ERROR OPENING FILE "data.txt" Information Security and Cryptography Group
Skip to main content.

Latest News


This course is an introduction to Modern Cryptography. It will introduce cryptography from scratch, i.e., no previous knowledge in cryptography or computer security is required. The list of topics comprises:
Most of these topics are covered by the following books, all of them are available in the computer science library.


This course is a core theory lecture. Basic knowledge in computability, complexity theory, and number theory is useful, but not utterly necessary, as it can be acquired during the course.


The following tutorials are available:
1 Thu, 14-16 E2.1, SR007 (map) Dominik Feld
2 Thu, 14-16 E1.4, R023 (map) Ines Ciolacu
3 Thu, 14-16 E1.3, SR 16 (map) Anton Krohmer
4 Thu, 14-16 E1.1, U12 (map) Sebastian Meiser
5 Thu, 16-18 E2.1, SR007 (map) Dominik Feld
6 Thu, 16-18 E1.7, R001 (map) Ines Ciolacu
7 Thu, 16-18 E1.1, U12 (map) Sebastian Meiser

Why are all tutorials at the same day?
→ See the section on quizzes below.

Michael Backes will be available for your questions on Friday, 12-13.
Office: building E1.1, room 211.

Raphael Reischuk will be available for your questions whenever his door is open.
Office: building E1.1, room 217.

The tutors will be available for your questions at the following times in building E1.1, room 218:


Weekly homework exercises will be handed out in class and posted to the course page each Tuesday, after the lecture. Their solutions will be posted one week later. No homeworks have to be submitted, but you are encouraged to ask any question you might have concerning the course in the office hours. Homework exercises will thus not influence your grade, however, by presenting solutions in the tutorials you may gain a better grading in the quiz, see below.

Weekly Quiz

Each tutorial starts with a short (approx. 15 minutes) quiz covering the topics of the same lectures that were addressed in the corresponding homework assignment. Your overall quiz-grade is determined by dropping the quiz with the lowest grading, and calculating the average of the remaining quizzes.

You can further improve your quiz-grade by a "good presentation" of your solutions of the homework exercises in the tutorials. In this case, you may drop another quiz, i.e., at most two quizzes may be dropped. Please be aware that there is a limited number of exercises, and if more than one student opts for one particular solution, a random student will be drawn. So start early enough!

Quizzes will affect your final grading by 30%, and you need an overall quiz-grading of at least 50% to pass the course.


There will be two mandatory exams: A mid-term exam, and a final exam.

The mid-term exam will be approx. one hour and consist of multiple-choice and simple questions intended to test your basic understanding of the course material covered so far. Your mid-term grade will affect your final grading by 20%, however, there is no lower bound that has to be reached in order to pass the course.

The final exam will be a written test of two hours. It will make up 50% of your final grade, you need at least 50% to pass the course.

Grading & Requirements for Passing the Course

Let Q be your quiz score, M your score in the mid-term exam, E your score in the final exam, and B your score in the backup exam, each in percent. Then your final overall score Final is calculated as

Final = 0.3*Q + 0.2*M + 0.5*Max(E,B)

You pass the course if
Q ≥ 50% and Max(E,B) ≥ 50% and Final ≥ 50%

Q: I got only 49% in the quizzes, but 100% in both exams, will I pass?
A: No, you need 50% in your quizzes to pass.

Q: I got only 49% in the final exam, but 100% in the quizzes and the mid-term exam, will I pass?
A: No, you need 50% in your final exam to pass. Consider participating in the backup exam.

Q: I got only 30% in the mid-term exam, but 100% in final exam and in the quizzes, will I pass?
A: Yes, there is no minimum requirement on the mid-term exam. However, of course, you need a final score of 50% to pass.

Backup Exams

Date and time of the backup exam will be announced. You may take part in the backup exam if you qualified for the final exam, i.e., you got at least 50% score in the quizzes.

The backup exam will be written. Please note that if you have passed the final exam and also take the backup exam, the better score between the two will count for your final grade.

Lecture Overview, Material & Tutorials

# Date Topics Slides Homework References
1 2010-04-13 Organizatorial aspects. Historical overview of cryptography. Information theoretic security. Perfect secrecy. One-time pad. Lecture Notes 1 - 2.3,
Katz/Lindell p. 3-27, 29-36,
2 2010-04-16 Stream ciphers, randomness (cipher)
Lecture Notes 2.4
3 2010-04-20 Pseudorandom permutations, pseudorandom functions, switching lemma, modes of operation Lecture Notes 3
Katz/Lindell 3
4 2010-04-23 Definitions of security, DES, Feistel networks Lecture Notes 3.3 - 4.2
5 2010-04-27 DES, AES Lecture Notes 4.2 - 4.5
Katz/Lindell 5
6 2010-04-30 Message authentication codes Lecture Notes 5.1 - 5.2
Katz/Lindell 4.1 - 4.5
7 2010-05-07 Collision resistant hash functions Lecture Notes 5.3 - 5.5
8 2010-05-11 Basic number theory facts Lecture Notes 6
9 2010-05-18 The ElGamal public-key encryption scheme Lecture Notes 7
10 2010-05-21 CCA2 security, keyed hash functions, Cramer-Shoup Lecture Notes 8.1 - 8.2
11 2010-05-28 Proof: Cramer-Shoup is CCA2-secure assuming DDH Lecture Notes 8.3
12 2010-06-01 The RSA trapdoor permutation Lecture Notes 9.1 - 9.3
2010-06-04 Midterm Exam
13 2010-06-08 The RSA trapdoor permutation (attacks) Lecture Notes 9.4 - 9.5
14 2010-06-11 Digital Signature Schemes Lecture Notes 10
Katz/Lindell 12
15 2010-06-15 Certificates Lecture Notes 11
16 2010-06-18 Authentication
17 2010-06-22 Protocols for Authentication, SSL Lecture Notes 12
18 2010-06-25 Commitment Schemes Lecture Notes 13
19 2010-06-29 Secret Sharing Lecture Notes 14
20 2010-07-06 Secret Sharing, Zero-Knowledge Lecture Notes 15
21 2010-07-09 Zero-Knowledge, Formal Methods Dominique Unruh's notes on formal methods
22 2010-07-13 Quantum Cryptography
23 2010-07-16 Lattice-Based Cryptography
24 2010-07-20 Question and Answer Session
2010-07-23 Final Exam

There are the following tutorials:
# Date Lectures Quiz Comments
I Thu, 2010-04-22 1,2 1 exception: group 6 (Ines) will be in E1.4, R019
II Thu, 2010-04-29 3,4 2 exception: group 6 (Ines) will be in E1.7, R323
III Thu, 2010-05-06 5,6 3
Thu, 2010-05-13 Ascension Day
IV Thu, 2010-05-20 7 4
V Thu, 2010-05-27 8,9,10 5
VI Thu, 2010-06-03 - Corpus Christi
Midterm Exam
VII Thu, 2010-06-17 6
VIII Thu, 2010-06-24 7 exception: group 2 (Ines) will be in E1.3, R528
IX Thu, 2010-07-01 8
X Thu, 2010-07-08 9
XI Thu, 2010-07-15 10 exception: group 6 (Ines) will be in E1.7, R323
Final Exam

Registration and Mailing List

Registration is closed. In case you still want to register, please contact Raphael Reischuk.

Further Reading