[SOUND] Welcome to introduction to Cryptography part of the Cyber Security course sequence being offered by the Maryland Cybersecurity Center at the University of Maryland. I am Jonathan Katz and I am very excited to be teaching this course. In this lecture, I just want to give an overview of the course content. Highlight the goals of the course and discuss some of the prerequisites I assume. If you look in a dictionary, you may see cryptography defined as the art of writing or solving codes. And indeed, cryptography historically focused exclusively on so-called codes. Nowadays, called private-key encryption schemes. Which enabled two parties who share some secret information in advance to communicate over a public channel, while keeping the contents of their communication private from an adversarial eavesdropper. Modern cryptography, however has a much broader scope. In addition to data privacy cryptography is now also concerned with other goals. Like data integrity, user authentication or more complex security requirements. Furthermore, cryptography now also considers the public-key setting where communicating users do not share any secret information in advance. Finally, cryptography as a field now encompasses more than just primitive. Ranging from the study of mathematical foundations to the design and analysis of complex systems. It's a bit hard to pin down a definition that covers the entire scope of the field. But I think what really distinguishes cryptography from other fields of computer security is its focus on mathematical techniques. This of course, doesn't mean that other areas of computer security don't use mathematics, nor does it mean that cryptography only focuses on mathematics. But I would say that cryptography mathematical techniques are the primary object of study. Historically, cryptography was used primarily in military settings. What's really interesting about cryptography now a days is that it's used almost everywhere. Everyone of you watching this video has used cryptography before. In particular, when you type your password to log into the Coursera website. If you've ever purchased something by credit card over the Internet, you've undoubtedly used cryptography to ensure that your credit card number can't be read by an eavesdropper in the process. Beyond encryption, if you've ever applied an update to Windows or Mac software then unknowingly, you've relied on digital signatures to verify the authenticity of that update. And finally, many of you may have heard of Bitcoin. A recent system for decentralized electronic cast that relies on cryptography for its security. If we go back to the historical definition of cryptography, we see that cryptography is also defined as being an art. And indeed. Historically, cryptography was largely an art with schemes designed and evaluated in a relatively heuristic fashion. The entire process was somewhat ad hoc. With schemes being proposed and deemed good enough, if the designer and his friends couldn't see any way to break it. If the scheme was later broken, then it would be patched and the process repeated. Modern cryptography, however is much more of a science. The field now rests on firm foundations and a rich theory has been developed that enables more rigorous design and analysis of schemes. Cryptography has been hugely successful. So much so that many of its ideas have permeated other areas of computer security. For example, the emphasis on formal threat modeling and the possibility of proofs of security within some well defined model. In this introductory course, we will cover the two primary cryptographic settings and their corresponding primitives. In the private key setting where the communicating parties share secret information in advance. We will study private key encryption schemes for ensuring secrecy of their communication and message authentication codes for the equally important task of data integrity. That is ensuring that data is not modified improperly. We will then move on to a treatment of the public-key setting. Where communicating parties did not share any secret information and events. And where the analysis concerns, the analysis concerns are handled by public-key encryption schemes and digital signatures that as we will see, are constructed using very different techniques from the corresponding perimeters in the private-key setting. Along the way, we will also cover some of the necessary building blocks for these primitives. Which are interesting and useful in their own right. Things like Pseudorandom generators, block ciphers and hash functions. We will of course, also introduce some number theory about midway through the course in preparation for our discussion of public key cryptography. The course will follow fairly closely selected chapters of my text book, Introduction to Modern Cryptography. This text is not required, but you may find it helpful as a written representation of the material. Those of you looking for further information about the topics we cover in this class or treatment of more advanced topics, may also find the book useful. In designing the course, I've tried to hit a middle ground between theory and practice. The course is motivated by the goal of having you understand basic cryptography as it used today in the real world. Nevertheless, I plan to do this while taking a rigorous mathematical approach to the material. In keeping with the real world focus, I also expect that after you have taken this course, you will be able to use cryptography as part of systems you develop. This means both of you will know the appropriate primitives to use for some particular application. And we'll also be aware of how to use those primitives properly. This course will not make you a crypto expert, but it should allow you to determine when standard cryptographic tools suffice. And when you need to call in an expert cryptographer for help. Finally, I hope to also impart a crypto mindset as part of this course. That is to emphasize the importance of formal modeling and precise assumptions and to highlight the possibility of proving security of a particular construction. I intend this course to be accessible to undergraduate computer science, mathematics or electrical engineering majors. And with that in mind, I've tried to keep the prerequisites minimum. As far as mathematics is concerned, I do assume some prior exposure to discrete mathematics. I also assume some basic familiarity with discrete probability. Along the what lines of what might be covered in the first month of the standard undergraduate probability course or as part of a discrete mathematics class. Perhaps most importantly, I do assume a fair degree of mathematical at maturity. This means that you are able to think abstractly and are comfortable with definitions and proofs. From a computer science standpoint, I assume some basic CS knowledge, EG, familiarity with binary, hexidecimal, and ASCII representation. I also assume the ability to read pseudo code and comfortability with concepts like big-O-notation for analyzing the running time of algorithms. Finally, I assume some prior exposure to programming in a C-like language and I will use C programs as examples throughout the class. There will be optional programming assignments as part of this course. So I will try to structure things, so you can do those using a language of your choice. In the next lecture, we'll begin in earnest with a more detailed discussion of private-key encryption and an examination of some classical examples of privacy encryption schemes. I hope to see you all there.
