| week # | TOPICS | Lecture notes | scribe notes |
|---|---|---|---|
| 1 | L1: Overview of the Course. The "Classic" Definitional Framework of Multiparty Function Evaluation (along the lines of [C00]): Motivation for the Ideal-Model Paradigm. L2: The Basic Definition of Security. Variants. | (PDF) | L1-L2: "Universal Composability" by Yoav Yerushalmi and Steve Weis (PDF) |
| 2 | L3: The Non-Concurrent Composition Theorem. Example: Casting Zero-Knowledge within the Basic Definitional Framework. The Blum Protocol for Graph Hamiltonicity. L4: Sequential Composability of Zero-Knowledge. Problems with Non-Sequential Composability of Commitments and Zero-Knowledge. | (PDF) | L3-L4: "Universal Composability" by Yael Tauman Kalai and Abhi Shelat (PDF) |
| 3 | L5: Theory of Cryptography Conference (TCC) L6: Theory of Cryptography Conference (TCC) (cont.) | ||
| 4 | L7: The Universally Composable (UC) Security Framework: Motivation and the Basic Definition (based on [C01]). L8: Alternative Formulations of UC Security. The Universal Composition Theorem. Survey of Feasibility Results in the UC Framework. | (PDF) | L7: "The Universal Composability Framework - Definitions" by Vinod Vaikuntanathan (PDF) L8: "The Dummy Adversary" by Jonathan Herzog (PDF) |
| 5 | L9: UC Commitments: Motivation. The Ideal Commitment Functionality. Impossibility of Realizations in the Plain Model. L10: UC Commitment in the Common Reference String Model (based on [CF01]). Realizing the Ideal Commitment Functionality. The Multi-Commitment Functionality and Realization. | (PDF) | L9: "UC Commitments and Other Feasibility Results" by Susan Hohenberger (PDF) |
| 6 | L11: UC Zero Knowledge from UC Commitments. Secure Realization of any Multi-Party Functionality with any Number of Faults: The Semi-Honest Case. (Static, Adaptive, Two-Party, Multi-Party.) L12: Secure Realization of any Functionality: The Byzantine Case. The Case of Honest Majority without Set-Up. | (PDF) | L11: Chris Peikert (PDF) L12: Dah-Yoh Lim (PDF) |
| 7 | L13: Universal Composition with Joint State. L14: UC Signatures. Equivalence with Existential Unforgeability Against Chosen Message Attacks (as in [GMRi88]). Usage for Certification and Authentication. | (PDF) | L13-L14: "JUC; UC Signatures and Authentication" by Yoav Yerushalmi and Steve Weis (PDF) |
| 8 | L15: Authenticated Key Exchange and Secure-Session Protocols. L16: UC Formulation of Public-Key Encryption. Equivalence with CCA Security. | (PDF) | |
| 9 | L17: Electronic Voting/Introduction L18: Electronic Voting/Introduction (cont.) | L17: "Introduction to Electronic Voting" by Ben Adida (PDF) L18: "Mix-Net Voting Systems" by Yael Tauman Kalai (PDF) | |
| 10 | L19: Verifiable Mix-Nets L20: Verifiable Mix-Nets (cont.) | L19: "Verifable Mix-Net Voting" by Susan Hohenberger (PDF) L20: "Verifable Mix-Nets" by Matt Lepinski (PDF) | |
| 11 | L21: Verifiable Mix-Nets (cont.) L22: Verifiable Mix-Nets (cont.) | L21: "Neff (VoteHere) Voting Scheme" by Chris Peikert (PDF) L22: "Voter Verification in Mix-Net Voting Systems" by Yael Tauman Kalai (PDF) | |
| 12 | L23: Chaum's Voting Scheme L24: Chaum's Voting Scheme (cont.) | L23: "Chaum's Election Scheme" by Yoav Yerushalmi (PDF) L24: "Neff Voting" by Abhi Shelat (PDF) | |
| 13 | L25: Pairing-Based Cryptography L26: Pairing-Based Cryptography (cont.) | L25: "Pairing-Based Cryptography" by Ben Adida (PDF) L26: Dah-Yoh Lim (PDF) |