For your final project, you can do one of the following.

**Study a problem from your own research area from a cryptographic perspective.**For example, if you design or analyze computer systems, you can propose a cryptographic solution or analysis of system security. If you work in machine learning, you can discuss the implications of various cryptographic hardness assumptions to the learnability of various concepts.**Study and reflect upon a in cryptography in your choice.**To do this kind of project, you will likely need to do some background reading (some projects require more than others). However I expect you to be*critical*: You will fail if you only reproduce what you read without demonstrating a clear understanding. To be successful you will need to identify the advantages and limitations of exisiting solutions and discuss alternative proposals.- Haitner, Reingold, Vadhan: Efficiency improvements in constructing pseudorandom generators from one-way functions
- Vadhan and Zheng: Characterizing Pseudoentropy and Simplifying Pseudorandom Generator Constructions
- Haitner, Harnik, Reingold: On the power of the randomized iterate
- Brakerski and Vaikuntanathan: Efficient Fully Homomorphic Encryption from (Standard) LWE
- Barak, Goldreich, Impagliazzo, Rudich, Sahai, Vadhan, and Yang: On the (im)possibility of obfuscating programs

You will need to write a short survey (4-5 pages) due on Dec 12 and give a 15 minute presentation on the same day. For your presentation you can either use slides or the whiteboard.

You are encouraged to work in pairs, but individual projects are also acceptable.
Please let me know about your project proposal by email by **Mon Nov 19**. You can write a
paragraph or two about your proposed .

9.30 | Chen Hung Kwan |
Order-preserving encryption |

9.45 | Qin Chuan |
Implementation of fully homomorphic encryption |

10.00 | Chan Chun Wing and Li Yan Kit |
Cryptographic storage systems |

10.15 | Chen Qian |
Privacy-preserving authentication of query processing |

10.30 | break | |

10.45 | Ding Qian |
Obfuscation |

11.00 | Zheng Min and Sun Mingshen |
Attacking non-atomic decryption in practice |

11.15 | Lee Chin Ho |
Pseudorandomness, pseudoentropy, and one-way functions |

11.30 | Li Runhui and Huang Qun |
Pseudorandomness, pseudoentropy, and one-way functions |

11.45 | break | |

12.00 | Wang Bo |
On the NIST SHA-3 competition |

12.15 | Jiang Yuan |
Design of a security coprocessor for mobile devices |

12.30 | Hoover Yin |
On the security of RSA encryption |

12.45 | Wang Peng |
On the RSA encryption scheme |

Here are some possible choices of projects. Feel also free to propose your own.

The NIST hash function competition was a three-year long competition which ended in a selection of a new hash function standard SHA-3. For this project you can choose some representative entrants to the competition and do a critical examination of their strengths or weaknesses. Instead of relying what was found by other researchers, try to find your own theoretical or experimental attacks and explain why they succeed or fail.

In class we saw how to obtain a pseudorandom generator from a one-way *permutation*. In principle it is possible to start with any one-way function, although the resulting pseudorandom generator is less efficient. Some recent works make progress on this connection.

Homomorphic encryption allows for meaningful public operations to be performed on encrypted data. In a fully homomorphic scheme, one can obtain an encryption of any function of the messages given only encryptions of those messages. A good starting point are these lecture notes of Shafi Goldwasser and Boaz Barak 1 and 2. See also

The task of obfuscation is to hide the "source code" of a program without changing its functionality.

This project concerns the application of groups defined on elliptic curves in the construction of cryptosystems. To succeed in this project it is not enough to state how elliptic curve based systems are implemented. You will need to clearly explain the advantage of using techniques from this area. For example if you claim a theoretical advantage, you should give an example of a functionality that can be obtained using this technology but is not known without it. If you claim an advantage in efficiency, I expect you to come up with an implementation and data analysis that shows how elliptic curve cryptography gives an improvement. You can start by looking at the treatment and the references in the Katz-Lindell textbook.