Current students

COMPGA18 - Cryptanalysis

This database contains 2016-17 versions of the syllabuses. For current versions please see here.

CodeCOMPGA18 (Also taught as COMPM068)
PrerequisitesIntroduction to Cryptography COMPGA03
Taught ByNicolas Courtois and Christophe Petit

Study of major topics in cryptanalysis. Showing a variety of ways to break, fix/repair and to measure/evaluate the security of cryptographic primitives. Understanding the maths, the security design principles, the internal structure and important properties of major cryptosystems. Study of major computational hard problems in cryptography (symmetric and public key). Step by step analysis of mathematical/algebraic/statistical attacks, methods and algorithms in cryptanalysis. 

Learning Outcomes

Knowledge and understanding of how current cryptographic security technologies are built with individual components and their interaction, how they are (sometimes) defeated and how they can be designed or enhanced to be more robust. Understanding security goals, attacks and defences and other requirements in cryptographic systems.Understanding different types of attacks (e.g. key recovery vs. decryption). Learning how to evaluate the practical feasibility of attacks in terms of time, memory, pre-computation, data and the protocol / context in which they can be executed. 

Understanding the role of keyed operations, non-linearity, randomness, one-wayness, diffusion, side-channel vulnerabilities, permutations, security reductions, etc in the design of cryptographic protections. Discovering with software of key properties which are relevant to their security. Learning how to use standard crypto libraries, computer algebra software and software cryptanalysis tools. Learning how cryptosystems fail (theory/practice). 


Historical cryptanalysis. LFSR-based stream ciphers. Modern block ciphers(DES/AES/other). Differential cryptanalysis, linear cryptanalysis, algebraic cryptanalysis in block and stream ciphers. Self-similarity attacks. Groups, finite fields. Number theory. Attacks on public key cryptosystems. RSA, factoring, discrete logarithms, elliptic curves, lattice attacks. Cryptographic explorations with software. Protocol/mode/initialization attacks. Side channel attacks. 

Method of Instruction

Tutor-led class sessions, problem-solving, student projects with programming, participation in code-breaking competitions, private study. Concepts will be illustrated by practical computations with software and computer explorations. 


Students will execute individual small projects in which they will focus on study/analysis/discovery/implementation of particular cryptanalytic attacks.


There is NO written examination. The module has the following assessments: 

  • Coursework 1 (50%): Individual Exploratory Programming Project
  • Coursework 2 (50%): Participation in a Code Breaking Competition (Jan-May 2017)

The competition will be similar yet different than last years competition:


In code breaking competitions students will be assessed on 

1) their engagement, participation, team spirit, intellectual attitude and curiosity, 
2) mastery of underlying mathematical/algorithmic concepts and operational tools and techniques, and 
3) scientific and practical achievements, exploration visualisation and exploitation of data and results. 


To pass this module, students must: 

  • Complete both the Individual Exploratory Programming Project and Participation in a Code Breaking Competition; and
  • Obtain a pass mark of 50% for the module overall


Lecture notes provided in Moodle (Page ID = 28991). 

Examples of slides and software used in past years:


Reference books: 
Antoine Joux: Algorithmic Cryptanalysis, CRC Press
Menezes, van Oorschot, Vanstone: Handbook of Applied Cryptography, CRC Press.