The pedagogical approach is anchored in formal definitions/proof of security, but in a way that I believe is more accessible than what is "traditional" in crypto. All security definitions are written in a unified and simplified "game-based" style. For an example of what security definitions look like in this style, see the index of security definitions (which will make more sense after reading chapters 2 & 4)
Author(s): Mike Rosulek
Publisher: School of Electrical Engineering & Computer Science Oregon State University,
Year: 2021
Language: English
Pages: 286
Review of Concepts & Notation
Logs & Exponents
Modular Arithmetic
Strings
Functions
Probability
Notation in Pseudocode
Asymptotics (Big-O)
One-Time Pad & Kerckhoffs' Principle
What Is [Not] Cryptography?
Specifics of One-Time Pad
The Basics of Provable Security
How to Write a Security Definition
Formalisms for Security Definitions
How to Demonstrate Insecurity with Attacks
How to Prove Security with The Hybrid Technique
How to Compare/Contrast Security Definitions
Secret Sharing
Definitions
A Simple 2-out-of-2 Scheme
Polynomial Interpolation
Shamir Secret Sharing
to Visual Secret Sharing
Basing Cryptography on Intractable Computations
What Qualifies as a ``Computationally Infeasible'' Attack?
What Qualifies as a ``Negligible'' Success Probability?
Indistinguishability
Birthday Probabilities & Sampling With/out Replacement
Pseudorandom Generators
Definitions
Pseudorandom Generators in Practice
Application: Shorter Keys in One-Time-Secret Encryption
Extending the Stretch of a PRG
to Applications: Stream Cipher & Symmetric Ratchet
Pseudorandom Functions & Block Ciphers
Definition
PRFs vs PRGs; Variable-Hybrid Proofs
Block Ciphers (Pseudorandom Permutations)
Relating PRFs and Block Ciphers
PRFs and Block Ciphers in Practice
to Strong Pseudorandom Permutations
Security Against Chosen Plaintext Attacks
Limits of Deterministic Encryption
Pseudorandom Ciphertexts
CPA-Secure Encryption Based On PRFs
Block Cipher Modes of Operation
A Tour of Common Modes
CPA Security and Variable-Length Plaintexts
Security of OFB Mode
Padding & Ciphertext Stealing
Chosen Ciphertext Attacks
Padding Oracle Attacks
What Went Wrong?
Defining CCA Security
to A Simple CCA-Secure Scheme
Message Authentication Codes
Definition
to A PRF is a MAC
MACs for Long Messages
Encrypt-Then-MAC
Hash Functions
Security Properties for Hash Functions
Merkle-Damgård Construction
Hash Functions vs. MACs: Length-Extension Attacks
Authenticated Encryption & AEAD
Definitions
Achieving AE/AEAD
Carter-Wegman MACs
Galois Counter Mode for AEAD
RSA & Digital Signatures
``Dividing'' Mod n
The RSA Function
Digital Signatures
Chinese Remainder Theorem
The Hardness of Factoring N
Diffie-Hellman Key Agreement
Cyclic Groups
Diffie-Hellman Key Agreement
Decisional Diffie-Hellman Problem
Public-Key Encryption
Security Definitions
One-Time Security Implies Many-Time Security
ElGamal Encryption
Hybrid Encryption
Index of Security Definitions
