TMA4160 Cryptography - Fall 2025
Messages
No new messages.
(Messages)
Prerequisite
You should be familiar with basic abstract algebra such as groups, rings and fields.
You will find the lectures more interesting or enjoyable if you know something about computational complexity and the analysis of algorithms.
For the programming exercises, we require knowledge about Python.
Lecture plan
This is a plan. It will change. PMC is Practical mathematical cryptography (now with correct chapter numbering). GCAC is A Graduate Course in Applied Cryptography. HAC is Handbook of Applied Cryptography.
| Week | Topic | Notes |
|---|---|---|
| 34 | Introduction. Diffie-Hellman. Classical ciphers. Symmetric cryptography. | PMC 2.1, 1.1-2. GCAC 10.4, 2.2.1. No exercise class Wed 20/8. |
| 35-6 | Defining confidentiality. Pseudo-random functions (PRF). Security proofs. | PMC 7.1-2. GCAC 3.1-2, 4.1, 4.4, 5.3-5. No exercise class Wed 27/8, no lecture 29/8. |
| 37 | Defining integrity. Message authentication codes (MACs). | PMC 7.1, 7.3. GCAC 6.2-3, 7.2.1, 7.3.2, 9.1-5 |
| 38 | Diffie-Hellman. Discrete logarithms. Primality testing. | PMC 2.2-4. GCAC 10.5, 16.1. HAC 4.2, 4.4. |
| 39 | Primality testing. Discrete logarithms. | PMC 2.2-4. GCAC 10.5, 16.1. HAC 4.2, 4.4. |
| 40 | Elliptic curves. | PMC 2.5. GCAC 15.1-2. |
| 41 | No lectures or exercise classes this week. | |
| 42 | Public key encryption. Defining confidentiality. RSA. Factoring. | PMC 3.1-4, 8.1. GCAC 11.2-5. |
| 43 | Learning with errors. Lattices. Key encapsulation mechanisms (KEMs). | PMC 3.5, 3.8, 7.5, 8.2. GCAC Exercises 11.9, 12.5, 12.18. |
| 44 | KEMs. Hybrid encryption. Random oracles. | PMC 8.2. |
| 45 | Digital signatures. PKI. Hash functions. | PMC 4.1-4.3, 7.4, 9.1. GCAC 8.1, 8.3-4, 13.1-2. |
| 46 | Hash and sign. | PMC 9.2. GCAC 13.1-5. |
| 47 | Repetition, old exams | |
Exercise sets
All exercises can be found in PMC. Further notes on exercises can be found in Blackboard.
| Week | Exercises | Example |
|---|---|---|
| 36 | 1.31, 1.33, 2.2, 2.3, 2.4, 7.1, 7.3 | Fixed iv for additive stream cipher |
| 37 | 7.7, 7.8, Exam 2024 - Problem 1, Exam 2023 - Problem 2, Exam 2022 - Problem 1 | Known iv for CBC mode |
| 38 | 1.39, 7.13 (see errata), 7.15, Exam 2018 - Problem 3 | Kerckhoffs's law |
| 39 | 2.13-17, 2.20-2.26, 2.40-2.44, Exam 2017 - Problem 1b, Exam 2019 - Problem 1a | Prime and prejudice |
| Compute log_g x in F_p, for g = 6, x = 27 and p = 4556318305414127858677263488003559109834624183799293 8175083457749195137086235079348950021950920106764545230307 | ||
| 40 | 2.31, 2.33, 2.39, 2.47, 2.48, 2.50, 2.53-54 | Weak parameters |
| 41 | 2.61-64, Exam 2025 - Problem 2, Exam 2019 - Problem 2 | No exercise class this week |
| 42 | Compromise | |
| 43 | 8.3 (hard), Exam 2024 - Problem 4, Exam 2022 - Problem 3, 3.11, 3.12, 3.15, 3.18, 3.19 | Randomness |
| 44 | 3.31, 3.37, 3.38, 3.57, Exam 2015 - Problem 1 | Radomness (again) |
| 45 | Exam 2024 - Problem 3, 5, Exam 2022 - Problem 6, 8.25, 8.26, 8.31, 8.32 | |
| 47 | 4.8, 4.9, 4.10, 4.12, 4.14 (somewhat hard), 4.15 |
Reference group
See Blackboard.
Course material
We will follow Practical Mathematical Cryptography by Gjøsteen, but A Graduate Course in Applied Cryptography (available online) by Boneh and Shoup will also work if you don't want to buy the book. If so, you will also want to supplement with some material from the Handbook of Applied Cryptography and A computational Introduction to Number Theory and Algebra (both available online).
There are many other sources that could be useful:
- Cryptography Made Simple, by Nigel P. Smart, Springer. Since NTNU has the Springer database, you can download it from here.
- Introduction to Modern Cryptography, 3rd edition, by Jonathan Katz and Yehuda Lindell.
- Handbook of Applied Cryptography by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone.
- A Computational Introduction to Number Theory and Algebra by Victor Shoup.
The curriculum is defined to be the material covered by the lectures and the exercises.