It's a good class for covering the foundations of cryptography, it helps build intuition about insecurity and misuse of existing tools without going into the full blown implementation details of such tools (for the most part). Which is fine, given that most likely you will just be using an existing cryptographic library most of the time in your job or elsewhere.

There are 6 homeworks. 4 do not have any programming involved, 1 is only programming based, and the last one has a small programming section. For the most part you will be writing hypothetical attacks/proofs, analyzing the insecurity of proposed schemes (again, the goal is to build intuition). You can work in groups, but I chose to work alone because I didn't want to rely on others due to my changing timezones and found it very manageable (I got around 80% on the HWs putting around 1 day's worth of effort into writing them out/thinking about them).

There are 2 exams, challenging but fair for the most part. Open book. They will pretty much determine whether you get a B or A. The curve is quite generous (B is 60%+).

The quizzes are the most frustrating part of the course. You start second guessing yourself after falling for a few gotchas. That said, their weighting isn't that heavy so it'll probably piss you off more than it should.

I fell off short of an A by 0.2%, but nevertheless I still recommend it. I paired with GIOS and the deadlines turned out to be quite complimentary and manageable. If you're the kind of person who enjoys brainteasers and that sort of thing, you will enjoy the class. I think the importance of understanding proofs themselves is overblown, it's more about building intuition.

do not take this course if u are on the OMSCS track. good luck to the ppl taking it as a REQUIREMENT for OMSCY. the class is a joke. lessons/modules are no help at all. ur better off reading the book that’s notes from a previous student. the TAs and prof are not nice at all. she will curve some students but not all students. how is that fair? dont know. good luck. this class should not be a requirement for OMSCY students.

The tears of nerds like us keep the population at large safe.

THERE WAS NO CURVE THIS SEMESTER. CUTOFFS WERE 81%=A and 61%=B.

People like to compare this class and Graduate Algorithms. They are similar, but not quite in the ways you expect. It’s more that the vast majority of the workload is personal study time.

(My background). I did a math minor and EE in undergrad. This is my 13th or 14th class and I think the most relevant ones to prepare were GA and IHPC (mainly for runtime analysis and writing pseudocode), some of the machine learning classes (for reading math notation), and IIS (for understanding modular math and RSA beforehand). In the past I also worked on a personal project that heavily involved encryption, which was a key motivation for me to take this class. All this is to say my experience will not be representative for you if you haven’t studied the topics before.

(Learning objectives). I want to counter the previous two reviews, which I think have no idea what this class is about. It’s common wisdom to nEvEr WrItE yOuR oWn EnCrYpTiOn LiBrArIeS, but what I found with my personal project is that all the “reputable” cryptographic libraries in both Java and Python are hot garbage written in such a way to blame you the user for "using them wrong" when you inevitably get hacked. I haven’t looked at other languages yet, but I assume they’re the same. You need to take a class like this one to understand how to use the libraries. Which options are the current best practices, and which are terrible but kept around for compatibility? Which options are more future-proof? How much efficiency are you giving up achieving a particular level of security? What constraints and gotchas do each method have? In which situations are various methods secure or insecure? What are the different definitions and levels of “security”? This is a math/pseudocode heavy class because it’s supposed to make you better at reading the documentation of cryptographic libraries, rather than a better coder.

(Difficulty). I haven’t taken the final yet, but my current grade is such that I’ll need a 70% on it to keep an A, or 12.5% for a B. There are 12 quizzes (18%), 6 homework (20%), a midterm (27%), and a final (35%). Your lowest quiz and homework are both dropped. The quizzes are proctored and closed-everything. When I took them, it felt like there were lots of frustrating gotcha questions. After reviewing them before exams, they seem more obvious, and I now think they’re mostly fair. They are worded way differently from the lectures/books so that you must sit and reason them out carefully, and you’re still probably going to miss 1 question on average every single week. The homework are less frustrating, but like for GA class you need a “eureka” moment to avoid getting docked most of the points. The exams are like the quizzes and homework, but open notes (still closed internet) so hopefully you’ll do slightly better unless you succumb to the time pressure.

(Tips to succeed). For the quizzes, I found that watching the lectures at 1.5x-2.0x speed and then reading the relevant sections of George’s notes was the best time/value and was good enough to get most of the points on quizzes. Sit and reason through the questions, because they are worded to break your ability to pattern-match from the lessons. For homework you’ll spend a lot of time doing CTRL+F through the allowed textbooks, most of which are massive. Not much more to say other than hopefully you find the “eureka” moment quickly. The exams are open notes, so the best way to prepare is to put together good notes. Take screenshots of the office hours to get the solutions for all the homework and quizzes and practice exams, write out a table of each encryption/signing method and what definitions of security they meet or don’t meet, write out factoids you think are important based on where you struggled with the quizzes/homework, look at your homework feedback in gradescope to get a sense of the rubric. You are provided links to lecture slides and textbooks during the exam, but you should organize what you need beforehand to save time during the honorlock session.

(Overall thoughts). A much lower workload than I expected, due to the emphasis on knowing what factors lead to what levels/types of security, as opposed to knowing the innards of any practical algorithms. They do not let you work ahead, so I was forced to relax and forget about class for a few days each week. There’s a lot of prerequisite knowledge for reading math notation, analyzing the runtime and correctness of algorithms, and understanding what makes a good mathematical proof. If you don’t have those, that’s where you’ll get stuck spending extra time.

This is the single worst class I have ever taken.

The quizzes are all trick questions with one word changed that changes the answer. They are all 5 or 6 question T/F questions where if you get one wrong you're already down a whole letter grade. The TA are very intitled and gatekeep grades. If you don't write it exactly they have in their notes then it is wrong. The professor purposely leaves out info on the slides and only talks about them out loud so if you don't take notes on what she says that isn't on the slides then you get things wrong. There is "optional" readings that have required material in them. We were told "exam questions resemble homework problems" and then told us "oh well" when we pointed out that we have a week and 3 person group to do the homework problems and we have 2 hours to do exams on our own. Office hours are all during working hours. Grades are inflated from the beginning for how terrible people do in the class.

