Possible topics, 2D1441

Note that 9 and 15 have two subparts that can be voted on separately if desired.
1. Cryptographic assumptions, examples, discussions and comparisons.
2. The definition of a good pseudorandom generator. Construction of such a generator from any one-way permutation.
3. The definition of a good pseudorandom function. Construction of such a generator from any good pseudorandom generator.
4. Zero-knowledge proofs. Proofs for some of the following: graph-isomorphism, graph-colorability or even PSPACE-complete problems. Perfect, statistical and computational flavors. Proofs of knowledge.
5. Zero-knowledge arguments. Arguments are proofs whose soundness depends on computational assumptions while the zero-knowledge property usually is perfect.
6. Distributed cryptography. Generation of keys and decryption in a distributed environment where some parties might misbehave.
7. Security of encryption. Semantic security (no information is leaked) and non-malleability (cannot produce encryptions of related messages). Possibly a system by Cramer and Shoup.
8. Elliptic curve cryptography. The definition of an elliptic curve group. Discussions of which cryptographic constructions that can be used with elliptic curve groups.
9. Factorization and discrete logarithms. (9a) A study of the best algorithms on classical computers (quadratic sieve, number field sieve). (9b) A discussion of algorithms for the problems on quantum computers.
10. Quantum cryptography. How to establish a common random string over a public channel in the quantum world. It is information-theoretically secure.
11. Modes of a block crypto. CBC, IAPM, Counter and KFB.
12. Digital money. Desirable properties and a proposed system by Stefan Brands.
13. Voting. Definition of properties. Some system.
14. Multi-party computation. Joint computation of a function on secret inputs. Possibly only in the model of honest and curious participants.
15. Integer lattices. (15a) The algorithm of LLL with some application to cryptanalysis, possibly breaking knapsack cryptosystems. (15b) Using hardness assumptions on the computation of shortest vector to create cryptosystems.
16. Cryptanalysis of some symmetric crypto scheme. Possibly the details of linear cryptanalysis of DES.

Sidansvarig: <>
Senast ändrad 13 mars 2003
Tekniskt stöd: <>