This course will cover the main principles of symmetric cryptography through which the design of modern symmetric cryptographic primitives can be understood. The focus will be on the design of AES and block ciphers more generally, cryptographic hash functions, universal hash functions, message authentication codes, tweakable block ciphers, authenticated encryption schemes, and encryption schemes for dedicated applications like disk encryption. Specifically, we will study state-of-the-art cryptographic designs such as GCM, HMAC, OCB, SHA3, and SIV that are in use today.

The course will be delivered using the provable security methodology, meaning that a large portion of it will consist of security definitions and mathematical proofs. This will allow the students to understand the ideas behind the design of such schemes, what security they provide, and how to use them correctly. Thus while the course is mostly self-contained, students are expected to be mathematically mature.

The course will also include an applied component, where we will cover practical attacks on real-world systems. 

NOTE: The course will be delivered in English and the written exam will need to be written in English.