Hands down the absolute worst experience and waste of a class. This is was disappointing. This is very clearly a research-based class and not for working professionals. Awful, awful class that I got absolutely nothing from.

This is probably the worst quality course in the entire OMS-* program. It is extremely similar to GA but with even less real-world applicability and TAs that behave with the same entitled attitude. In fact the course has virtually nothing to do with computer science or cybersecurity; it is a math course in disguise.

The instructor's accent is near unintelligible and the notes are only handwritten (illegible). Thus this requires the student to have a huge amount of patience otherwise you are out of luck. Avoid it if you have a choice.

To start, some general perspective on classes with curves. Bottom line is to not rely on them to achieve the marks you want. Many people dropped the class in my cohort because they thought they would not meet their goals. Realize that this class has a curve for a reason and ultimately it is up to the professor's discretion how the curve is applied, which often goes in the student's favor.

This is a tough class. Though, it is not just a lot about how cryptography works. I found that I also learned more about an attacker's perspective and the resilience needed to exploit vulnerabilities. Within the context of this class, it means proving under certain security definitions whether a given scheme is secure or not. What makes this class difficult is the theory and discrete math needed to address the various proofs in the assignments and exams. If you're like me, you probably do not do this in your regular work environment, and haven't touched discrete math for several years. I highly recommend reviewing how cryptographic security proofs work prior to this course.

The TAs are great and the professor is very knowledgeable. The lectures and crypto-notes were the most helpful for me. Really understand the practice problems given prior to the exams as there aren't a lot of outside resources to get other practice. If you are a diligent student, you will do fine. This is not a course you can half pay attention to while you work full-time. I wouldn't recommend pairing this with another class or taking it outside of the info sec track unless you are truly interested in learning about cryptography.

I didn't get much of this course. It consists of many mathematical proofs, abstract concepts, and probabilities. I have put a heavy effort into this class, but in the end, I didn't feel satisfied with the amount of effort compared to the knowledge that I learned.

Coming into the course, I had no background in discrete math or algorithms/writing mathematical proofs, so I definitely struggled. The material can be quite unclear sometimes and dry, but if one is willing to put in the effort to learn coming from a background such as myself, it is very much possible to still achieve an A/B in this class. In a way, I wish there were more examples given in the course on how to write proofs/practice problems as well as clearer instruction in the videos at times, but overall I still learned a lot and had a great experience in the course.

Annoying, boring course. Work load is pretty significant with long homeworks and with gotcha-filled quizzes weekly. TA's seem to be first timers/have never run the course before so there are constant glitches and bugs, grading takes forever. Professor is fairly good, but it doesn't make up for the constant barrage of gotcha questions you'll need to endure.

Don't let the title of "applied" fool you. This class is filled with 80% work that consists of mathmatical proofs(HWs and Exams) and 20% applied work (2 HW assignments). Overall the class is challenging but the TAs are helpful in their OH sessions so make sure to watch that to prepare for the HWs and Exams. I really wish this class wasn't required for the Cybersecurity Info Sec track, as I really didn't get much out of this class. There were a couple of golden nuggets, but this class was just 15 weeks of material that didn't interest me due to its irrelevance in my current work field. Luckily there is a nice curve, and the lowest quiz and HW assignment is dropped so you'll most likely pass with a C/B even if you struggle with every assignment.

Brilliant stuff! I have long forgotten how to do mathematical proofs, and I am happy this course forced me to refresh that knowledge. Lectures are great and dive deep enough to give just the right amount of information you could expect from a graduate course. Find a way to download them and watch at an increased speed as the videos seem to be a bit too slow. However, the expect to adjust the speed as you go as sometimes the content is very dense. I had to re-watch some part multiple times. The course has official extended notes and fantastic unofficial George's notes. You can use both of them on the exams! Expect the exams to be a mixture of quizzes and essay questions where you are expected to do some mathematical proofs. They are not to be afraid of as homeworks and corresponding office hours set you up for success. I learned a great deal on this course. It is one of the rare occasions when I could not go to bed before I figure out some finite number theory tricks that feels like magic.

8th/9th class taken with CN (AI4R, HPCA, IIS, GIOS, SAD, iHPC, AI)

I'm putting in this review a year after I took this class because I am in GA now and Applied Cryptography is the ONLY class that prepared me for GA (for reference, I'm in OMSCS - ML track). Not in content (except for the RSA unit), but in the structure of the course and the "proof" nature of the problems, and the fact that you just need to memorize some methods and be able to apply them to future situations. That is invaluable in GA right now. So definitely take this class! Put in the work and by the time you get to GA, you will be glad you did!

Note the 12 (maybe even 15 but no more) hours per week is averaged throughout the whole semester, I tended to put more hours in the weeks a homework was due and fewer hours the following week. The weekly quizzes make it difficult to let up though, which is probably a good thing since it forces you to keep up as the semester progresses. This is my 11th class (post-grad elective) and I got by every other class mostly watching lectures passively and starting on assignments casually. This is the first time I watched every video and took diligent notes AND read the course text, you need to be prepared. FWIW I found the B&R text to be a pleasant (almost enjoyable) read. Recommend! I also had to start assignments the day they were assigned to let the problems marinate.

This class was explained to me before I took it as the OMSCyber version of CS6515 Graduate Algorithms ("GA") but I find that comparison very superficial. Many students report difficulty in both due to being math, concept, proof, etc heavy classes but the BIG distinguishing factor that makes GA easier IMO is the large body of practice problems (e.g., leetcode). You can grind your way to understanding and put in the repetition and work for GA. In AC there is no major pool of practice problems and many times I would read and study the material to think I get it and have 1-2 problems from the HW to test my understanding then only to get the midterm / final to see that I, in fact, did not. This was the only frustrating part of the whole course but then again my learning style leans more towards this practice, drilling, and repetition.

