This is the first course in Cryptography. It is about the state-of-the-art principal cryptographic algorithms currently used for computer system security purposes. This course is an essential element in building the competencies of a cybersecurity expert, as the technological solutions in cybersecurity strongly rely on the use of cryptography. Indeed, superficial knowledge of the cryptographic primitives can lead to decisions and designs resulting in a weak level of protection and a higher exposition to cyber-attacks.

Students are expected to acquire: • knowledge of the mathematical foundations, e.g. modular arithmetic, needed to understand the cryptographic algorithms as explained in official standards such as NIST SP-Recommendations or FIPS. • knowledge of symmetric cryptography primitives like Block Ciphers, Stream Ciphers, and Hash Functions; • knowledge of the asymmetric cryptosystems used, for instance, for exchanging keys or building Public Key Cryptography; • knowledge of the main protocols used in different fields like Commitments, (Blind) Digital Signatures, SRP, and SAE; • knowledge of the main programming libraries for implementing cryptography algorithms both in C and Python; • abilities to discern the correct cryptographic algorithms to use, depending on the field of application; • abilities to discover flaws in basic cryptographic protocols and when the cryptographic primitives are misused; • knowledge about the main classes of attacks against the presented cryptographic algorithm;

Basics of Linux and programming in C and basics of Python. Basics of computer security. Basics of linear algebra as in courses of "Linear Algebra and Geometry" of the first year of the Bachelor.

Basics of Cryptography and Cryptanalysis: • Kerckhoff's principle. • Computationally infeasibility or feasible. Brute Force • Concept of crypto primitives. • Attacks models : COA, KPA, CPA, CCA . • Indistinguishability goals IND . • Confidentiality, Authentication, Integrity and Nonrepudiation. Cryptographic programming: • use of cryptographic primitives in C; • use of cryptographic primitives in Python; Use of Linux GPG (GNU Privacy Guard) commands. Basics of Modular Arithmetic and Elliptic curves. • Calculations in rings of remainders modulo n . The (mod n) notation. • Calculations in Galois fields modulo a polynomial G. • Algorithm to compute the inverse: Euclidean extended and Kuttaka. • Chinese Remainder Theorem (CRT). Euler's Totient function. • Equations of first and second order (mod n). Quadratic residues. Euler's criterion. • Finite and cyclic groups, generators and order. Lagrange's theorem. Fermat's little theorem. • Discrete logarithm problem. • Elliptic curves: definition and construction of the addition law. Symmetric Cryptography: • Block-Ciphers: Feistel and SP-networks. DES, AES; • Operations Modes: ECB, CBC, CTR, OFB, CFB, GCM, CCM; • Stream-Ciphers and PRNG: o ARX algorithms: RC4, Salsa, and Chacha20. o Permutation algorithm: Keccak Sponge PRNG • Hash Functions: o Merkle-Damgård construction. o ARX: SHA1, SHA2 o Permutation based: Keccak Sponge, SHA3 o Birthday's paradox • Message Authentication Codes (MAC). Length extensions attack and HMAC. Asymmetric Cryptography: • DH Key Exchange on finite fields. • DH on elliptic curves. • RSA. Rabin. ElGamal. Hybrid Encryption, KEM/DEM Paradigm. • Protocols: Commitments, (Blind) Digital Signatures, SAE, and SRP.

The course consists of 40 hours of lectures and 20 hours of exercises. The lectures are dedicated to covering the topics in the course syllabus. The exercises will follow the lecture topics; some will be conducted on the blackboard by the teaching staff, while others will require active participation from the students.

Serious Cryptography: A Practical Introduction to Modern Encryption Jean-Philippe Aumasson, No Starch Press, 2018. Understanding Cryptography, A Textbook for Students and Practitioners Paar, Christof, Pelzl, Jan, Springer-Verlag, 2010. Applied Cryptography: Protocols, Algorithms and Source Code in C Bruce Schneier, Wiley; 20th Anniversary edition,2015.

Slides; Dispense; Esercizi; Video lezioni tratte da anni precedenti;

Modalità di esame: Prova scritta in aula tramite PC con l'utilizzo della piattaforma di ateneo;

Exam: Computer-based written test in class using POLITO platform;

... Exam: A 60-minute written test held in class via PC, using the POLITO platform. A sample/demo of the written test will be available on the course’s Moodle platform (moodle.polito.it). During the written test, students may not consult books, notes, or any other learning materials. The written test is considered passed if the score is equal to or higher than 18/30. The exam results will be published on the teaching portal, along with the date when students can review their work and request clarifications.

Gli studenti e le studentesse con disabilità o con Disturbi Specifici di Apprendimento (DSA), oltre alla segnalazione tramite procedura informatizzata, sono invitati a comunicare anche direttamente al/la docente titolare dell'insegnamento, con un preavviso non inferiore ad una settimana dall'avvio della sessione d'esame, gli strumenti compensativi concordati con l'Unità Special Needs, al fine di permettere al/la docente la declinazione più idonea in riferimento alla specifica tipologia di esame.