A Mini-Course in Cryptography

This mini-course was taught in 2007 at Google. It is intended to be a brief survey for a general technical audience.

Week 1:
- "Why Johnny Can't Encrypt", Alma Whitten and J.D. Tygar.
  An (un)usability study of PGP.
- "New Directions in Cryptography", Whitfield Diffie and Martin Hellman.
  A seminal paper in public-key cryptography. Recommended if interested in the underlying math of public-key crypto.
- "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems", Ron Rivest, Adi Shamir, and Len Adleman.
  The RSA paper. Recommended if interested in the underlying math of public-key crypto.
Week 2:
- "Snake Oil FAQ", Matt Curtin; "Snake Oil", Bruce Schneier
- "Twenty Years of Attacks on the RSA Cryptosystem", Dan Boneh
  Good overview of many different attacks on RSA. Some technical details.
- The HMAC Papers, The OAEP Papers, Mihir Bellare et. al.
  These are technical papers and demonstrate some of the difficulty in composing crypto primitives.
- "Dos and Don'ts of Client Authentication on the Web", Kevin Fu, Emil Sit, Kendra Smith, and Nick Feamster.
  A great case study in practical web authentication. Recommended for engineers.
- Bleichenbacher's RSA signature forgery
Week 3:
- Zero Knowledge Tutorial, Oded Goldreich
  This is a good introduction, but quickly gets pretty technical.
- Probabilistic encryption, Goldwasser and Micali
  This paper introduced the idea of semantic security
Week 4:
- Secret Ballot Receipts: True Voter-Verifiable Election. David Chaum.
- Scratch and Vote. Ben Adida and Ron Rivest.

Stephen A. Weis Cryptography and Information Security