I found that the cadence of the course is well thought out and there were nice breaks for the fall semester. For example, you finish symmetric encryption with the midterm right before Thanksgiving and then you get the week after truly off. You get some time to know your course standing right before the drop date.

I attended every George and Suchi office hours and they were great, staying well after the required 1 hour scheduled to answer questions. This is where most of my learning occurred, they know the material inside out and it was nice to riff about the material with someone to see if I knew it. Not to mention Suchi being a constant presence on the OMSCS Slack along with many other course alumni (looking at you, Joe). Some OMS courses students complain about the professors not being available, which is not the case here. In fact, Sasha (the professor) complained that not enough students were coming to her office hours. I would have attended more of hers but they conflicted with my work schedule. The teaching staff is solid.

The class is doable if you put in the effort, have sufficient math background, or have some intrinsic interest. I believe this is a requirement for OMSCyber so that might be motivation enough, but as an elective for OMSCS I often found myself questioning why I took this course many times throughout the semester. In the end I got the grade I wanted and I even learned some cryptography in the process. However, the biggest thing I learned is that cryptography is not for me (hey, I gave it a shot) and that I am humbled for not being as smart as I thought I was both due to seeing my peers in action as well as learning about the work of computer scientists who were able to come up with all this stuff in the first place.

P.S., if you work your way through the course you might earn an invite into an elite Georgia Tech secret society that is only "conjectured" to exist...but I've already said too much 🤐

I missed the CIOS deadline, hence doing this course a favor here :) This is a tough course - in that there are more things to do or assumed that you know from a mathematical standpoint than what is taught in the lectures. It is more about finding the tricks for the assignment, and practicing before the midterm/finals that will give you an edge, instead of 'covering' all the topics that the prof discusses in the lectures.

I did not score a lot - but eventually I felt that I LEARNED a lot - to the extent that I am now able to map certain security policies at work and terminologies being used in widely used key exchange protocols. If you work for a cloud company or want to work for such - this course is a must I feel. If you are in this program for the GPA - you will definitely NOT like this course. But if you are cruising along to learn something - then this course is great. Sasha / Suchi / George / Jiahui did a great job. Also this time the professor made sure to provide an update to students on their class standing post midterm (saying this based on previous review comments).

The lectures are really boring and outdated. It is very theory-based. The grading process is EXTREMELY slow and sometimes can take up to one month. Choose another course if you do not like writing proofs throughout the semester.

Badly taught course, should be named Magic and Philosophy of Cryptography. Do not expect much from the lectures. Homeworks are very time consuming, the only reason some people get good grades is because they find the solutions in internet. You will need to read 5 different books 1000 pages each in order to start understanding some of the concepts they want you to apply on exam or in homeworks. Not recommended.

Many of the previous reviews are very good, but just to add a few things from my experience. While the professor is brilliant, the lectures are very dry and don't really explain everything that you need to know to succeed in this class. I found myself having to consult the textbooks, piazza, and the legendary unofficial class notes from one of the TAs to succeed in this class. While that sounds reasonable, I was constantly frustrated that I couldn't find the answers from the lectures. I found the TAs, and the unofficial class notes, to be far more helpful than the professor and the lectures. I honestly wish the TAs just taught the class. While I did watch all the lectures, I probably could've skipped all of them and only read the notes and would've ended in the same spot. Besides that, I also found the hw and the quizzes frustrating. The quizzes had questions that I would classify as trick questions, and the hw was graded according to a rubric that you didn't get to see until after the fact. Both of which were frustrating because I found myself losing points even though I understood the material well. I have no problem losing points if I felt they were deserved, but that wasn't the case here. The hw rubric would knock you on things that you wouldn't even think the question warranted. They should either give the rubric when you do the hw, or phrase the questions so that they include everything expected in the rubric. Despite all of my many frustrations, I still learned a ton in this class. There was a lot of interesting stuff covered. It is very math heavy (which was fine for me). At the end of the day though, I can't see myself recommending this class to anybody unless you greatly desire to learn cryptography math proofs. Fortunately, this is a required class for many of us.

Background: OMSCS student. BS in EE. This is my 3rd class in the program, took GIOS in the spring, and took this class along with RAIT/AI4R/whatever it's called now.

Preface: I had a strong desire to learn this material. I think that really helped, because the material is not easy. However, hard in a good way - I learned a LOT.

Pros:

• Lectures are solid. TAs were excellent in my semester; I see in previous reviews that this wasn't always true, but at least in Fa 2021, the TAs were awesome (all of them).
• Homework really helped solidify the material
• Quizzes were fair. A few reviewers thought they were tricky; I disagree. They were not just rote memorization, you really had to understand the material to get the answers correct.
• Drop your worst homework (of 6) and worst quiz (of 12)
• Class is curved. As in, an actual curve - professor takes the median and uses the std deviation to determine cutoffs for A/B/etc.
• Material is difficult but is presented in a manner that allows you to learn it.

Cons:

• The homeworks and tests required a bit of intuition to get correct. The HW's and lectures help develop that intuition, but, it is still possible that you fully understand the material but miss points since you didn't see an attack vector on a scheme, for instance.
• As others have pointed out, the name "applied" cryptography is not really correct. There are 2 programming assignments, but they were small; I think I wrote maybe 100 lines of code total over the entire course. This, in my opinion, did not really take away from the course since I went in expecting that; just be aware.
• Grading can take a while as everything is hand graded
• Difficulty ramps up after the midterm, after the drop date. Not a problem for me since I was doing well after the midterm, but something to be aware of if you're already struggling with the first half of the course.

