Materials

See raw slides (pdf) and (/dl/24f-2550/2550-L10.pdf).

Topics

• The one-time pad needs a key that is as large as the message.
• This issue causes failures of operation.
• A useful tradeoff is to consider a weaker notion of computational secrecy.
• Computational indistinguishability and pseudo-random generators.
• AES + other heuristic constructions
• There are still simple attacks, stronger notion is IND-CPA.

Other materials

• If you are interested in learning more about how AES works and about the reasoning behind its design decisions, take a look at this free book, The Design of Rijndael.