Corso di Algebra per Codici e Crittografia

Anno accademico 2010/11

Logo Unibs


  1. Presentazione del Corso
  2. Informazioni generali sull'insegnamento


Martedì 11 Gennaio 2011 verranno presentati i seguenti seminari in orario di lezione (inizio ore 8.45):

Referenze e approfondimenti

Logaritmo discreto e group pairing

  1. W. Diffie, M.E. Hellman, New directions in Cryptography, IEEE Transactions on Information Theory 22: 644-654 (1976), doi:10.1109/TIT.1976.1055638
  2. W. Diffie, P.C. Oorschot and M.J. Wiener, Authentication and Authenticated Key Exchanges, Des. Codes and Cryptography 2: 107-125 (1992), doi:10.1007/BF00124891
  3. T. Elgamal, A public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms, IEEE Transactions on Information Theory IT-31: 469-472 (1985) oppure CRYPTO'84: 10-18, Springer-Verlag.
  4. D. Boneh, A. Joux, P.Q. Nguyen, Why Textbook ElGamal and RSA Encryption are Insecure
  5. A. Menezes, An introduction to pairing-based cryptography, Recent trends in cryptography, Contemp. Math. 477: 47-65 (2009).
  6. A. Shamir, Identity-based Cryptosystems and Signature Schemes, Advances in Cryptology, Lecture Notes in Computer Science 7: 47-53 (1984)
  7. D. Boneh, M. Franklin, Identity-based Ecryption from the Weil Pairing, SIAM J. of Computing 32: 586-615 (2003).


  1. R.L Rivest, A. Shamir, L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM 21: 120-126 (1978)
  2. R.L. Rivest, R.D. Silverman, Are 'strong' primes needed for RSA? (1999)
  3. D. Boneh, Twenty years of attacks on the RSA cryptosystem, Notices of the AMS, 46(2): 203-213 (1999)
  4. M. Bellare, P. Rogaway, Optimal Asymmetric Encryption - How to encrypt with RSA, Extended abstract in Advances in Cryptology - Eurocrypt 94 Proceedings, Lecture Notes in Computer Science 950 (1995)

Primalità e fattorizzazione

  1. A. Granville, It is easy to determine whether a given integer is prime, Bull. of the A.M.S. 42(1):3-38 (2004)
  2. M. Agrawal, N. Kayal, N. Saxena, PRIMES is in P, Ann. of Math. 160(2):781-793 (2004).
  3. A.K. Lenstra, Integer factoring, Des. Codes. Crypto. 19:101-128 (2000)

Birthday paradox

  1. P.J. Cameron, Notes on probability
  2. G.H. Heuer, Estimation in a Certain Probability Problem, The American Mathematical Monthly 66(8): 704-706 (1959)
  3. N.H.F. Beebe, Computation of expm1(x)=exp(x)-1, Center for Scientific Computing University of Utah (2002)

Prodotto di polinomi

  1. J.M. Pollard, The Fast Fourier Transform in a Finite Field, Mathematics of Computation 114(25): 365-374 (1971)
  2. R.T. Moenck, Practical Fast Polynomial Multiplication, Proceedings of the 1976 ACM Symposium on Symbolic and Algebraic Computation (1976)
  3. A.A. Karatsuba, The Complexity of Computations, Proceedings of the Steklov Institute of Mathematics 211: 169-183 (1995)

Advanced Encryption Standard

  1. Data Encryption Standard (DES), FIPS-46-3 (1999)
  2. The Advanced Encryption Standard (AES), FIPS-197 (2001)
  3. J. Daemen, V. Rjimen, AES Proposal: Rijndael (1999)
  4. V. Rjimen, Efficient implementation of the Rijndael S-Box
  5. F.X. Standaert, G. Piret, J.J. Quisquater, Cryptanalysis of Block Ciphers: a survey, UCL Crypto Group Technical Report CG-2003/2
  6. C.Cid, Some algebraic aspects of the Advanced Encryption Standard, Proceedings of the Fourth Conference on the Advanced Encryption Standard (AES4), LNCS 3373: 58-66 (2004)
  7. C.Cid, S. Murphy, M. Robshaw Computational and Algebraic Aspects of the Advanced Encryption Standard, Proceedings of the Seventh International Workshop on Computer Algebra in Scientific Computing CASC' 2004: 93-103 (2004)
  8. C. Burwick, D. Coppersmith, E. D'Avignon, R. Gennaro, S. Halevi, C. Jutla, S.M. Matyas Jr., L. O'Connor, M. Peyravian, D. Safford, N. Zunic, Mars - a candidate cipher for AES (1999)

