Yehuda Lindell

Introduction to Modern Cryptography, the most relied-upon textbook in the field, provides a mathematically rigorous yet accessible treatment of this fascinating subject. The authors have kept the book up-to-date while incorporating feedback from instructors and students alike; the presentation is refined, current, and accurate.The book’s focus is on modern cryptography, which is distinguished from classical cryptography by its emphasis on definitions, precise assumptions, and rigorous proofs of security. A unique feature of the text is that it presents theoretical foundations with an eye toward understanding cryptography as used in the real world. This revised edition fixed typos and includes all the updates made to the third edition, including: Enhanced treatment of several modern aspects of private-key cryptography, including authenticated encryption and nonce-based encryption.Coverage of widely used standards such as GMAC, Poly1305, GCM, CCM, and ChaCha20-Poly1305.New sections on the ChaCha20 stream cipher, sponge-based hash functions, and SHA-3.Increased coverage of elliptic-curve cryptography, including a discussion of various curves used in practice.A new chapter describing the impact of quantum computers on cryptography and providing examples of quantum-secure encryption and signature schemes. Containing worked examples and updated exercises, Introduction to Modern Cryptography, Revised Third Edition can serve as a textbook for undergraduate- or graduate-level courses in cryptography, a reference for graduate students, researchers, and practitioners, or a general introduction suitable for self-study.

Now the most used texbook for introductory cryptography courses in both mathematics and computer science, the Third Edition builds upon previous editions by offering several new sections, topics, and exercises. The authors present the core principles of modern cryptography, with emphasis on formal definitions, rigorous proofs of security.

In the setting of multiparty computation, sets of two or more parties with p- vate inputs wish to jointly compute some (predetermined) function of their inputs. The computation should be such that the outputs received by the parties are correctly distributed, and furthermore, that the privacy of each party’s input is preserved as much as possible, even in the presence of - versarial behavior. This encompasses any distributed computing task and includes computations as simple as coin-tossing and broadcast, and as c- plex as electronic voting, electronic auctions, electronic cash schemes and anonymous transactions. The feasibility (and infeasibility) of multiparty c- putation has been extensively studied, resulting in a rather comprehensive understanding of what can and cannot be securely computed, and under what assumptions. The theory of cryptography in general, and secure multiparty computation in particular, is rich and elegant. Indeed, the mere fact that it is possible to actually achieve the aforementioned task is both surprising and intriguing.

In the setting of multiparty computation, sets of two or more parties with p- vate inputs wish to jointly compute some (predetermined) function of their inputs. The computation should be such that the outputs received by the parties are correctly distributed, and furthermore, that the privacy of each party’s input is preserved as much as possible, even in the presence of - versarial behavior. This encompasses any distributed computing task and includes computations as simple as coin-tossing and broadcast, and as c- plex as electronic voting, electronic auctions, electronic cash schemes and anonymous transactions. The feasibility (and infeasibility) of multiparty c- putation has been extensively studied, resulting in a rather comprehensive understanding of what can and cannot be securely computed, and under what assumptions. The theory of cryptography in general, and secure multiparty computation in particular, is rich and elegant. Indeed, the mere fact that it is possible to actually achieve the aforementioned task is both surprising and intriguing.

In the setting of multi-party computation, sets of two or more parties with private inputs wish to jointly compute some (predetermined) function of their inputs. General results concerning secure two-party or multi-party computation were first announced in the 1980s. Put briefly, these results assert that under certain assumptions one can construct protocols for securely computing any desired multi-party functionality. However, this research relates only to a setting where a single protocol execution is carried out. In contrast, in modern networks, many different protocol executions are run at the same time. This book is devoted to the general and systematic study of secure multi-party computation under composition. Despite its emphasis on a theoretically well-founded treatment of the subject, general techniques for designing secure protocols are developed that may even result in schemes or modules to be incorporated in practical systems. The book clarifies fundamental issues regarding security in a multi-execution environment and gives a comprehensive and unique treatment of the composition of secure multi-party protocols.