Cryptographic Engineering

Cryptographic Engineering

Spring Term 2018 - CS 293G - EnrlCd: 08847
Department of Computer Science
University of California Santa Barbara


  • Instructor: Professor Koç         → Koç is pronounced as "Coach"  

  • Schedule and Classroom: Tuesday and Thursday 1:00-2:50pm; Phelps 3526
  • Office Hours: Wednesdays 4:00-6:00pm   Office: HFH 1119

  • A 2-page flier about the course: cren.pdf  

  • Check the class website and the Piazza once a day  

  • The grades: Spring18.htm   →   The "Code" is equal to the perm number mod 9973 for regular UCSB Students and the last 3 digits of the perm number for Extension Students


Homework Assignments

There will be 4 homework assignments. Either, you can bring a paper copy to the class, or upload the electronic copy of your homework via the given Dropbox link. You can scan/pdf your handwritten work; however, do not send low-resolution or small phone-camera images.
  • Homework Assignment 01:   hw01.pdf - due April 20 Friday 11pm
  • Homework Assignment 02:   hw02.pdf - due May 4 Friday 11pm
  • Homework Assignment 03:   hw03.pdf - due May 29 Tuesday 11pm
  • Homework Assignment 04:   hw04.pdf - due June 7 Friday 11pm

Weekly Course Plan

The papers and presentations are here: docx  
  • Week 1: Numbers, Groups, and Fields;
    a01numbers, a02crt, a03groups, a04fields
  • Week 2+3+4: PKC, Digital Signatures, Cryptographic Protocols;
    b01pkc, b02dh, b03rsa, b04rabin, b05elgamal, b06proto, b07phom, b08ecc, b09dsig, b10elgamal
  • Week 5+6+7: Computational Requirements, Exponentiation; Finite Field Arithmetic
    c01creq, c02exp, c03gfp, c04gf2k
  • Week 8 Side-Channel Attacks and Countermeasures;
    d01sca, d02power, d03timing, d04fault, d05maa
  • Week 9: Karatsuba, Spectral, RNS Arithmetic;
    c05karat, c06spectral, c07rns
  • Week 10: Random Number Generators;
    e01intro, e02drng, e03lcg, e04ca, e05number, e06trng
  • Week 10: Research Discussions and Projects


Cryptography provides techniques, mechanisms, and tools for private and authenticated communication, and for performing secure and authenticated transactions over the Internet as well as other open networks. It is highly probable that every single bit of information flowing through our networks will have to be either encrypted and decrypted or signed and authenticated in a few years from now.

will have to be either encrypted and decrypted or signed and authenticated in a few years from now.

This infrastructure is needed to carry over the legal and contractual certainty from our paper-based offices to our virtual offices existing in the cyberspace. In such an environment, server and client computers as well as handheld, portable, and wireless devices will have to be capable of encrypting or decrypting and signing or verifying messages. That is to say, without exception, all networked computers and devices must have cryptographic layers implemented, and must be able to access to cryptographic functions in order to provide security features. In this context, efficient (in terms of time, area, and power consumption) hardware and software structures will have to be designed, implemented, and deployed. Furthermore, general-purpose (platform-independent) as well as special-purpose software implementing cryptographic functions on embedded devices are needed. An additional challenge is that these implementations should be done in such a way to resist cryptanalytic attacks launched against them by adversaries having access to primary (communication) and secondary (power, electromagnetic, acoustic) channels.

This course is designed for computer science, computer engineering, electrical engineering, and mathematics students interested in understanding, modeling, designing, developing, testing, and validating cryptographic software and hardware. We study algorithms, methods, and techniques in order to create state-of-art cryptographic embedded software and hardware using common platforms and technologies.


  • Public-Key Cryptography: Fundamentals and algorithms for public-key cryptography RSA, Rabin, Diffie-Hellman, and elliptic curve cryptography. Cryptanalysis of public-key cryptographic algorithms. Factoring and discrete logarithm. Key length issues for public-key cryptographic algorithms.
  • Multi-precision Integer Arithmetic: Arithmetic with large numbers. Exponentiation algorithms and addition and subtraction chains. Non-adjacent forms. Montgomery multiplication. Hardware and software implementation of arithmetic methods for cryptographic applications. Cryptographic co-processors.
  • Galois Fields: Properties of finite fields. Finite fields of p and p^m elements. Representations of field elements. Polynomial, normal and optimal normal bases. Algorithms for performing addition, multiplication, and inversion. Hardware and software methods for realizing finite field operations. Sub-quadratic methods.
  • Deterministic and True Random Number Generators: True, deterministic, hybrid random number generators (RNGs). Linear congruential and cellular automata RNGs. Number-theoretic DRNGs, RSA, Rabin, Blum-Blum-Shub, and Rabin DRNGs. Fundamentals of TRNGs. Design and evaluation criteria for TRNgs.
  • Side-Channel Attacks and Countermeasures: Side-channel attacks and countermeasures. Power, timing, electromagnetic, fault attacks. Simple power and differential power attacks and countermeasures. Timing attacks and countermeasures, RSA, Montgomery subtraction. Fault attacks and countermeasures Safe-error and GCD Attack Micro-architectural attacks and countermeasures. Cache and branch prediction attacks and countermeasures.



Notes, Conferences, Proceedings, Journals, & Archives


  • Homework Assignments: 60 %
  • Project: 40 %


This class is open to all graduate students. Undergraduate students who have taken CS 178 are also allowed. Other students: Please contact the Instructor.

Academic Integrity at UCSB  

  • E-mail:
  • Tel: (805) 893 7426
  • Office: HFH 1119