CIS 5560: Cryptography

Spring 2026

Basics

Instructor: Pratyush Mishra
Time: Tuesdays and Thursdays, 1:45PM-3:15PM
Location: Fagin Hall 118
Office hours: - Pratyush: Monday 10-11AM, Wednesday 12-1PM, AGH 323
Useful links: Ed Discussions; Canvas; Gradescope

Course description

This course is an introduction to the theory and applications of cryptography intended for advanced undergraduates and graduate students. Topics covered include:

• cryptographic security: one-way functions, pseudorandomness, computational indistinguishability
• symmetric cryptography: stream ciphers, block ciphers, message authentication codes, and hash functions
• public-key cryptography: key exchange, public-key encryption, digital signatures

We will also cover a selection of more advanced topics such as zero-knowledge proofs, homomorphic encryption, and post-quantum-secure cryptography.

Prerequisites

This course requires a basic background in discrete mathematics (at the level of CIS 1600). Prior exposure to algorithms and complexity (at the level of CIS 3200) will be helpful.

Grading

Your grade in the course is determined by the following components:

• Homework (20%)
• Project (20%)
• Participation (5%)
• Midterm (27.5%)
• Final (27.5%)

Course staff

• Anubhav Baweja: Office hours: TBD
• Alireza Shirzad: Office hours: TBD
• Bharath Namboothiry: Office hours: TBD

Resources

While there is no required textbook for the course, the following books are recommended:

• Introduction to Modern Cryptography (MC), by Jonathan Katz and Yehuda Lindell.
• Graduate Course in Applied Cryptography (AC), by Dan Boneh and Victor Shoup.

Schedule

The schedule below is tentative, and will likely be updated as the course progresses.

01/16/26: Introduction and overview

• Logistics and course overview
• Caesar cipher and substitution cipher
• Recap of discrete probability
• Slides
• Readings:
  • AC 2.1
  • MC 2

01/20/26: Computational indistinguishability and pseudorandomness

• Perfect Secrecy and Indistinguishability
• One Time Pad
• Shannon’s Theorem
• Negligible functions
• Computational indistinguishability
• Pseudorandom generators
• Slides
• Readings:
  • AC 3.1-3.3
  • MC 3.2, 3.3

01/22/26: One-way functions and permutations

• Stream ciphers
• Semantic security
• Slides
• Readings:
  • AC 3.1-3.3
  • MC 3.2, 3.3
  • MC 8.1, 8.4

01/27/26: One-way functions

• Next-bit Unpredictability
• One-way functions
• One-way permutations
• Hardcore predicates
• Slides
• Readings:
  • AC 3.1-3.3
  • MC 3.2, 3.3
  • MC 8.1, 8.4

01/29/26: OWFs -> PRGs

• Hardcore predicates
• OWPs + Hardcore predicates -> PRGs
• PRG length extension
• Slides
• Readings:
  • AC 5
  • MC 3.4

02/03/26: Pseudorandom functions

• Pseudorandom functions (PRFs)
• PRFs from PRGs
• Pseudorandom permutations (PRPs)
• Block ciphers
• Slides
• Readings:
  • AC 4.1, 4.4, 4.6
  • MC 3.5

02/05/26: Encryption for multiple messages

• Attacks on prior schemes
• Security for multi-message encryption
• Nonce-based encryption
• Randomized encryption
• Slides
• Readings:
  • AC 5
  • MC 3.4

02/10/26: Message integrity

• Message Authentication Codes (MACs)
• PMAC
• CBC-MAC
• Slides
• Readings:
  • AC 6.1,6.3
  • MC 4.1-4.4

02/12/26: Message integrity

• Message Authentication Codes (MACs)
• PMAC
• CBC-MAC
• Slides
• Readings:
  • AC 6.1,6.3
  • MC 4.1-4.4

02/17/26: Collision-resistant hashing

• Merkle-Damgard
• MACs from CRH
• HMAC
• Readings:
  • AC 8.1, 8.4, 8.7
  • MC 6.1-6.3

02/19/26: Authenticated Encryption

• Attacks
• MAC-then-Encrypt
• Encrypt-then-MAC
• Readings:
  • AC 9
  • MC 5

02/24/26: Number theory background

• Arithmetic modulo primes
• Fermat’s Little Theorem
• Quadratic residuosity
• Discrete Logarithm
• Arithmetic modulo composites
• Euler’s Theorem
• Factoring
• Readings:
  • AC Appendix A
  • MC 9

02/26/26: Key exchange

• Key exchange
• Merkle puzzle
• Diffie-Hellman
• Readings:
  • AC 10.1, 10.4, 10.8
  • MC 11

03/03/26: Midterm review

03/05/26: Midterm 1 in class

03/10/26: No class due to spring break

03/12/26: No class due to spring break

03/17/26: untitled

03/19/26: Public key encryption

• Public key encryption
• El Gamal encryption
• Hybrid encryption
• Readings:
  • AC 11
  • MC 12.1-12.4

03/24/26: RSA

• Trapdoor functions and permutations
• RSA Assumption
• RSA Encryption
• Readings:
  • AC 11.4
  • MC 12.5

03/26/26: In-class notebook for PKE

03/31/26: Digital signatures I

• Definition of signatures
• One-time signatures
• Readings:
  • AC 13
  • MC 13

04/02/26: Digital signatures II

• One-time -> Many-time signatures
• Signatures from trapdoor functions

04/07/26: Zero Knowledge Proofs I

04/09/26: Zero Knowledge Proofs II

04/14/26: Homomorphic Encryption

04/16/26: Post-quantum cryptography I

04/21/26: Post-quantum cryptography II

04/23/26: Midterm review

04/28/26: Midterm 2

Overview of course grade components

Homework

Homework is released on Canvas on Wednesday, and is due the following Friday at 5PM. That is, you have roughly 9 days to work on the homework. Homework submissions are to be made on Gradescope. Your lowest 2 homework scores will be dropped. Please use the template here.

You are encouraged to discuss homework problems with your classmates, but you must write up your solutions on your own. In particular, you must adhere to Penn’s Code of Academic Integrity; for more information, see the Office of Student Conduct.

Project

TBD.

Participation

You are expected to attend lectures and participate in class and on EdStem.

Exams

The course has two midterms, both in class. Midterm 1 will be held on March 6th (03/06/2026), and Midterm 2 will be held on April 29th (04/29/2026).

Students with disabilities

The University of Pennsylvania provides reasonable accommodations to students with disabilities who have self-identified and received approval from the Office of Student Disabilities Services (SDS). If SDS has approved your request for accommodations, please make an appointment to meet with me as soon as possible in order to discuss the arrangements for your accommodations. SDS services are free and confidential.

Wellness

Your emotional and physical wellness is a priority for us. We are aware of the stress you are under. If you find yourself needing help, please don’t hesitate to reach out to us if you encounter any extenuating circumstances.

Please also be aware of the following resources you can reach out to for help:

• Student health and counseling services.
• Penn’s Student Wellness Hub.
• If there is an urgent concern, please contact CAPS at 215-898-7021 or at 3624 Market St.

Inclusion and belonging

At Penn, in the CIS department, and in this class, we strive to create an environment that is inclusive and welcoming to all students, regardless of their race, ethnicity, gender identity, sexuality, or socioeconomic status. All our faculty and staff are committed to making your studies here at Penn a safe and rewarding experience. You belong here, and we are here to support you. If you have any concerns or experiences that make you feel unwelcome, please feel reach out to any of us.