Overall: I highly recommend the course if you're interested in cryptography. If you only have a passing interest in the subject, would recommend you use free online materials instead, as the class will take some work to get an A. Personally, I think I'm going to end up with a B unless I crush the final. But, this is a course where I'm OK with that - I'd prefer a B in a course where I learn a ton over an A where I learn almost nothing. I took the course along with RAIT/AI4R as I mentioned above, which was doable even with a full-time job and a family, though I rarely had any free time to myself this semester.

I'm not sure what to think about this class. The setup hasn't change from previous reviews, so I won't repeat all that. I didn't find this class hard, per se, but it is purposefully set up to be tricky and I fell for a lot of the tricks. The exams are hard because they're timed, but if I had even a day to think about it, they'd be almost easy! The grading curve is hard to handle because you never quite know where you stand. The prof says she used an excel function to calculate cutoffs. She does say that the curve usually ends up being 61 - 80 as a B and 81+ as an A. If I calculated my own score correctly, I ended with 83% and I got the A, so the approximate cutoffs are probably pretty close, but no one will confirm. I do want to note that after the midterm she calculated the curve and at that time I was a solid B, so just know that there is still room to move up during the second half. Also, strangely, at the end of the semester, the prof and TAs just disappeared and stopped answering questions on Piazza (this happened once during the semester, too, where everyone just disappeared for a week and the students were all wondering what was going on). During the semester there are office hours to go over solutions, and all quiz answers are unlocked so you can see the correct answers, but not with the final. I guess I'll never know what I got wrong. So much for learning from my mistakes. Again, I'm not sure how I feel overall about this course. It wasn't as hard as some reviews will lead you to believe (though I hope the guy who says this is harder than GA is right!) but it's certainly tricky. And there's a lot to do. I took this with another class and mostly neglected the other class (which was a bummer because that one was more interesting). This wasn't part of my specilization, so when I was in the thick of it I definitly wondered why I would sign up for this in the first place, but now that it's over, I guess I'm glad I did. It was definitely interesting if you can get over the frustrating. And now that it's over, I do feel like I learned a lot.

Despite the low workload, the course itself was very challenging. There were a lot of positives and negatives to taking the Applied Cryptography.

Positives:

• The instructor cares about the material and is very knowledgeable. Sasha actually conducts her own office hours (in addition to the TA-led OH), which seems to be somewhat of a rarity in this program!
• The TAs are okay on the whole, but I want to acknowledge George for his notes and knowledge, and Jiahui for being the most responsive on Piazza
• The programming projects are interesting and relevant, and the non-programming homework assignments provide a good opportunity to apply the material and learn; I feel the homework assignments were the best part of this class, and where most of the learning actually happened

Negatives:

• The grading process can make it hard to know where you actually stand; everything is graded on the standardize function in Excel with the mean being an 85. .5 STD above the mean is an A, and .5 below is the cutoff for the Cs (I think?). If your grades are a bit all over the place, good luck figuring out if you're on the right or wrong side of a cutoff! Additionally, midterm grades weren't back until after the drop deadline (not an issue for me, but was an issue for some classmates)
• One more grades thing - the weighting can be tough; the two exams count for 30% each, HWs 25%, and Quizzes 15%; it would be good to see HW weighted a bit more heavily in the future!
• The quizzes can be absolutely brutal, as can the multiple choice questions on the exams.
• While cryptography is foundational to security, this level of depth won't apply to many jobs and roles; subjectively, this wasn't a class I was super into, which made it that much harder
• There were a couple occasions where posts would go unresponded to on Piazza for an extended period of time

Overall, if this wasn't a mandatory course, I would have skipped it. I don't anticipate needing most of the knowledge gained in the future, though if this type of material does come up again at least I've seen it once at this point.

I would recommend Applied Crypto. I enjoyed the class though I'm a bit biased as the cryptography concepts covered are quite relevant to my work. Though the class does have a good bit of theory and math, I think it is also quite practical. The content also seems to be pretty up to date with the current state of the art. One of the TAs for the course has put out notes that are SUPER helpful and make digesting the material and writing exams much more pleasant.

I took this course despite the negative reviews for it on here, and I'm glad I did. I learned a lot about cryptography over the semester and felt that the assignments (specifically the homework assignments) were interesting and challenging.

Background: I have an undergrad degree in mathematics, and I work in information security (although not in cryptography). This is my fourth class in the OMSCS program (taken concurrently with another course this semester).

Pros: The content was very interesting and engaging. I feel like the professor did a good job explaining it in the videos, and I also think that the homework assignments reflected the information by requiring proofs for novel problems that are based on the lectures. I don't feel as though anything in the course was particularly unfair: if you meet the pre-reqs in the course catalog, you should be equipped to complete the assignments and exams, especially if you put in the work. I did not need to perform "extra research" as mentioned in other reviews: watching the lectures and taking notes on them was enough.

Cons: There were times throughout the semester where Piazza had a number of unanswered questions from students for a few days at a time. The grading system is opaque and based on a curve: it is difficult to gauge where you stand in terms of a letter grade at any point during the class. Homework assignments take a while to be returned.

Overall, if you have a background in / understanding of mathematics (especially number theory and probability) and are interested in learning more about cryptography from an academic standpoint, I would recommend this class.

I created an account just to mention how much I disliked this class. I've taken another cryptography course at a different school in my undergrad but performed mediocrely. I hoped to take this course to solidify what I learned in the previous course (or vice-versa), but ended up completely regretting enrolling in this course. As others have stated, this course is taught at a high level, and you are expected to do some external research to stay afloat.

The information taught in lecture is bare-bones compared to what is expected for homework and the exams. I am aware that people have reached out to the TAs for help for certain questions on assignments on Piazza, but unfortunately the TAs never make any of those posts public (my own fault for not reaching out myself, though I've managed to get by). That being said, there is little in the way of examples for proofs or questions in the lectures, so I've always felt unprepared for homework/exams. We aren't taught how to question proposed encryption/signing schemes or offered some intuition as to how to approach these problems. Like I said, it seems we are very much expected to pour hours into research (but also aren't provided alternative resources to look through).

