Data Privacy and Security (Fall 2024)

Master's Degree in Data Science

Syllabus

The course is meant to cover an overview of modern techniques aimed at protecting data privacy and security in digital applications. Below is a tentative list of topics.

Introduction to cryptography:

  • Confidential communication, secret-key and public-key encryption.
  • Authentic communication, cryptographic hashing, message authentication codes and digital signatures.
  • Key exchange protocols and TLS.
  • Post-quantum cryptography. Fully-homomorphic encryption.

Differential Privacy:

  • Approximate and pure differential privacy. Properties.
  • Examples of differentially-private mechanisms: randomized responses, the Laplace mechanism, the Gaussian mechanism, the exponential mechanism.
  • Lower bounds on differentially-private mechanisms.

Blockchain:

  • The Bitcoin protocol.
  • Ethereum and smart contracts.
  • Altcoins (Algorand, Cardano, ZCash, ...).

Multiparty Computation:

  • Two-party and multi-party computation.
  • Yao's garbled circuits.
  • MPC with honest majority.

Logistics

Important: The lectures are offered exclusively in-person (with no registration taking place).

Lecture time: Tuesday (15:00 - 17:00) and Thursday (12:00 - 15:00).
Location: Room A2 - Via Ariosto 25, Rome.
Twitter: @SapienzaCrypto.
Google Group: SapienzaCrypto.

Grading

Student’s presentation (30%), oral exam (70%).

Course Slides

  • Course info [pdf].
  • Chapter 1: Secret-key cryptography [pdf].
  • Chapter 2: Public-key cryptography [pdf].
  • Chapter 3: Key exchange protocols [pdf].
  • Chapter 4: Post-quantum cryptography [pdf].
  • Chapter 5: Differential privacy [pdf].
  • Chapter 6: Bitcoin [pdf].
  • Chapter 7: Alternative currencies [pdf].
  • Chapter 8: Secure multiparty computation [pdf].

References

While we will not follow a single book; the following sources are suggested as reference. However, only the material included in the slides will be part of the oral exam.

Students' Projects

As part of the exam, students are required to present a research paper or solve a small project and present the solution during the exam. Reach out to me by email after choosing a topic of preference (among those covered in the course) in order to get an assignment.

Exams

The exam dates for academic year 2024/2025 will be displayed here when available.

Announcements

18/09/2024: The course will start on September 26th, 2024.

Lectures

Date Topics References
Lecture 1 26/09/24 Introduction to the course. Modern cryptography. Message confidentiality and authenticity. Symmetric encryption. Perfect secrecy and Shannon's impossibility result. The AES blockcipher. Chapter 1
Lecture 2 01/10/24 Modes of operation: ECB, CBC, CFB, OFB and CTR. Definition of CPA security for symmetric encryption. Message authentication codes and unforgeability. CBC-MAC and its security. Chapter 1
Lecture 3 03/10/24 Collision-resistant hash functions. The Merkle-Damgaard paradigm and SHA-1. The sponge construction and SHA-3. HMAC. Definition of CCA security for symmetric encryption. Combining encryption and authentication. Chapter 1
Lecture 4 08/10/24 A brief tour of Minicrypt: one-way functions, pseudorandom generators, pseudorandom functions and pseudorandom permutations. Beginning of asymmetric cryptography: brush-up on number theory. Chapter 2
Lecture 5 10/10/24 The RSA public-key encryption and its security. The ElGamal public-key encryption and its security. Diffie-Hellmann assumptions. Chapter 2
Lecture 6 15/10/24 Pairings and assumptions on bilinear groups. Digital signatures and unforgeability. Signing with RSA and Full-Domain Hash. Public-key infrastructures and X.509 certificates. Identity-based encryption. Chapter 2
Lecture 7 17/10/24 Key exchange protocols. Diffie-Hellmann key exchange. Security in the Canetti-Krawczyk model. ISO 9697 protocol. IPsec and IKE: SKEME and SIGMA. MQV and HMQV. Chapter 3
Lecture 8 22/10/24 Key derivation functions using HMAC. Passwords. Bloom filters. Password-based encryption. Password-authenticated key exchange. Chapter 3
Lecture 9 24/10/24 The TLS protocol and TLS 1.3. Post-quantum cryptography. Lattices and hard problems: SIS and LWE. Chapter 3, 4
Lecture 10 29/10/24 Basic cryptographic primitives based on lattices. Lattice trapdoors and Falcon. Canonical identification schemes and Crystals-Dilithium. Chapter 4
Lecture 11 31/10/24 Regev public-key encryption. The Fujisaki-Okamoto transform and Crystals-Kyber. Fully-homomorphic encryption. Chapter 4
Lecture 12 05/11/24 Fully-homomorphic encryption. Identity-based encryption and attribute-based encryption from lattices. Chapter 4
Lecture 13 07/11/24 Differential privacy and approximate differential privacy. Properties. Randomized responses. The Laplace and the Gaussian mechanisms. Chapter 5