# Cryptography Full Course from Standford 2022

Interesting cryptography course from Stanford University with a very good blend of theoric and practical aspects of cryptography.

Cryptography is an important tool for protecting information in computer systems.

In this course, you will learn about the inner workings of cryptographic systems and how to properly use them in real-world applications.

The course begins with a detailed discussion of how two parties sharing a secret key can communicate securely when a powerful adversary can intercept or manipulate traffic.

We will examine a number of deployed protocols and analyze the fallibility of existing systems.

Later in the course, we will discuss public-key technology, in which two parties generate a shared secret key. During the course, students will be exposed to many exciting unsolved problems in this area and will work on fun (optional) programming projects. The second course (Crypto II) focuses on more advanced cryptographic techniques such as zero-knowledge, privacy mechanisms, and other forms of encryption.

## What is Cryptography

Cryptography is the study of secure communication techniques that allow only the sender and receiver of a message to see its contents. The word is derived from the Greek word kryptos, which means “hidden.” It is closely related to encryption, in which ordinary text is scrambled into what is known as ciphertext and then reversed. Cryptography is also used to disguise information in images using microdots or composites. Ancient Egyptians are known to have used such techniques in complex hieroglyphics, and the Roman emperor Julius Caesar is said to have used one of the first modern ciphers.

When transmitting electronic data, the most common cryptographic techniques are used to encrypt and decrypt e-mail and other plaintext messages. The simplest method is to use a symmetric “secret key”. In this case, the data is encrypted with the private key, and both the encrypted message and the private key are sent to the recipient for decryption. The problem? If a message is intercepted, the third party has everything it needs to decrypt and read the message. To solve this problem, cryptographers have developed an asymmetric system called the public-key system. In this system, each user has two keys, a public key and a private key. The sender requests the recipient’s public key, encrypts the message, and sends it. When the message arrives, only the recipient’s private key can decrypt it. In other words, without the corresponding private key, theft is pointless.

### Cryptography Best practices

Users should always encrypt the messages they send, preferably with a public key. It’s also advisable to encrypt important and sensitive files, from family photos to corporate data such as personnel files and accounting data. Choose a security solution with strong encryption algorithms and a user-friendly interface. This way, you can use the encryption feature regularly and prevent data loss if your mobile device, hard drive, or storage device falls into the wrong hands.

## Why is cryptography so important?

### Cryptography needs everywhere

Today, cryptography is an integrated layer of defense in all digital transformation initiatives grouped under the term “digital business.” As the foundation of modern security systems, cryptography is used to secure transactions and communications, protect personal data and other sensitive information, authenticate identity, prevent document tampering, and build trust between servers. Cryptography is one of the most important tools for protecting the systems that contain an organization’s most important asset – its data – whether that data is at rest or in motion.

The data is important information such as personal data of customers and employees, intellectual property, business plans and other sensitive information. Therefore, cryptography is an important infrastructure. This is because the security of sensitive data increasingly depends on cryptographic solutions.

Weak or hidden ciphers make critical infrastructure vulnerable to attack. Publicly accessible data in the public domain can lead to brand damage. In this modern environment, you need to pay attention to how cryptography is implemented and managed in your organization.

When wrapped in an invisible layer of encryption, sensitive data becomes unreadable and immutable, preventing malicious actors from doing harm. The core elements that make a cryptographic layer secure are algorithms, keys, libraries and certificates, which we will discuss here.

• Cryptographic keys are used in conjunction with cryptographic algorithms to protect sensitive information. Cryptographic keys must have the key length specified by the National Institute of Standards and Technology (NIST), and private keys must be kept secret to be effective. Relying on insecure keys or making the private key public renders the cryptographic technique obsolete.
• Digital certificates are used to maintain trust between connected digital components. Digital certificates must be properly managed to ensure that compliant algorithms and key lengths are used. They should also be renewed before they expire to avoid security breaches. Non-compliant or hidden certificates can lead to significant system failures and data leaks.
• Cryptographic libraries contain implementations of cryptographic algorithms that can be used by application developers to protect sensitive information. Cryptographic libraries must be carefully selected and kept up to date to ensure the required level of security. Resorting to insecure implementations or outdated cryptographic libraries can lead to serious hidden vulnerabilities in applications and infrastructures.
• Cryptographic algorithms are the mathematical foundation for maintaining the integrity, confidentiality, and authenticity of sensitive information. The use of standardized, mathematically secure algorithms is essential to prevent data disclosure, data tampering, and denials.
The topic of cryptography has become more important in recent years because of the significant consequences of inadequate controls. This is compounded by the rise of quantum computing and the regulation of new cryptographic technologies. Cases of hiding weak and non-compliant cryptographic mechanisms have become a challenge for security, risk and compliance teams protecting enterprises and digital businesses.

