in Contemporary Cryptography
Professor Ronald Cramer
(BRICS - Dept. of Computer Science, Aarhus University, Denmark)
teach a postgraduate course entitled Topics in Contemporary
course is supported by the Spanish Ministerio
de Educación, Cultura y Deporte and is is a part of the
on Mathematics Applied to Cryptography.
The course will be held from 7 to 16 January 2003. There will be eight
- 7, 8, 9 January 2003 and 13, 14, 15, 16 January 2003, from 3 pm
to 6 pm
with 1/2 hour coffee break.
- 10 January 2003, from 11 am to 1.30 pm.
- On thursday 9 January 2003, after the course, there will be a
in which the participants may present their current research in
Hall 005 in building C3 in the Campus Nord of the Universitat
Politècnica de Catalunya in Barcelona.
List of key-words
Public-key crypto-systems, security against adaptive chosen cipher-text
attack, Cramer-Shoup scheme, universal hash proof systems, information
theoretically secure multi-party computations, verifiable secret
linear secret sharing, black-box secret sharing over Abelian groups.
This graduate-level course consists of two parts:
I. Securing Crypto-Systems against Active Attacks
The goal in this series of lectures is to review the theory of
crypto-systems and their security, and to discuss recent results on
public-key crypto-systems that enjoy the highest level of security for
We will start by reviewing the existing theory. This includes
security, security against adaptive chosen cipher-text attack, and an
of theoretical constructions of encryption schemes, based on trapdoor
functions and non-interactive zero-knowledge.
We then discuss in detail a new paradigm (Cramer/Shoup, 2001/2002)
the construction of practical public-key crypto-systems that are secure
against adaptive chosen cipher-text attack. This is the highest level
security for such scheme. The Cramer-Shoup scheme (1998), which, up to
know, was the only practical public-key crypto-system proven secure
adaptive chosen cipher-text attack under a ``reasonable''
assumption, namely the Decisional Diffie/Hellman assumption, is an
of the new paradigm, as we will also show in the lectures.
II. The Algebra of Secure Multi-Party Computations
Secure multi-party computation (MPC) can be defined as the problem of n
computing an agreed function of their inputs in a secure way, where
means guaranteeing the correctness of the output as well as the privacy
of the players' inputs, even when some players cheat. Motivating
for MPC include electronic voting, distributed signatures and
and so forth.
We will discuss the following topics.
- Shamir's classical secret sharing scheme.
- Sudan's error correction algorithm based on Bezout's Theorem.
- Optimal black-box secret sharing over arbitrary Abelian groups. A
sharing scheme that always blindly works, over any group! This is based
on a weak form of interpolation over conveniently chosen low degree
number fields. (Cramer/Fehr).
- Verifiable Secret Sharing (VSS). This extends the ideas behind
scheme so as to tolerate arbitrarily malicious parties.
- The classical (1988) theoretical results of Ben-Or, Goldwasser
and Chaum, Crépeau, Damgaard which show that even if < n /
3 players are corrupted by an active adversary, any function can be
computed. No intractability assumptions are needed.
- Constructing MPC protocols from linear secret sharing schemes
MAK's main page
Last Update: December 18, 2002