de | en


Module IN2197

This Module is offered by TUM Department of Informatics.

This module handbook serves to describe contents, learning outcome, methods and examination type as well as linking to current dates for courses and module examination in the respective sections.

Module version of SS 2017 (current)

There are historic module descriptions of this module. A module description is valid until replaced by a newer one.

Whether the module’s courses are offered during a specific semester is listed in the section Courses, Learning and Teaching Methods and Literature below.

available module versions
SS 2017SS 2012WS 2011/2

Basic Information

IN2197 is a semester module in German or English language at Bachelor’s level and Master’s level which is offered in winter semester.

This Module is included in the following catalogues within the study programs in physics.

  • Catalogue of non-physics elective courses
Total workloadContact hoursCredits (ECTS)
150 h 60 h 5 CP

Content, Learning Outcome and Preconditions


- Theoretical foundations:
++ Definitions of security: perfect secrecy, computational security (IND-CPA,IND-CCA,IND-CC2), semantic security
++ Cryptographic primitives and pseudorandomness: pseudorandomnumbergenerators (PRG), -functions (PRF) and -permutations (PRP), one-way functions (OWF) and -permutations (OWP) (with trapdoor (TDP)), crypotgraphic hashfunktions, tweakable blockciphers (TBC)
++ Basics of group- and number theory, and elliptic curves
- Symmetric cryptography:
++ Blockcipher: AES, DES
++ Construction of encryption schemes using blockciphers: rOFB, rCTR, rCBC, OCB
++ Construction of message-authentication-codes: CBC-MAC, NMAC, HMAC
- Asymmetric cryptography:
++ The RSA-problem and derived encryption and signature schemes: RSA-OAEP, RSA-FDH, RSA-PSS
++ The discrete logarithm and derived schemes: Diffie-Hellman protocol, El Gamal, DH-KEM, DSA

Learning Outcome

After completing the module students are able to
- remember the basic primitives used in symmetric and asymmetric cryptography, and
- understand their theoretical foundations,
- analyse cryptographic schemes derived from these primitives,
- understand the basic definitions of security.


IN0011 Introduction to Theory of Computation, IN0015 Discrete Structures, IN0018 Discrete Probability Theory

Courses, Learning and Teaching Methods and Literature

Courses and Schedule

VI 4 Cryptography (IN2197) Luttenberger, M.
Responsible/Coordination: Esparza Estaun, F.
Tue, 16:00–17:30, MW 0608m
Wed, 16:00–18:00, MSB E.126
Tue, 17:00–18:30, MSB E.126

Learning and Teaching Methods

The module consists of a lecture and a tutorial. In the lecture the content of the module is presented and the participants are motivated to reflect on the topics using the provided references. In the tutorial concrete problems and examples are discussed and solved, where applicable, in team work.


Slides and blackboard


- Introduction to modern cryptography, J. Katz, Y. Lindell, Chapman&Hall/CRC, 2007
- Lecture Notes on Cryptography, S. Goldwasser, M. Bellare, online version
- Einführung in die Kryptographie, Johannes Buchmann, Springer Verlag, 4. erweitere Auflage, 2007
- Elliptic Curves: Number Theory and Cryptography, Lawrence C. Washington, Chapman&Hall/CRC, 2nd edition, 2003
- Handbook of Applied Cryptography, Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, CRC Press, 1996

Module Exam

Description of exams and course work

The assessment takes the form of a written exam of 90 minutes.
The exercises of the exam test if the examinee has acquired a subset of the skills in the following list.

List of skills: The student
- understands the needs for (pseudo)randomization in cryptography, and the difference between randomness and pseudorandomness;
- can explain the definition of secure cryptographic scheme under different kinds of attacks, and the definitions of the most important cryptographic primitives;
- can explain the assumptions underlying public-key cryptography;
- can apply the definitions to decide if a simple cryptographic scheme is secure or not;
- can describe basic cryptographic schemes and constructions (i.a. rCTR, NMAC, CBC-MAC, ENC-THEN-MAC, OAEP, FDH, PSS, DH, Elgamal, hybrid encryption);
- can construct provably-secure cryptographic schemes based on these constructions and primitives;
- can explain the advantages and disadvantages of private-key and public-key cryptography;
- can describe and apply the algebraic and number theoretic results underlying RSA- and DLP-based cryptography, spefically properties of finite commutative groups, distribution of primes, and generation of pseudorandom primes;
- can compute in the algebraic structures underlying RSA- and DLP-based cryptographic primitives;
- can explain the basic advantages and disadvantages of elliptic curves in DLP-based cryptography.

Current exam dates

Currently TUMonline lists the following exam dates. In addition to the general information above please refer to the current information given during the course.

Fri, 2021-03-05, 11:30 till 13:00 graded online exercise till 2021-01-15 (cancelation of registration till 2021-02-26)
Top of page