.
Assignment of lead students Then I will pick a subset of the papers from our list and assign two lead students to papers. You can swap assigned papers between youselves, as long as, both parties agree. You need to report back to me which papers you are the lead for by the end of the third week. We have 10 classes for paper reading. This means suppose there are 10 students in class, each student will be lead twice. If there are more students, we will assign more lead students per class.
Projects Another component of the class is project. You can form teams of two for the project. There are two milestones.
 By the end of the 6th week, you need to decide on your project, and submit to me a project proposal about what your project is and why it is a meaningful project.
 By the middle of the final week, you need to hand in the final report.
Final assessment will depend on a combination of presentation 40%, inclass participation 20%, and final project 40%.
Initial List of Papers
BitCoin and Distributed Concensus
 BitCoin Specification in the book
 Zerocash: Decentralized Anonymous Payments from Bitcoin
 SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies
 Paxos Made Simple
 Catena: Efficient Nonequivocation via Bitcoin
 Verifying Computations without Reexecuting Them
 Pinocchio: Nearly Practical Verifiable Computation
 IntegriDB: Verifiable SQL for Outsourced Databases
 Deterministic Encryption
 OrderPreserving Encryption
 Dynamic Searchable Encryption in VeryLarge Databases: Data Structures and Implementation
 LeakageAbuse Attacks Against Searchable Encryption
 Dynamic Proofs of Retrievability Via Oblivious RAM
 Improved Reconstruction Attacks on Encrypted Data Using Range Query Leakage
 Path ORAM: An Extremely Simple Oblivious RAM Protocol
 On the (im)possibility of obfuscating programs
 How to Use Indistinguishability Obfuscation: Deniable Encryption, and More
 Differential Privacy
 Basic Algorithms in the book The Algorithmic Foundations of Differential Privacy
 Stealing Machine Learning models
 RAPPOR: Randomized Aggregatable PrivacyPreserving Ordinal Response
 Twoparty Computation Basics, Lecture Notes
 Twoparty and Multiparty Computation Basics, Lecture Notes
 Improving Yao's Garbled Circuits
 From Mental Poker to Core Business: Why and How to Deploy Secure Computation Protocols?
 SecureML: A System for Scalable PrivacyPreserving Machine Learning
 The Swiss Army Knife of Cryptography
 A fully homomorphic encryption scheme
 A functional encryption scheme from public key encryption
Schedule
This will be filled when we finalize the assignment of papers.
Week  Date  Lecture contents  Format  

1  20171002 

Lecture  
20171004 
Basics II

Lecture  
2  20171009 
Basics III

Lecture  
20171011 
Basics IV

Lecture 


3  20171016 


20171018 
Basics V

Lecture 


4  20171023 

Student Presentation  
20171025 

Student Presentation  
5  20171030 

Student Presentation  
2017111 

Student Presentation  
6  20171106 
 Student Presentation  
20171108  Student Presentation  Project Proposal Due  
7  20171113 
 Student Presentation  
20171115 
 Student Presentation  
8  20171120 

Student Presentation  
20171122 


9  20171127 

Student Presentation  
20171129 
 Student Presentation  
10  20171204 
 Student Presentation  
20171206 

Student Presentation  
11  20171213  No Class  Final Report Due 