A key idea in modern cryptography is to try and design protocols that are secure against polynomial time adversaries (rather than all adversaries). This relaxed notion of security allows to implement many amazing tasks. (To give just one example we can consider two players playing poker over the phone without the help of a trusted party). In the course we will develop the basic machinery that allows such protocols with emphasis on precise definitions and rigorous proofs.

This course complements the course "introduction to cryptography" and students are allowed (and encouraged) to take both courses.

Requirements:

See Syllabus.

In the end of the semester there will be an exam.

During the course I will sometimes present questions in class that you can think of and try to solve.

You can also take a look at the following assignment that was used in a course four years ago and try to solve relevant questions.

Course material:

Books:

- Jonathan
Katz and Yehuda Lindell.
*An Introduction to Modern Cryptography**.* - Oded Goldreich.
*Foundations of Cryptography.*

Lecture notes:

· Benny Applebaum and Iftach Haitner: Foundations of cryptography. (My current plan is to follow this course very closely)

- Salil Vadhan. Introduction to Cryptography.
- Yehuda Lindell. Foundations of Cryptography.
- Iftach Haitner. Foundations of Cryptography.

Handouts:

Resources to study for exam:

· A home
assignment given 4 years ago. I recommend that you try and solve the
exercises while going over the material.

· Here are some exams from 2 years
ago. Moed a, Moed b. Important
disclaimer: As I said in class, these do not necessarily represent the exam of
this year.

· Here are more exams from 2012: Moed a, Moed b.