The Joy of Cryptography
Mike Rosulek
Computers & Technology
The Joy of Cryptography

The Joy of Cryptography is a textbook written for CS427, Oregon State's undergraduate course in cryptography.

The pedagogical approach is anchored in formal definitions/proof of security, but in a way more accessible than what is "traditional" in crypto. All security definitions are written in a unified and simplified "game-based" style. For an example of what security definitions look like in this style, see the index of security definitions (which will make more sense after reading chapters 2 & 4). 

It contains over 120 exercises.

"The Joy of Cryptography" is a silly title, but all the sensible titles were already taken. It was at least better than "You Can't Spell Cryptography without Cry". Anyway, actual joy not guaranteed.

Review of Concepts & Notation
Logs & Exponents
Modular Arithmetic
Notation in Pseudocode
Asymptotics (Big-O)
One-Time Pad & Kerckhoffs' Principle
What Is [Not] Cryptography?
Specifics of One-Time Pad
The Basics of Provable Security
How to Write a Security Definition
Formalisms for Security Definitions
How to Demonstrate Insecurity with Attacks
How to Prove Security with The Hybrid Technique
How to Compare/Contrast Security Definitions
Secret Sharing
A Simple 2-out-of-2 Scheme
Polynomial Interpolation
Shamir Secret Sharing
to Visual Secret Sharing
Basing Cryptography on Intractable Computations
What Qualifies as a ``Computationally Infeasible'' Attack?
What Qualifies as a ``Negligible'' Success Probability?
Birthday Probabilities & Sampling With/out Replacement
Pseudorandom Generators
Pseudorandom Generators in Practice
Application: Shorter Keys in One-Time-Secret Encryption
to Contrapositive Point of View on Security Proofs
Extending the Stretch of a PRG
to Applications: Stream Cipher & Symmetric Ratchet
Pseudorandom Functions & Block Ciphers
PRFs vs PRGs; Variable-Hybrid Proofs
Block Ciphers (Pseudorandom Permutations)
Relating PRFs and Block Ciphers
PRFs and Block Ciphers in Practice
to Strong Pseudorandom Permutations
Security Against Chosen Plaintext Attacks
Limits of Deterministic Encryption
Pseudorandom Ciphertexts
CPA-Secure Encryption Based On PRFs
Block Cipher Modes of Operation
A Tour of Common Modes
CPA Security and Variable-Length Plaintexts
Security of OFB Mode
Padding & Ciphertext Stealing
Chosen Ciphertext Attacks
Padding Oracle Attacks
What Went Wrong?
Defining CCA Security
to A Simple CCA-Secure Scheme
Message Authentication Codes
to A PRF is a MAC
MACs for Long Messages
Hash Functions
Security Properties for Hash Functions
Merkle-Damgård Construction
Hash Functions vs. MACs: Length-Extension Attacks
Authenticated Encryption & AEAD
Achieving AE/AEAD
Carter-Wegman MACs
Galois Counter Mode for AEAD
RSA & Digital Signatures
``Dividing'' Mod n
The RSA Function
Digital Signatures
Chinese Remainder Theorem
The Hardness of Factoring N
Diffie-Hellman Key Agreement
Cyclic Groups
Diffie-Hellman Key Agreement
Decisional Diffie-Hellman Problem
Public-Key Encryption
Security Definitions
One-Time Security Implies Many-Time Security
ElGamal Encryption
Hybrid Encryption
Index of Security Definitions
The book hasn't received reviews yet.