The BlueJeans sessions are moderately helpful ONLY IF George is leading the session. He provides commentary to actually get you to understand the material, as well as some written explanation for more visual learners. Professor Boldyreva is very unapproachable, offering condescending remarks if you ask about something you don't understand ("did you not watch the lecture video?"). To put it bluntly, she makes you feel stupid for even asking questions or proposing alternative solutions. Her explanations of solutions also feel incomplete or maybe under the assumption that we understand the background concepts completely.

I also have a qualm with the "standardized grading" scheme that the professor uses, since it guarantees that the bottom 20% or so of the class is guaranteed to fail. People enrolled in the program are working full-time and are not at the bottom 20% for a lack of trying (I suppose it is more fair than failing the entire class, given the average for the midterm was ~71.75%).

Overall, I would not recommend this course at all, unless you have the time to do a lot of external research and are okay with only higher-level lectures with limited examples.

Admittedly, I did come out of the course learning a lot about cryptographic schemes, and definitely have a better understanding of how cryptography is applicable in the real world than before, but a moderate understanding the higher level material is meaningless during the final/midterm where intuition and some experience with proofs is necessary.

My only qualm about this class is that I would call it "Theoretical Cryptography" (at least compared to some of the other classes at OMSCS) . The first half of the class is mostly proving the insecurity of symmetric encryption schemes. Includes a coding assignment to implement a hash extension attack using python.

The second half is learning number theory and then similar to the first, proving the insecurity of asymmetric encryption schemes. Includes a coding assignment to obtain a secret key from a digital signature.

If you are comfortable with math, this is not a difficult class, as it is mostly a math class. It is very well run. The lectures are great, the professor is active in Piazza and holds weekly office hours. The TAs do weekly quiz/HW reviews and are active in Piazza.

The exams are open book, weekly quizzes based off lectures, and HW every other week. Be sure to use https://teapowered.dev/assets/crypto-notes.pdf as a resource - written by a current TA and allowed on the exams!

This is a great class for anyone interested in the mathematical concepts behind symmetric and asymmetric cryptography. This is a very theoretical course, more than I was expecting. This is not a bad thing just something to keep in mind if you are considering taking it. It does not go into exactly how AES works specifically for example, but goes in depth on how we can prove that certain symmetric schemes which AES is built from are indeed secure.

I also enjoyed the pace of the course. It is different from other classes that are project heavy with AC having weekly MCQ quizzes and almost bi-weekly homeworks. If you can keep up with the homeworks and quizzes and do the practice midterm/final then you should be fine.

As background, I'd previously worked through Dan Boneh's crypto 101 course and bounced off his book a few times. The material is complicated enough that I wanted to work through it with others.

To that end, I loved the course and community around the course.

Briefly, the course is divided into halves: first symmetric encryption (where parties share a key) and then asymmetric (where they do not). Each half starts at the basics in that area and slowly builds to more and more complicated systems.

There are weekly quizzes which are somewhat annoying but the bulk of the learning happens around the 'homeworks', which are often some variation of "here's a scheme, prove its insecurity". It's encouraged to work through these problems in a small group, which was great. Finding attacks often involves some element of intuition, and it may often be the case that you'll see that spark for one problem, and a group-mate will see it for another.

Exams are similarly structured to the homeworks but somewhat easier, which is good, since "write 3 proofs in 2 hours" is stressful enough on its own. At least exams are open book, so you don't need to bother memorizing the AES construction or something.

While the material is in some sense inherently difficult, there are a lot of resources provided to help you get up to speed: the lecture videos themselves which are quite comprehensive, several detailed student-created lecture notes, and two books with parallel material if you care to dig in deeper. And at least in the case of Fall 2020, the student community in the slack channel was also very helpful if hyperactive at times. <3 from Mystery

Ideally you'll come out the other side of this class with a good understanding of cryptographic schemes as used in practice and an intuition for identifying flaws and insecurities in cryptographic schemes.

My background: OMSCS student. I do software engineering for my day job which is unrelated to security and cryptography.

Contrary to others who find this course hard, I find it manageable(~94% overall). I took this class and computer vision together while working. I found computer vision to be the more time consuming one with a lot of parameter tuning.

It is possible to team up for assignments but I found doing everything individually very rewarding. I generally spent entire alternative weekends watching crypto videos and doing assignments. Assignments can all be completed in less than one day.

The courses are short and concise(In fact, I think that the lectures are so short that the professor recorded videos and then make them two times slower so as to bring lecture time to reasonable range). However, the class also skipped some details which the professor believed to be not important). Rewatching lectures are very important. The concepts seem very hard in the beginning but it will all make sense eventually if you watch it many times. I did not have time to read lecture notes unfortunately due to my packed schedule. However, I did watch some coursera crypto videos and find those to complement this class well. For example, AES/DES was not explained in this class; Merkle damgard is also not explained in this class but both are well explained in the coursera class.

Overall, I think that this is a solid course but it is also very basic. The lectures give basic coverage of modern cryptography and even on how to make random number generators. The first half of the course is more proof heavy which is good. However, for the second half, there is not much proofs probably because of gap in number theory(harder if missing background). I wish there could be optional videos on the number theory facts that professor presented. Everything is in the lectures note though so a hardworking person who can finish the lecture notes must be able to get a lot out of it.

I hope that there are more advanced contents covered and we spent less time using formal security definitions/wording but more time on building intuition and scaling those up. While formal definitions are important, most people will never use it. However, understanding problems and evaluating solutions can generally be very helpful.

This course was conjectured to be an interesting course. But I have finally taken it and can say yes it is an interesting course. The first half covers symmetric encryption about PRF'S, MAC,HMAC, INDCCA, INDCCP, UFCMA, etc... Interesting topics can get challenging really quick. But those concepts are applied to the second part of the course of asymmetric encryption alongside some number theory which isn't bad.

