CSE208: Advanced Cryptography (FHE)

Daniele Micciancio

Winter 2023

Course Description

CSE208 is an advanced, graduate level course in cryptography, and assumes a solid background in cryptography, as provided, for example, by the introductory graduate cryptography course CSE207. The most important course prerequisite is a working understanding of the definitional/theoretical security framework of modern cryptography, i.e., how to rigorously formulate security requirements, and anlyze candidate cryptographic constructions with respect to them. Familiarity with a number of common cryptographic primitives, like public key encryption, digital signatures, hash functions and commitment schemes is also assumed.

Building on what you have already learned in your introductory crypto course, CSE208 explores more complex primitives and protocols, which typically combine cryptography with some form of general purpose comptuation, like zero knowledge proof systems, functional encryption, forms of verifiable computation, secure two-party and multi-party computation, and fully homomorphic encryption.

In Winter 2023, the course will focus on Fully Homomorphic Encryption (FHE), i.e., encryption schemes that allow the evaluation of arbitrary functions on encrypted data.

Reading and Homework

The course has no textbook. Reading/study material for the course will consist of lecture notes (mostly slides from lecture), research papers and surveys. Anything below the line is material from a previous edition of the course, which you can use as a reference and or take a peek at what we may be doing next. But this quarter the course will a bit different. As we progress through the course, past material will be updated and moved above the line, and new material may be posted.

Introduction to FHE

FHE Definition, Composability and Bootstrapping

Public Key Encryption from the LWE


Homomorphic Multiplication


Ring LWE and FHEW

FHE Surveys

Some open source libraries implementing FHE schemes: