Cryptography and Architectures for Computer Security - 095947

The course aims to provide a systematic formation on cryptographic techniques currently employed in communications and data storage, focusing on algorithms and architectures and protocols.

Monday (14:30-16:15) classroom B.5.4, Building 14
Thursday (14:30-16:15) classroom C, Building 11

Gerardo Pelosi
(gerardo.pelosi -at-

Teaching Assistant:
Alessandro Barenghi
(alessandro.barenghi -at-

Office hours:
Wednesday (16:00-19:00),
Building 20, 1st floor, Office 127
or upon appointment through e-mail

Topics for the optional course PROJECT

Reference Material

Course Schedule

Exam Layout

Exam Sessions

Past Exam Papers

Reference Material

There is no single assigned textbook for this course, Slides and lecture notes will be made available during the course. A very good reference for most of the course topics is:

Additional material that you might find useful:

  • Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, Handbook of Applied Cryptography,avaliable online freely at
  • Jonathan Katz, Introduction to Modern Cryptography, August 2007, Chapman & Hall/CRC Press
  • Christopher Swenson, Modern Cryptanalysis: Techniques for Advanced Code Breaking March 2008, Wiley
  • Stefan Mangard, Elisabeth Oswald, Thomas Popp, Power Analysis Attacks - Revealing the Secrets of Smartcards Springer (available online via Polimi subscription to Springer)

If you are willing to try some practical challenges in the field of cryptography for fun, you can have a look here

