Title : Getting a Few Things Right and Many Things Wrong
The history of cryptography from ancient times to the present is full of tales of blunders and oversights, typically occurring when an over-confident encryptor is outwitted by a patient and clever cryptanalyst. In contrast, mathematics (if properly peer-reviewed) is perfect. There is never error, because by definition one cannot prove a theorem if it is false. So in order to remove the contingent and subjective elements from cryptography there have been concerted efforts in recent years to transform the field into a branch of mathematics, or at least a branch of the exact sciences. In my view, this hope is misguided, because in its essence cryptography is as much an art as a science.
I will start by describing a setting (taken from a recent paper written with Alfred Menezes and Ann Hibner Koblitz) in which the conventional wisdom about parameter selection might (or might not) be wrong. Then I will illustrate the pitfalls of working in cryptography by giving a (far from exhaustive) survey of the many misjudgments I have made and erroneous beliefs I have had over the course of 25 years working in this field. I will then describe a few of the embarrassing moments in the history of "provable security", which is the name of an ambitious program that aims to transform cryptography into a science.
Title : Cryptographic Hash Functions: Theory and Practice
Cryptographic hash functions are an essential building block for security applications. Until 2005, the amount of theoretical research and cryptanalysis invested in this topic was rather limited. From the hundred designs published before 2005, about 80% was cryptanalyzed; this includes widely used hash functions such as MD4 and MD5. Moreover, serious shortcomings have been identified in the theoretical foundations of existing designs. In response to this hash function crisis, a large number of papers has been published with theoretical results and novel designs. In November 2007, NIST announced the start of the SHA-3 competition, with as goal to select a new hash function family by 2012. About half of the 64 submissions were broken within months. We present a brief outline of the state of the art of hash functions half-way the competition and attempt to identify open research issues.
Title : Pairing Based Cryptography
Bilinear pairing is now a well-accepted mathematical tool to build new cryptographic applications. This might appear a little paradoxical because not so long ago the same mathematical structure was considered as a main deterrent to the deployment of elliptic curve cryptography. The tutorial aims to trace the story of this changed perception in the crypto community. The narration is based on some novel construction of cryptographic protocols with an eye on the interplay of functionality, security and efficiency.
Title : Lightweight Cryptography for RFID Systems
Radio frequency identification (RFID) is a technology for the automated identification of physical entities using radio frequency transmissions. In the past ten years, RFID systems have gained popularity in many applications, such as supply chain management, library systems, e-passports, contactless cards, identification systems, and human implantation. RFID is one of the most promising technologies in the field of ubiquitous and pervasive computing. Many new applications can be created by embedding an object with RFID tags. However, the rapid development of RFID systems raises serious privacy and security concerns that could prevent the benefits of RFID technology from being fully utilized. The tutorial covers three topics: a) Introduction to Security and Privacy of RFID Systems, b) Design of Lightweight Crypto primitives; c) Design of Authentication Protocols.