Curve ellittiche

  1. S.C. Vo, A survey of Elliptic Curve Cryptosystems, part I: Introductory, NASA Ames Research Center Technical Report NAS-03-012 (2003)
  2. Certicom Research, Standards for Efficient Cryptography 1 (SEC1), 2009
  3. Nippon Telephone and Telegraph Corporation, Standards for Efficient Cryptography SEC X.1: Supplemental Document for Odd Characteristic Extension Fields, Working Draft 2009
  4. H. Krawczyk, HMQV: A High-Performance Secure Diffie-Hellman Protocol, Advances in cryptology - CRYPTO 2005, 3621: 546-566 (2005)
  5. A. Menezes, Another look at HMQV, Journal of Mathematical Cryptology 1: 148-175 (2007)

Nozioni di sicurezza per crittosistemi a chiave pubblica

  1. M. Bellare, A. Desai, D. Pointcheval, P. Rogaway Relations Among Notions of Security for Public Key Encryption Schemes, Extended abstract in Advances in Cryptology - CRYPTO'98, Lecture Notes in Computer Science 1462 (1998)
  2. A. Shamir, R.L. Rivest, L.M. Adleman, Mental Poker in The Mathematical Gardner, ed. D.A. Klarner: 37-43 (1981)
  3. M. Blum, Coin flipping by telephone: a protocol for solving impossible problems, ACM SIGACT News, 15 (1983)

Hash functions

  1. B. Preneel, Analysis and design of cryptographic hash functions, Ph.D. thesis (1993)
  2. FIPS 180-3: Secure Hash Standard (SHS) (2008)
  3. FIPS 198: The Keyed-Hash Message Authentication Code (HMAC) (2002)
  4. Orange Labs, SHA-3 Proposal: ECHO (2010)
  5. P. Gauravaram et al., Grøstl - a SHA-3 candidate (2008)
  6. P. Gauravaram et al., Grøstl Addendum (2009)
  7. E. Biham, O. Dunkelman, A framework for Iterative Hash Functions --- HAIFA Proceedings of the Second NIST Cryptographic Hash Workshop (2006-2007)


  1. D.L. Chaum, Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms, Communications of the ACM 24: 84-88 (1981)
  2. D.L. Chaum, The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability, J. Cryptology 1: 65-75 (1988)
  3. M. Waider, Unconditional Sender and Recipient Untraceability in spite of Active Attacks, Proceedings of EUROCRYPT'89: 302-319 (1989)
  4. M. Waider, B. Pfitzmann, Unconditional sender and recipient untraceability in spite of active attacks - Some remarks, Fakultät für Informatik, Universität Karlshrue, Interner Bericht 5/89 (1989)
  5. M. Waider, B. Pfitzmann, The Dining Cryptographers in the Disco: Unconditional Sender and Recipient Untraceability with Computationally Secure Serviceability (1989).
  6. P.Golle, A.Juels, Dining Cryptographers Revisited, Advances in Cryptology (EUROCRYPT'04): 456-473 (2004)
  7. C.Park, K. Itoh, K.Kurosawa, Efficient Anonymous Channel and All/Nothing Election Scheme, EUROCRYPT'93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology (1993)
  8. B. Pfitzmann, Breaking an Efficient Anonymous Channel, EUROCRYPT'94: 339-348 (1994)
  9. W.Ogata, K.Kurosawa, K.Sako, K.Takatani, Fault Tolerant Anonymous Channel, ICICS'96 Proceedings of the First International Conference on Information and Communication Security (1997)
  10. D.Chaum, T.P. Pedersen, Wallet Databases with Observers, Proc. of Crypto'92: 89-105 (1993)
  11. D. Boneh, P. Golle, Almost Entirely Correct Mixing With Applications to Voting, CCS'02 Proceedings of the 9th ACM Conference on Computer and communications security (2002)
  12. P.Golle, M.Jakobsson, A.Juels, P.Syverson, Universal Re-encryption for Mixnets, Proceedings of the 2004 RSA Conference: 163-178 (2002)

Schemi a soglia

  1. A. Shamir, How to Share a Secret, Communications of the ACM 22:612-613 (1979)
  2. O. Goldreich, D. Ron, M. Sudan, Chinese Remaindering with Errors, IEEE Transactions on Information Theory 46: 1330-1338 (2000)