Computer Engineering ([E]) 计算机工程方面
A general-purpose processor.
A general-purpose processor with instruction-set extensions.
A special-purpose processor (or co-processor).
a micro-controller (i.e. a sensor node)
an embedded or mobile computer (e.g., a mobile phone or PDA)
a laptop- or desktop-class computer.
Theoretical Computer Science ([F]) 理论计算机科学方面
Mathematical Background ([A,B]) 数学背景
Number 11：What are the DLP, CDH and DDH problems?
Number 12：What is the elliptic curve group law?
Number 14：What is a cryptographic pairing?
Basic (Practical or Deployed) Cryptographic Schemes and Protocols ([A]) 基本密码机制与协议
Number 19：Describe the Shamir secret sharing scheme.
Number 20：How are Merkle-Damgaard style hash functions constructed?
Cryptographic Implementation Details ([A]) 密码实现详情
Number 21：How does the CRT method improve performance of RSA?
Number 22：How do you represent a number and multiply numbers in Montgomery arithmetic?
Number 23：Write a C program to implement Montgomery arithmetic.
Number 24：Describe the binary, m-ary and sliding window exponentiation algorithms.
Number 25：Describe methods for modular reduction using "special" primes that define GF(p) and GF(2^n).
Number 26：Describe the NAF scalar multiplication algorithm.
Security Definitions and Proofs ([A,B,C]) 安全定义和证明
Number 27：What is the IND-CCA security definition for symmetric key encryption?
Number 28：What is the IND-CCA security definition for public key encryption?
Number 29：What is the UF-CMA security definition for digital signatures?
Number 30：Roughly outline the BR security definition for key agreement?
Number 31：Give one proof of something which involves game hopping
Number 32：Outline the difference between a game based and a simulation based security definition.
Mathematical Attacks ([A,B]) 数学攻击
Number 33：How does the Bellcore attack work against RSA with CRT?
Number 34：Describe the Baby-Step/Giant-Step method for breaking DLPs
Number 35：Give the rough idea of Pollard rho, Pollard "kangaroo" and parallel Pollard rho attacks on ECDLP.
Number 36：What is meant by index calculus algorithms?
Number 37：Roughly outline (in two paragraphs only) how the NFS works.
Practical Attacks ([D]) 实际攻击
Number 38：What is the difference between a covert channel and a side-channel?
Number 39：What is the difference between a side-channel attack and a fault attack?
Number 40：What is usually considered the difference between DPA and SPA?
Number 41：Are all side channels related to power analysis?
Number 42：Look at your C code for Montgomery multiplication above; can you determine where it could leak side channel information?
Number 43：Describe some basic (maybe ineffective) defences against side channel attacks proposed in the literature for AES.
Number 44：Describe some basic (maybe ineffective) defences against side channel attacks proposed in the literature for ECC.
Number 45：Describe some basic (maybe ineffective) defences against side channel attacks proposed in the literature for RSA.
Advanced Protocols and Constructions ([A,B]) 高级协议与构造
Number 46：What is the Fiat-Shamir transform?
Number 47：What does correctness, soundness and zero-knowledge mean in the context of a Sigma protocol?
Number 48：What is the purpose and use of a TPM?
Number 49：Describe the basic ideas behind IPSec and TLS.
Number 50：What is the BLS pairing based signature scheme?
Number 51：What is the security model for ID-based encryption, and describe one IBE scheme.
Number 52：Pick an advanced application concept such as e-Voting, Auctions or Multi-Party Computation. What are the rough security requirements of such a system?
Further Reading （进一步参考文献）
[A] Nigel's book is deliberately informal and tries to give quick flavours of what is important in theory and practice.
[B] The Katz Lindell book is a better formal introduction to modern theoretical cryptography but it is less good in its treatment of what is important in the real world (e.g. the coverage of AES, ECC, implementation, etc is quite limited).
[C] Goldreich's two volume book is a very good introduction to the deep theory, but deliberately does not cover practical cryptography.
[D] Elisabeth's DPA book is the best introduction to all things about side-channels.
[E] Dan's book is a good starting place for computer architecture and learning VHDL.
[F] Goldreich's book on complexity theory is a good place to start. Its approach is much more down-to-earth and sensible than other approaches (i.e. P vs NP is presented in terms of is it easier to check or find proofs?)