The quizzes in the first half were tricky but that is the case granted with most true/false. Second half the quizzes were the same little tricks in the questions just need to make sure you read what is being asked.

The homeworks you get to be in a group form a good group to bounce ideas off of the homeworks ar very important in the class. 2 coding homeworks rest are short response.

The exams are tough long and wordy you need to be able to dissect the material they want quickly on the exams or you will be up the creek without a paddle on them. Practice practice problems be collaborative on slack and piazza remember this class is hard do not stress but learn from others.

The TAs are all basically absent except George and Yunna. To be honest the rest shouldn't be part of the course there are much better TA options for potential TAs this semester in our course who would love to do it and actually engage with the students which is cool in an online program.

Professors Office Hours are great shes smart, has a sense of humor and has cool stories you should ask her about Patagonian cypress trees when she has them up haha!

The worse part of this course was kind of towards the end it took roughly a month for them to grade homework 5 and the final exam didnt allow for regrades for them to understand our gradescope submissions. If they didn't wait so long to start grading they could have had the results sooner and done regrades.

Alas i am done with the course but thank you for reading this and despite my last paragraph the course content is great i really hope the professor does eventually a 2nd part to the course or a little quantum shes super smart and really is passionate about the subject.

This course was boring and a total waste of my time.

Material:

The videos don't teach anything. Things seem to appear like magic, and the professor never explains. I don't understand how they expect that we learn how to solve the problems if they never present a clear methodology.

Assignments:

The only good assignments were the programming assignments; everything else is just recycled garbage.

Exams:

The exams will not test anything presented in the videos; they set the students for failure on purpose.

Quiz:

Just trick questions to lower you grade.

Instructor / TAs:

Good luck getting yelled at when asking a question during OH. For the final exam, they did a poor job, sloppy and unethical.

This is a very challenging class. You’ll need to watch all the video lectures (some multiple times), read the lecture notes and the crypto notes (from the TA George Kudrayvtsev) and possibly extra reading/resources on the side. You’ll also need to attend office hours and ask a lot of questions.

I thought the quizzes were a bit unfair and very difficult. The homework is challenging but you can work in groups of three which was helpful. There are two exams and they’re both challenging.

I think for our class of around 120 students, 30% will get an A which is something like a final grade of 80% or greater. One quiz and one homework assignment are dropped which is helpful.

I have to mention the TA George Kudrayvtsev who is a rockstar and was so helpful during the semester. He’s brilliant, very professional, and did an exceptional job supporting this class.

Professor Boldyreva is brilliant and very knowledgeable in her field. I appreciate that she held office hours and was active on Piazza. There was a little disconnect at times when people asked questions but I think she may have gotten some feedback on this and tried to do better.

You’ll probably be exhausted towards the end of this class. Just stick with it and ask a lot of questions. Good luck!

My 7th class in the program and favorite so far. In fact, this is my favorite course in my entire academic career. I have always perceived cryptography as an extension of information security. To me information security is a boring accumulation of obscure knowledge and hacks.

Applied Cryptography isn't about arcana and gotchas. It provides a beautiful framework to build secure applications that are changing the world. The math is challenging but not impossible and is frequently beautiful. You will struggle in this class if you have not taken discrete math or took it so long ago you have forgotten combinatorics, proofs, and modular arithmetic. I redid discrete mathematics concurrently with this course.

Dr. Sasha's lectures are excellent. I found the Slack channel very helpful full of wonderful, funny nerds. My best moment was finally grasping Galois Fields.

We had a wonderful TA in George Kudrayvtsev (yes, that George!). Who was extremely responsive on Slack and Piazza.

My greatest gripe about this course is that there isn't second part to it. It is an introductory course to crypto. It does not cover elliptic curves, zero commitments, or zero knowledge proofs. AC II is really needed.

The course content is really quite fascinating, I won't retype all of the positive things that have already been said in previous reviews, but I agree with them.

The professor was unable to communicate the ideas in an intuitive way. I found myself resorting to free material on the internet (Khan Academy) to figure out what was actually going on. Basically, she will jump straight into the mathematical steps without actually explaining the gist of it. Other issues that previous reviewers have stated are true and accurate (i.e. unexplained syntax, etc). The material in this class fails to abide by principals taught in any entry-level technical writing class.

I would still recommend taking it. I feel that the feedback to the professor is fairly universal, and I hope that she will take the feedback and improve, because she is a brilliant cryptographer. I can only imagine that the course will continue to improve, so it's likely that you'll have a better experience than what we had. That being said, expect to spend significant amounts of time outside of the course material provided. You'll likely have to look things up on your own a lot.

Re the review @ 11/20/2020, 3:51:23 PM: To insinuate that the previous negative reviewers were "salty" because they didn't want to use their brain is both immature and elitist. These previous reviewers are intelligent people with very valid concerns about this class. It was genuinely low quality.

DO NOT MISS THIS COURSE!!

Do you like Math? Do you dig puzzles? DO YOU LIKE USING YOUR BRAIN ONCE IN A WHILE?

If yes, this class is perfect for you! If you answered "No" to any question, but especially the last, don't ever think of taking this class. You will be as salty as the reviewers below.

I am currently in the class and this is my 4th course in the program, and it is a very good course.

The Subject

This throws off many people who come in expecting to learn about the intricacies of AES or SHA-3. Sorry, no cookies for you!

Applied Cryptography courses in every reputed university cover the theoretical basis for cryptography - how to build a scheme from secure building blocks and how to prove security. This means the content is very theoretical and mathematical, as it should be. What the others forgot to mention is it is AMAZING stuff.

Also, why the hell are you trying to learn in a graduate level course something you can look up for free in an RFC on the internet?

Lectures
The lectures are very crisp, and cover all the math you need for the course itself. You may have to watch some of them multiple times to understand, but they are really well done.
Use George's notes as reference, they are very useful and well-written and worth their page count in money, but luckily they are free (you can donate to him if you like).

