Introduction to Mathematical Cryptography (Math 571)


The description from SPIRE is the following:

   The main focus of this course is on the study of cryptographical
   algorithms and their mathematical background, including elliptic
   curve cryptography and the Advanced Encryption Standard. Lectures
   will emphasize both theoretical analysis and practical
   applications. To help master these materials, students will be
   assigned Computational projects using computer algebra software.

This is a rigorous introduction to modern topics in mathematical cryptography. Planned topics are (i) an introduction to public key cryptography, including Diffie-Hellmann, RSA, and attacks on them, (ii) elliptic curve cryptography, (iii) lattice-based cryptography. Time permitting, we will discuss additional topics, such as hash functions, homomorphic encryption, and AES (a symmetric system).

The formal prerequisites for this course are MATH 300 or COMPSCI 250 and MATH 471. Instead of MATH 471, an alternative is MATH 411. MATH 471/411 are required because we will make use of some basic concepts from them, such as modular arithmetic, factoring and primality testing, and basic algebra (cyclic groups and their generators). However, I plan to include quick reviews of these topics as part of the lectures, so strictly speaking it is not necessary to have seen them before (although of course having seen them before means that you will have more confidence/maturity in processing the material in MATH 571). We will also introduce other topics from algebra we need, such as finite fields.

Part of the coursework will involve computations with a computer algebra system of your choice. Such systems will also make it easier to do HW. Here is some information about what systems are available (and my opinions about them).


Prof. Paul Gunnells, LGRT 1115L, 413.545.6009, gunnells at math dot umass dot edu. The best way to contact me is by email, but please read this before trying to send me email. Office hours TBA.


"An Introduction to Mathematical Cryptography," by Hoffstein, Pipher, and Silverman, Springer-Verlag.

Please be sure to read the textbook to supplement the lectures. The authors (all of whom I know) have spent a lot of time trying to make the text enjoyable and understandable (unlike a typical math book). Also, not every topic covered in homework problems will be explicitly lectured on.

You can purchase your copy of the text however you like, but the best way is through our library. The library has a subscription to some electronic resources of Springer-Verlag (a large mathematics publisher). Our subscription means you can either download the pdf of the book (yes, free), or you can order a print-on-demand copy for substantially cheaper than retail. In fact, the book is listed in Spire (through Amazon) as costing about $90 retail; ordering a copy via our library costs about $25.

Here's how you can get it:

I bought my own copy this way. The quality is very good, and I actually like having a printed copy to complement the downloaded pdf. It takes a few days to receive your copy after purchase.

Note that if you obtain the book this way or download it, it will be the first edition of the textbook, not the second. You can use either one to study, but I am assigning problems from the first edition (since that's the one I bought through the library). Please make sure you look at the problems assigned in the first edition.


The grading for the course will be as follows. There will be a final exam worth 40%, and one midterm exam during the semester, worth 20%. Of the remaining 40%, half will be based on written homework exercises, and half on computational projects. See below for more information.

The grading scale will be the traditional decile scale (if changed, it will only be changed in your favor, i.e. an A will never be higher than 93, etc.):

A 100-93
A- 92-90
B+ 89-87
B 86-83
B- 82-80
C+ 79-77
C 76-73
C- 70-72
D+ 69-67
D 60-66
F below 60

Final Exam

The final will be cumulative, with some emphasis placed on topics covered after the midterm exam.

The date and time of the final exam will be scheduled by the university. The final will only be given at that time, and not at any other time for any reason, with the exception of the reasons outlined in the academic regulations (see below for more information). In particular, adjust your travel plans accordingly; planning to leave for vacation before the final exam is a bad idea.

The University has a byzantine final examination policy for resolving conflicts. The details are contained in the academic regulations, specifically Section X.C (on p.29). Please read it carefully and make sure that you have no final exam conflicts when the schedule becomes available. It is your responsibility to understand and follow this policy (note that part of the process is getting proof of a conflict from the Registrar's office, since no faculty member can parse the text of the academic regulations).


The date of the midterm exam will be the following:

This date does not conflict with any religious observances, as determined by the NYC Alternate Side Parking Calendar which is the most complete list of holidays I know.

Please be aware of this date and record it. Exams will not be given at any other time. Sections covered on the exam will be announced in class some time before the exam date. The lecture before each exam will be a review.

Make-up exams will only be given in the case of family or medical emergency. Both situations will require a note from your advisor, and the latter will require a note from your physician. No make-up exams will be given for any other reason.

Problem Sets

Problem sets will be assigned on the main course page and will be collected in-class. Late problem sets will not be accepted for any reason, and will simply be marked late and returned ungraded. At the end of the term, a few problem set grades will be dropped, so missing one or two problem set submissions shouldn't affect your grade. Only selected problems (randomly chosen by me) will be graded.

I encourage you to form study groups and to work on the problem sets together. In fact you will learn a lot more about the material through discussing it with your fellow students. However, remember that ultimately you'll be taking exams by yourself, so if you choose to work with others, make sure that you're understanding what's going on. If you do work with other students, you are responsible for writing up the problems yourself in your own words.

Successful completion of the problem sets is essential to help you monitor your progress in the course. The homework problems will be very similar to problems that appear on exams. Please don't postpone working on the problems; try to take a look at them shortly after the material is covered in class.

Computational Projects

During the term there will be some computational projects to help you explore some topics more deeply and to get a feel for the mechanics of cryptosystems, attacks on them, etc. I plan to divide you into small groups (something like 2 to 4 people per group) so that these will be like mini group projects. I plan to shuffle the groups around so you will all have a chance to work with each other. These will not be heavy software development projects, but computing skills will be necessary (at the level of writing scripts in a high-level computational system akin to Matlab, Mathematica, etc.). Here is some information about what systems are available (and my opinions about them).


I try to answer as many questions as possible during lecture. If you have a question, don't be afraid to ask. Chances are other students also have the same question. I also usually stick around a few minutes after class to answer quick questions (such as questions about parts of the lecture, a homework problem you've tried, etc.). Most students find this to be a good way to clear up confusion.

Outside of class, the best way to get help is through my office hours and the teaching assistant's office hours. Sometimes only a little bit of consultation is all that's needed to deal with difficulties. One thing to remember is that you will get much more out of office hours if you make a serious effort to do the problem on your own first.

Although I like to get a lot of questions from students, it is not possible to answer mathematical questions by email. Please don't be offended if you ask me a mathematical question by email and I don't respond. I've found in the past that trying to discuss mathematics by email rarely helps anyone, and usually only causes more confusion. It's much more effective to ask me such questions during class or office hours.

Revised: Thu Feb 9 21:45:05 EST 2017
Paul Gunnells
gunnells at math dot umass dot edu