CPSC 4440/5440: Real-World Cryptography (‘26 Spring)

Course information⬆️

Time and Location

  • TBA

Staff

  • Instructor: Fan Zhang
    • OH: TBD
    • Location: AKW 503
  • TA: TBD

Course Description⬆️

Cryptography provides strong security and privacy guarantees in well-defined mathematical models, but applying it to real-world systems is an art—one that must account for performance, cost, evolving adversarial threats, and even user behavior. This course focuses on the practical art of designing and applying cryptography in real systems, examining how cryptographic tools underpin today’s digital infrastructure and protect users against powerful and evolving threats, including rogue governments, privacy-prying corporations, and malicious AI content. Topics include secure channels, authentication, anonymity, end-to-end encrypted messaging, and Trusted Execution Environments (TEEs).

Prerequisites⬆️

Students are expected to be familiar with concepts in computer security and cryptography (e.g., from CPSC 413, CPSC 467, or similar courses). To set the stage, we will go over the content of Katz and Lindell (https://www.cs.umd.edu/~jkatz/imc.html) in the first few lectures at a quick pace.

Grading⬆️

Coursework includes homework and written responses to reading assignments. Graduate students will present at the end of the semester.

  • For undergraduate students: Participation (20%), Paper critiques (20%), Problem sets and labs (60%)
  • For graduate students: Participation (20%), Paper critiques (20%), Problem sets and labs (40%), Presentation (20%)

Homeworks

We provide a LaTeX templates for homework submissions: template.

Late days

  • Each student gets 1 free late days
  • One late day equals a 24-hour extension.
  • 10% grade reduction for each non-free late day
  • We honor Dean’s extensions. No other late days will be granted.

📆 Schedule⬆️

Basic

  1. Course intro
  2. Crash course on useful cryptographic tools
    • ⚙️ Lab1: Roll your own crypto

TLS, the most important Real-World Crypto

  1. Authenticated Key Exchange (AKE), TLS Handshake, and Real-world Attacks
  2. Encryption, TLS Record layer, and Real-world Attacks
  3. Watching the Gatekeepers: Certificate Transparency
  4. Provenance of TLS sessions (“zkTLS”)
  5. Presentations:
    • One on Revocation: Clubcards for the WebPKI: smaller certificate revocation tests in theory and practice (IEEE S&P'25) or AccuRevoke: Enhancing Certificate Revocation with Distributed Cryptographic Accumulators (IEEE S&P'25)
    • zkTLS: Proxying Is Enough: Security of Proxying in TLS Oracles and AEAD Context Unforgeability in AFT'25. https://eprint.iacr.org/2024/733.
    • ⚙️ Lab 2: Decrypting TLS traffic

Messaging under Strong Adversary

  1. Mixnets, Onion routing, Tor
  2. DC nets, Dissent
  3. E2EE encrypted messaging
  4. Censorship
  5. Presentations:
    • Attacking and Improving the Tor Directory Protocol (S&P'24, RWC'25)
    • Censorship, GFW study

Identity and Credentials

  1. Passwords, Password Authenticated Key Exchange, OPAQUE
  2. Anonymous tokens
  3. OAuth & zkLogin
  4. Key transparency
    • CONIKS, Parakeet, etc
  5. DID and Decentralized Social Network
    • atproto
  6. Presentations:
    • “Modern” Anonymous Credential (zk-cred)
    • Protecting End-to-End Encryption from a Malicious Zoom Server
    • ⚙️ Lab 3: zkLabeler

Securing data in use (Trustworthy Computing)

  1. Secure enclave
  2. SGX in-depth (Memory Isolation)
  3. SGX in-depth (Remote Attestation & Sealing)
  4. TEE side channel attacks
  5. TEE and everything we’ve learned so far
    • ⚙️ Lab 4: Controlled Side Channel CTF

AI <> Cryptography

  1. What crypto can/cannot do for AI?
  2. How to curb the potential negative impacts of AI?
    • Watermarking?

Prior versions⬆️