The Grade

Quizzes
Quizzes are weekly. 4-5 questions, take less than 5 minutes to do. Some questions are tricky but you could lose a lot of points and still do well overall since they have a low weightage.

Homeworks
Homeworks are usually 4 problems and due every other week approximately, with one week time to work on them. All HW and quiz solutions were discussed in OH's which was good.
There are 2 coding projects. The first one was more fun than the second, and first took me 7 hours, second took me maybe 2. Hoping they will add more in the future.

Exams
The exams have questions that look similar to the quizzes and homeworks combined (but problems easier than the HWs). Not easy, but ok.

The People

Instructors
The professor knows her subject and is interested in teaching; but she is also not good at interacting with people, and she sometimes comes across rude or condescending and makes it hard to ask her questions confidently.
Thankfully, George is a very helpful TA. I don't know who the other TA's are, didn't see them around much.

Piazza
The Piazza was useful- Sasha and George and some of the students answered very promptly, but it was not noisy like some other classes.

Slack
This was a problem because it was very noisy and some students got too active on the Slack channel while not even discussing crypto, so I had to stay away.

General Tips

1. Like somebody else pointed below, you are allowed to form Homework groups of 3, definitely do that and try to get the smart ones on your group.
2. As with any class, be smart and start early. If you start late, you will probably whine.
3. Stay away from the Slack if you are busy or if you hate wasting your time

I really liked this class, but I'm a long time security and math geek. If you have taken CCA, IIS, NS, SCS, ICPSS, and liked them, then you will like this one, too.

Not recommended for your first class focusing on security or math.

I agreed with everything the other Fall 2020 reviewer said at 11/20/2020, 12:09:44 PM.

This is my 10th class and my first review.

I've taken 12 courses in the OMSCS program and this course was one of the more enjoyable & intellectually stimulating ones.

Material:

• Videos were very organized and succinct; they were not too long and drawn out like other courses
• Personally I felt it was at the right level of rigor; it wasn't overly theoretically (e.g. always gave motivation and intuition for security definitions, and did not dive too deep into number theory or group theory, etc.)

Assignments:

• Good length and coverage (usually ~4 medium length written questions); no busy work
• Challenging enough to be interesting

Exams:

• Open book and were basically an easier version of the assignments
• The new Honorlock system was a shitshow for the midterm since it was the first time they were using it I believe

Instructor / TAs:

• TAs are amazing and very helpful
• Prof can be a bit confrontational but I think she's genuinely trying to help; it makes for pretty entertaining office hours lol

Overall I thought it was a great course. The most important thing for this course is probably "mathematical maturity", i.e. being able to understand and write proofs.

The class syllabus details that a 60 is considered a B even after eliminating the lowest grade for 1 quiz and 1 homework.

That should be a clear indication on how bad the class is an how little students are really learning, personally as a professor I will not feel proud of this.

She is really knowledgeable indeed, but is horrendous as a teacher.

This class is great if you are following a career in academia, but is pure theoretical concepts which adds zero value for work at all.

Worst is that the same professor has been teaching the class for close to 10 years now with the same CS-6260 name, yet the reviews here are all from year 2020 as they deleted all the previous reviews as they were terrible.

Pretty clever Gatech, but people do notice....

Things I liked:

• The material was very interesting and exciting to learn. I think this subject has actually been my favorite out of all 6 OMSCS courses I've completed so far.
• The homework assignments were an appropriate level of difficulty and reinforced concepts taught in the lectures. They were challenging enough that I felt rewarded when I finally figured out the answer.
• Office hours were held regularly (and importantly, recorded) to help students understand answers to past assignments and clarify expectations about the current assignments.
• The professor and TAs were active on Piazza.
• The overall workload and pace of the course is good. I didn't feel overworked but I also didn't feel bored.

Things that could be improved:

• The media player (on mediaspace.gatech.edu) does not remember my playback speed preference, so I have to set it to 1.25x for for every single video (about 20 per module usually). This is a small thing but is really annoying.
• In other OMSCS courses, the lectures are more interactive, i.e. they have occasional quizzes and challenges embedded. However, all of the lectures for this course are entirely pre-recorded videos. I prefer having the more interactive lectures as I find they keep me engaged. This might be a limitation of the video platform (Udacity vs GT Mediaspace).
• There were some minor hiccups with Canvas, e.g. assignments having incorrect dates and not opening at the correct times. I'm sure this will improve in future iterations of the course.
• It would have been interesting to learn more about current trends in cryptography in both industry and research. There was a section in the last lecture which listed topics we didn't cover: secure multi-party communication, merkle trees and blockchain, and post-quantum crypto — I would've loved to learn more about those topics.

Regarding some of the other reviews that describe the instructor or TAs as "defensive" or unhelpful — I did not feel this way — quite the opposite. They did a good job clarifying assignments when necessary and being responsive on Piazza and office hours.

I was really looking forward to this class, until it started. Then I was really looking forward to it ending. Thank the gods that it is done. I knew that it was going to be difficult when the syllabus listed 81-100 for "A", 61-80 for "B", and 41-60 for "C". Ouch.

This was the most difficult, challenging, and frustrating class I have taken so far.

The class seemed very long on theory, and very short on practice. I watched every lecture at least twice, spent hours reviewing the lecture notes and still would get tripped up by tricky wording on the quizzes.

It was disappointing to me that all of the office hours happened during normal working hours. That's probably entirely sensible and practical for traditional students, e.g. full-time graduate students, but definitely not the greatest for a person working a normal work week.

This is a great course. The professor really knows her stuff, OH are offered regularly by the prof and TAs. The professor does a really good job simplifying difficult concepts and making lectures fun and easy to follow. Highly recommend this course if you have some interest in cryptography and the math behind it.