Course Schedule

Day Classroom L/E Topic Reference Material
1 Mon. 6/3 Room B.5.4 (Bdg. 14) L Introduction to cryptography, confidentiality, integrity, authentication and non-repudiation. Adversaries and classes of attacks Slides
Slides 4x4
Menezes Chap.1
2 Thu. 9/3 Room C (Bdg. 11) L Historical ciphers, Perfect secrecy, Shannon's proof, OTP, confusion and diffusion principles Slides
Slides 4x4 grayscale
Smart. Chap. 3
Smart. Chap. 5
3 Mon. 13/3 Room B.5.4 (Bdg. 14) L Block Ciphers: Feistel structure, DES, 3DES, DES-X, Modes of Operation Slides
Slides 4x4
Smart. Chap. 8
Menezes Chap. 7
4 Thu. 16/3 Room C (Bdg. 11) E Exercises on Historical Substitution Ciphers, Permutation Ciphers Exercise book v1.4.2, Chapter 1
5 Mon. 20/3 Room B.5.4 (Bdg. 14) L Block Ciphers: SPN structure, AES;
Stream ciphers: LFSR, RC4
Slides 4x4
Smart. Chap.s 7,8
6 Thu. 23/3 Room C (Bdg. 11) L Hybrid Cryptoschemes and Public Key Authentication Slides
Slides 4x4
ITU X.680, X.690, X.509, IETF RFC 4880
7 Mon. 27/3 Room B.5.4 (Bdg. 14) L Block Cipher Cryptanalyses:
Linear Cryptanalysis
Slides 4x4 grayscale
C calculator for linear biases
Linear cryptanalysis implementation
8 Thu. 30/3 Room C (Bdg. 11) E Block Cipher Cryptanalyses: Differential Cryptanalysis + exercises Slides
Slides 4x4 grayscale
C calculator for linear biases
Linear cryptanalysis implementation
9 Mon. 03/4 Room B.5.4 (Bdg. 14) L Hash functions: definitions, properties, birthday paradox, Design principles, MACs Slides
Slides 4x4 grayscale
Smart. Chap. 10
10 Thu. 06/4 Room C (Bdg. 11) E Exercises on block ciphers, LFSR and Hash functions Exercise book v1.4.2, Chapter 2,3,4
11 Mon. 10/4 Room B.5.4 (Bdg. 14) L Algebraic Groups - Definitions of Rings and Fields Notes (part 1)
- - - Easter Holidays
12 Thu. 20/4 Room C (Bdg. 11) E Password Storage, Memory hard functions and disk encryption Slides
Slides 4x4
- - - National Holiday
13 Mon. 08/5 Room B.5.4 (Bdg. 14) L Modular Arithmetic - Finite Fields Notes (part 2)
14 Thu. 11/5 Room C (Bdg. 11) L Polynomial Fields and numerical examples Notes (part 2)
15 Mon. 15/5 Room B.5.4 (Bdg. 14) L Extension Fields - Examples Notes (part 3)
16 Thu. 18/5 Room C (Bdg. 11) L Public Key Cryptography - RSA Cryptosystem Slides
Slides 4x4 grayscale
Smart. Chap. 11
Smart. Chap. 15
17 Mon. 22/5 Room B.5.4 (Bdg. 14) E Exercises on Finite Fields
18 Thu. 25/5 Room C (Bdg. 11) L Discrete Logarithm Problem, Diffie-Hellmann Protocol, ElGamal cryptosystem, ElGamal Signature scheme, CCA2-Secure ElGamal, Digital Signature Algorithm (DSA) Slides
Slides 4x4 grayscale
Smart. Chap. 11
Smart. Chap. 14
19 Mon. 29/5 Room B.5.4 (Bdg. 14) L Continuation of Discrete Logarithm based cryptosystems -
20 Thu. 01/6 Room C (Bdg. 11) L Elliptic Curve Cryptography Slides
Slides 4x4 grayscale
Smart. Chap. 2
21 Mon. 05/6 Room B.5.4 (Bdg. 14) L Montgomery multiplication and fast arithmetic algorithms Notes on Fast Modular Arithmetic
Menezes Chap. 14 Sections 1–3
23 Thu. 08/6 Room C (Bdg. 11) E Exercises on Montgomery Multiplication and RSA Exercises from the Exercise book v1.4.2, Chapter 6,7 and Notes on Fast Modular Arithmetic
24 Mon. 12/6 Room B.5.4 (Bdg. 14) L Primality Testing. Number theoretical cryptanalysis: factoring algorithms, Discrete log extraction algorithms Slides
Slides 4x4 grayscale
Smart. Chap. 12 (Factoring)
Smart. Chap. 13 (Discrete Logs)
25 Thu. 15/6 Room C (Bdg. 11) L/E Pohlig-Hellman Attack + Exercises Slides Slides 4x4 grayscale
26 Mon. 19/6 Room B.5.4 (Bdg. 14) E TLS and SSH, Kerberos, Tor Slides Slides 4x4 grayscale
27 Thu. 22/6 Room C (Bdg. 11) E Side Channel Attacks Slides Slides 4x4 grayscale

Exam layout

There will be a 2h/2h30 written examination on the subjects of the course, which will include both questions and exercises.
It is possible to integrate the exam score with an optional practical project yielding at most a +6 increase in the evaluation (groups with at most 2 people).
However, a sufficient score in the written part must be obtained.

Project Guidelines

In order to take on a project you must contact both the teacher and the instructor (keep them both as CC) for both asking details and the natural communication which will ensue during the project development. For the sake of unambiguity you must always keep both of them in all your communications. Contact e-mails not complying with this will not be answered.

The project includes a reasonably-sized report and a short (10-15 minutes) presentation to be delivered to the teacher and the instructor. If the project involves the production of code, a Polimi-hosted git repository will be provided, with ssh public-key based access.

The project should be delivered at least a week in advance with respect to the exam date in which you want it to be evaluated (it may be different from the date of the written examination).

A preliminary list of projects is available with more project descriptions to come.
The assignment policy is “first-come-first-served”.

The projects proposals are available here; autonomous project proposals are welcome and will be taken into consideration.

Exam Sessions

Check the Poliself for further information on the exact time and place.

1st call on July 5th 2017, 12:15, Room: S.0.2

2nd call on July 25th 2017, 16:30, Room: C.I.1

3rd call on September 12th 2017, 9:30, Room: L.26.11

The subscription to the exam session you want to take is mandatory in order to have the grade registered.

Past Exam Papers