While classical cryptography is concerned with ensuring authenticity and confidentiality against external attackers, there is now a large variety of interactive protocols among mutually distrusting parties.

Based on the lecture “Theoretical Foundations of Cryptography”, this lecture introduces such basic primitives, protocols and accompanying security models. The first part of the lecture introduces (interactive) building blocks, such as commitment schemes, Secret Sharing schemes, Zero-Knowledge proof systems and Oblivious Transfer. To analyze their security, game-based notions as well as the Real–Ideal security model are presented.

Building on these, more complex protocols for the secure and joint evaluation of arbitrary functions on secret inputs are introduced. We start with looking at security notions against so-called passive adversaries who follow the protocol but try to obtain additional information. In a second step, security against active adversaries who may arbitrarily deviate from the protocol is considered.

The lecture is designed in the “Flipped Classroom” format, i.e., the individual acquisition of knowledge is conducted independently via materials such as videos, slide sets and a skript, and the weekly session is used to delve deeper into and apply the contents, and to discuss problem tasks and questions. For this, it is required and assumed that students worked through the materials before the interactive session. The lecture is in German.