Cryptography is dynamic and an integral part of the digital economy. Enterprises need visibility into their cryptographic instances, not only through guidance from standards bodies such as NIST and the International Organization for Standardization (ISO), but also through web browsers that manage the user interfaces that connect businesses and consumers to secure online communications.

Cryptographic agility is key to meeting the latest cryptographic compliance requirements, standards, and recommendations to support and protect your digital business.

### Cryptography full Course material

▶▶The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography https://amzn.to/3vz1Rza

▶▶The Code Breaker https://amzn.to/3e7ua1N

## Cryptography Full Course Part I

### Cryptography Full Course Part II TIME STAMPs

#### INTRODUCTION

0:00:00 Course Overview

0:10:34 what is Cryptography

0:26:26 History of Cryptography

0:45:16 Discrete Probability (Crash Course) ( part 1 )

1:03:23 Discrete Probability (crash Course) (part 2) STREAM CIPHERS

1:17:13 information theoretic security and the one time pad

1:35:46 Stream Ciphers and pseudo random generators

1:55:34 Attacks on stream ciphers and the one time pad

2:18:48 Real-world stream ciphers

2:38:26 PRG Security Definitions

3:03:20 Semantic Security

3:18:51 Stream Ciphers are semantically Secure (optional)

#### BLOCK CIPHERS

3:29:46 skip this lecture (repeated)

4:02:25 What are block ciphers

4:19:10 The Data Encryption Standard

4:41:09 Exhaustive Search Attacks

5:00:51 More attacks on block ciphers

5:16:54 The AES block cipher

5:30:28 Block ciphers from PRGs

#### USING BLOCK CIPHERS

5:42:12 Review- PRPs and PRFs

5:53:43 Modes of operation- one time key

6:00:57 Security of many-time key

6:23:47 Modes of operation- many time key(CBC)

6:40:00 Modes of operation- many time key(CTR) MESSAGE INTEGRITY

6:49:20 Message Authentication Codes

7:04:36 MACs Based on PRFs

7:14:34 CBC-MAC and NMAC

7:42:55 PMAC and the Carter-wegman

#### MAC COLLISION RESISTANCE

7:58:21 Introduction

8:09:15 Generic birthday attack

## Cryptography Full Course Part II

### Cryptography Full Course Part II TIME STAMPs

#### COLLISION RESISTANCE

0:17:54 Construction Compression functions

0:26:03 HMAC

0:33:07 Timing attacks on Mac Verification

#### AUTHENTICATED ENCRYPTION

0:41:36 Active attacks on CPA-secure encryption

0:54:30 Definitions

0:59:44 Chosen ciphertext Attacks

1:11:49 Constructions from ciphers and MACs

1:32:07 Case Study

2:03:52 Attacking non-atomic decryption

#### ODDS AND ENDS

2:13:42 Key Derivation

2:27:17 Deterministic Encryption

2:41:50 Deterministic Encryption-SIV and wide PRP

3:02:19 Tweakable encryption

3:16:44 Format Preserving encryption

#### BASIC KEY EXCHANGE

3:28:58 Trusted 3rd Parties

3:40:10 Merkle Puzzles

3:51:28 The Diffie-Hellman Protocol

4:10:29 Public-key encryption

#### INTRODUCTION TO NUMBER THEORY

4:21:25 Notation

4:35:41 Fermat and Euler

4:53:46 Modular e-‘th roots

5:10:54 Arithmetic algorithms

5:23:29 Intractable problems

#### PUBLIC KEY ENCRYPTION FROM TRAPDOOR PERMUTATIONS

5:42:09 Definitions and Security

5:57:49 Constructions

6:08:14 The RSA trapdoor permutations

6:25:48 PKCS1

6:46:56 Is RSA a one-way function

7:03:31 RSA in practice

#### PUBLIC KEY ENCRYPTION FROM DIFFIE-HELLMAN

7:17:26 The ElGamal Public-key System

7:36:55 ElGamal Security

7:50:07 ElGamal Variants with Better Security

8:00:28 A Unifying Theme

8:12:12 Farewell (for now)

cryptographylectures ⭐ Important Notes ⭐ ⌨️ The creator of this course is Stanford University