This is a theory course. You will need a good understanding of discrete math and basic probability. Expect to spend a lot of time writing and/or analyzing proofs of security/insecurity. The course does not have any programming assignments except for a short exercise in the last homework. I found the homework assignments challenging but not overly difficult. If you do well on them, you should be well prepared for the exams. The weekly quizzes (true/false/multiple choice) can be a challenge because they are worded in a way to test that you deeply understood the material.

This was the first semester the course was offered to OMS, so there were some hiccups in terms of the timing of releasing assignments and lectures, but I expect that will not be a problem in future offerings.

Overall, I spent an average of 7 hours per week on this course, with a low of 3 hours and a high of 11 hours.

Easy to get B, hard to get A.

It should be 'theory of Cryptography' not applied cryptography, which makes me lost interest and ends up taking around 1 hour to watch lecture videos, do the quiz every week, and spend another 5-10 hours finishing the homework.

Advisor was very responsive but also defensive.

The second part is more interesting than the first part in my opinion.

It's an OK class, if you are interested in the background and theory, you should take it.

Update: For the final writing part they graded very generously.

I really enjoyed this course. It wasn't as "applied" as I was expecting, with only one short coding assignment, but I feel like I learned more than in any class I've taken so far. Expect to do a lot of proofs of security and breaking cryptographic schemes that sound reasonable but are inevitably very flawed. IMO this course is challenging mentally, but not so hard on the workload scale. Very much would recommend.

If you think you might be interested in this class, look through Boneh and Shoup's free online textbook "A Graduate Course in Applied Cryptography". It's a recommended resource for this class, and it gives you a feel for what you can expect from an applied crypto class. I think it surprised some people that there are a lot of math and proofs involved. The closest class I can think of for comparison would be Graduate Algorithms.

In my semester, the final grades were split (nearly) equally between the homeworks, quizzes, the midterm, and the final. The homeworks were usually a few written problems (often proving schemes insecure) which ranged from medium to quite challenging. The quiz questions were usually True/False (sometimes multiple choice), but required a pretty good grasp of the material in order to do well on them. The midterm and final were mixtures of written problems (similar to homework) and multiple choice (similar to quizzes).

The professor and TAs were very available and helpful. There were multiple office hours a week, and the professor answered lots of questions personally. I have not seen that before in OMSCS. I have seen some people say they thought the staff was unhelpful or even condescending, but I did not feel that way at all.

This was my last course in the OMSCS program, and it was my favorite. I also found it to be the most difficult (although not the most time consuming) - more so than GA, ML, or CV. However, I felt the challenges were fair. My only complaint about the class was that some logistical issues were not completely worked out in the first semester when I took it.

Tips:

• You're allowed to get into groups of three to do the homeworks. DO THIS. I did not for the first homework, and it was my worst grade (luckily they dropped the lowest homework and quiz). There was a problem or two that was difficult enough that I may not have gotten the answer without three people thinking about it.
• Print out the lecture slides and take notes on them as you watch lectures. I started doing this based on advice from someone in Piazza and it greatly improved my quiz grades. This is also useful for the midterm/final, since you can use your notes. You'll end up with a big stack of paper at the end, but it's worth it.

The course is as practical as modern cryptography can be, it doesn't go deep into details of actual protocols implementation, but gives a good understanding of high-level ideas and schemes. After the course, abbreviations SSL, HMAC, RSA, CA, SHA, etc. became more concrete and meaningful. Some people complain it's not applied enough, but really, have you expected to invent a new practical secure schema in 3 months?!

The lectures and slides by professor Sasha Boldyreva are extremely well structured and easy to follow, all topics are explained in detail and lectures are enough to understand 95% of the material. Dr. Boldyreva is active on Piazza forum and shares engaging facts about the state of the art in lectures.

HWs are from medium to challenging and mostly math on paper, only last HW is a simple script to break the public signature algorithm. All math needed for the HWs are given in the lectures, you just need to juggle with the theorems and facts. You are allowed to discuss the HWs with 2 people and I recommend finding collaborators on Piazza ASAP, an extra pair of eyes won't hurt.

It was the first semester they did it as a MOOC, and I wish HW/Tests/Exams were schedule more in advance, but it shouldn't be an issue in the next terms.

The instruction and course material in this class are so far below what I experienced throughout this program it is almost laughable. The funniest part is this is not applied crypto in any way. Zero. It is total theory and mathematical proofs. I love math. I hate this course.

To say the instructors are "standoff"-ish is put very politely. Did I say laughable? I meant infuriating.

I would say avoid this course but as it is required I would suggest taking it over summer to get it over with as quickly as possible. Good luck!

I took this course at the same time as Reinforcement Learning and the difference in quality of the courses is insane.

This instruction team is incredibly defensive and inadequate. Expect frequent piazza non-answers such as "I think the homework instructions are clear" from the professor. Good luck sorting through the random mix of messages from canvas, piazza, emails, announcements on both platforms etc. trying to find anything you're looking for. I spent over 30 minutes looking for office hour recordings at one point.

The lectures are unlabelled and impossible to sort through. The assignment due dates keep changing because the instruction team can't seem to release homework on time. It seems like everyone here's first time using Piazza and Canvas. Maybe they'll get better.

All that being said, the material isn't incredibly hard. I found myself spending 10 to 15 hours per week on the homework and the midterm is open note. Make sure to print screen captures of the things written on slides during the lecture that aren't included in the PDFs for the midterm.

Pros: This was a very interesting class, the professor is knowledgeable and explains the concepts well. The homeworks were interesting, challenging, and helped reinforce the concepts. The TAs and Professor were both active on Piazza.

Cons: The quizzes were worded quite trickily at times, almost Joyner-esque, but they weren't open book so it was an extra challenge. The only other Con was a result of this being the first run of the course, some things were a little disorganized, but they'll almost certainly be fixed for next semester and the Professor was very quick in rectifying the few hiccups we encountered.

Overall, a great class that I would take again.