Kamara Lectures 2 + 3 : Provable Security

The design of cryptographic algorithms presents certain unique challenges. Over time, we have learned that our intuition about what is secure and what is not is very poor. The history of cryptography is filled with examples of cryptosystems that were thought to be highly-secure but turned out to be completely broken. In addition, unlike other areas of computer science, we have no way of testing whether a cryptographic algorithms is secure or not. This lack of feedback on an already unintuitive design process can lead to serious problems. Another difficulty is that cryptographic algorithms are fragile in the sense that even slight and seemingly inconsequential changes to a secure primitive can completely break it. Finally, the skillsets needed to design a cryptosystem are not necessarily the same as the ones needed to break a cryptosystem. Because of this, cryptographic designers cannot rely solely on their own expertise to reason about the security of their algorithms.