Sunscreen Learning Plan

Month 1

Our goal in the first month is to ensure that you have a good foundation in public key cryptography and lattices. In looking at lattices, we may need to review parts of linear algebra (if rusty).

All of the following sections and problems should be completed in at most 4 weeks.

Intro to Mathematical Cryptography, 2nd edition.

• Chapter 1
  • Sections 1.2 - 1.5 (learning the basics of modular arithmetic and finite fields)
  • Problems: 1.19, 1.20, 1.23, 1.32, 1.34a-c
  • Solutions
• Chapter 2
  • Sections 2.1 - 2.5 (public key cryptography, discrete log problem, diffie-hellman)
  • Section 2.8 (chinese remainder theorem)
  • Section 2.10* (quotient rings, polynomials rings)
  • Problems: 2.3, 2.6, 2.9, 2.14, 2.19, 2.35
  • Solutions
• Chapter 4
  • Section 4.1 (digital signature intro)
• Chapter 7 (lattices)
  • Section 7.1 - 7.2 (intro and motivation)
  • Section 7.3 - 7.4 (linear algebra, lattices)
  • Section 7.5 (SVP/CVP)
  • Section 7.6 (Babai's algorithm)
  • Section 7.8 - 7.9 (GGH, polynomial rings)
  • Problems: 7.2, 7.5, 7.6a, 7.11a-c, 7.12a-b, 7.13, 7.17, 7.19, 7.20, 7.23a-b, 7.25
  • Solutions
• Chapter 8
  • Sections 8.1 - 8.3
  • Sections 8.9
• Chapter 6
  • Section 6.1 - 6.2 (basics of elliptic curves)
  • Section 6.3 - 6.4 (discrete log problem for elliptic curves)
  • Problems: 6.2, 6.5a-c, 6.8, 6.14, 6.16
  • Solutions

Month 2

FHE

• FHE, Part 1
  • Notes
• Microsoft SEAL Manual
  • Notes

1. Does sunscreen use relinearization? Yes, after each multiplication.
2. Does sunscreen leverage the SIMD/batching? Yes, optionally, but it's sort of a hidden feature right now.

• BGV paper (closely related to the BFV scheme)
  • Notes
• SoK: FHE Compilers
  • Notes
• SoK: Privacy-preserving computing in the blockchain era
  • Notes
• Virtual Secure Processor Courtesy of Rick
  • Notes not taken yet
• FHE compiler turns if-branches into branchless circuits
• FHE cannot leak any side channels. If it ever does, the whole scheme needs to be thrown out.
• Lattice crypto is less concerned with timing side channels than say modular exponentiation.

ZKPs

Onboarding with ZKPs is a little bit harder, I'd suggest working through the following (in listed order):

• Chapter 24 and 25 from Intro To Crypto
• Probabilistically Checkable Proofs I, II from here
  • Notes
• Succinct Aguments I, II from here

What's the relationship between privacy and blockchain?

• Zether paper, for understanding how you might concretely provide privacy on Ethereum
• ZK Whiteboard Sessions: Module 1 - 3
• zk-SNARKs for Zcash, would suggest working through Sections 1 - 7 (Homomorphic Hiding, Blind Evaluation of Polynomials, etc.)

ZKP Notes