diff --git a/content/CSE4303/CSE4303_E1.md b/content/CSE4303/CSE4303_E1.md
index d134546..52e2829 100644
--- a/content/CSE4303/CSE4303_E1.md
+++ b/content/CSE4303/CSE4303_E1.md
@@ -374,12 +374,13 @@ New attacker model for multi-use keys (e.g. multiple blocks): CPA (Chosen Plaint
 
 ## Asymmetric key cryptography
 
-## Asymmetric crypto overview
+### Asymmetric crypto overview
 
 - Parties: sender, recipient, attacker (eavesdropping)
 - Goal: sender encrypts a plaintext to a ciphertext using a public key; recipient decrypts using a private key.
 
 #### Public-key encryption system
+
 - Def: a public-key encryption system is a triple of algorithms $(G, E, D)$:
   - $G()$: randomized algorithm that outputs a key pair $(pk, sk)$
   - $E(pk, m)$: randomized algorithm that takes $m \in M$ and outputs $c \in C$
@@ -387,9 +388,8 @@ New attacker model for multi-use keys (e.g. multiple blocks): CPA (Chosen Plaint
 - Consistency: for all $(pk, sk)$ output by $G$, for all $m \in M$,
   - $D(sk, E(pk, m)) = m$
 
-## Public-key building block: trapdoor function
-
 #### Trapdoor function
+
 - Def: a trapdoor function $X \to Y$ is a triple of efficient algorithms $(G, F, F^{-1})$:
   - $G()$: randomized algorithm that outputs a key pair $(pk, sk)$
   - $F(pk, \cdot)$: deterministic algorithm that defines a function $X \to Y$
@@ -397,7 +397,7 @@ New attacker model for multi-use keys (e.g. multiple blocks): CPA (Chosen Plaint
 - More precisely: for all $(pk, sk)$ output by $G$, for all $x \in X$,
   - $F^{-1}(sk, F(pk, x)) = x$
 
-## Symmetric vs. asymmetric security: attacker models
+#### Symmetric vs. asymmetric security: attacker models
 
 - Symmetric ciphers: two security notions for a passive attacker
   - One-time security (stream ciphers: ciphertext-only)
@@ -410,12 +410,13 @@ New attacker model for multi-use keys (e.g. multiple blocks): CPA (Chosen Plaint
   - Implication: public-key encryption must be randomized
   - Analogous to secure block modes for block ciphers
 
-## Semantic security of asymmetric crypto (IND-CPA)
+### Semantic security of asymmetric crypto (IND-CPA)
 
 #### IND-CPA game for public-key encryption
-- For $b \in \{0,1\}$ define experiments $\mathrm{EXP}(0)$ and $\mathrm{EXP}(1)$:
 
-- Experiment $\mathrm{EXP}(b)$:
+- For $b \in \{0,1\}$ define experiments $\operatorname{EXP}(0)$ and $\operatorname{EXP}(1)$:
+
+- Experiment $\operatorname{EXP}(b)$:
   - Challenger runs $(pk, sk) \leftarrow G()$
   - Challenger sends $pk$ to adversary $A$
   - Adversary outputs $m_0, m_1 \in M$ such that $|m_0| = |m_1|$
@@ -423,8 +424,9 @@ New attacker model for multi-use keys (e.g. multiple blocks): CPA (Chosen Plaint
   - Adversary outputs a bit $b' \in \{0,1\}$ (often modeled as outputting 1 if it "guesses $b=1$")
 
 #### Semantic security (IND-CPA)
+
 - Def: $E = (G, E, D)$ is semantically secure (a.k.a. IND-CPA) if for all efficient adversaries $A$,
-  - $\mathrm{Adv}^{\mathrm{SS}}[A, E] = \left|\Pr[\mathrm{EXP}(0)=1] - \Pr[\mathrm{EXP}(1)=1]\right|$
+  - $\operatorname{Adv}^{\operatorname{SS}}[A, E] = \left|\Pr[\operatorname{EXP}(0)=1] - \Pr[\operatorname{EXP}(1)=1]\right|$
   - is negligible
 - Note: inherently multiple-round because the attacker can always encrypt on their own using $pk$ (CPA power is "built in").
 
@@ -481,7 +483,7 @@ New attacker model for multi-use keys (e.g. multiple blocks): CPA (Chosen Plaint
 
 - Hardness assumptions:
   - Discrete log problem: given $p, g, y = g^x \bmod p$, find $x$
-  - Diffie-Hellman function: $\mathrm{DH}_g(g^a, g^b) = g^{ab} \bmod p$
+  - Diffie-Hellman function: $\operatorname{DH}_g(g^a, g^b) = g^{ab} \bmod p$
 
 ## Diffie-Hellman: security notes
 
@@ -568,29 +570,7 @@ A **Feistel network** splits a block into left/right halves and iterates rounds
 
 Feistel-based here: **DES, 3DES, CAMELLIA, SEED, GOST 28147-89 (and thus GOST89MAC uses a Feistel block cipher internally).**
 
-### A) Cipherlist *filters / set operations- (not crypto primitives)
-
-These don’t implement encryption or authentication; they just include/exclude suites.
-
-- **COMPLEMENTOFDEFAULT** — (selection) picks suites in `ALL` that are not enabled by default (notably RC4/anonymous, depending on build).
-- **ALL** — (selection) all suites except `eNULL`, in a default preference order (OpenSSL-defined ordering).
-- **COMPLEMENTOFALL** — (selection) suites excluded from `ALL` (currently `eNULL`).
-- **HIGH / MEDIUM / LOW** — (selection) groups suites by effective key strength class (OpenSSL policy buckets).
-- **TLSv1.2 / TLSv1.0 / SSLv3** — (selection) restricts to suites whose *minimum supported protocol version- is at least that value.
-- **SUITEB128 / SUITEB128ONLY / SUITEB192** — (selection) enforces "Suite B"-style constraints: only very specific ECDHE-ECDSA-AES-GCM suites and curves/hashes.
-- **CBC** — (mode selector) selects suites using **CBC mode** for symmetric encryption (confidentiality only unless paired with a MAC).
-
----
-
-### B) "No encryption" / "no authentication" flags
-
-- **eNULL, NULL** — **encryption/decryption: none**; **cipher method: N/A**; core idea: the record payload is not encrypted at all (plaintext).
-- **aNULL** — **authentication: none** (no peer authentication); **cipher method: N/A**; core idea: uses anonymous key agreement (no cert/signature), enabling MITM.
-- **ADH / AECDH** — **authentication: none**; **cipher method: N/A**; core idea: anonymous (EC)DH establishes a shared secret but without identity binding → MITM-friendly.
-
----
-
-### C) Key exchange and authentication selectors (not symmetric encryption, not MAC)
+### Key exchange and authentication selectors (not symmetric encryption, not MAC)
 
 These describe *how keys are negotiated- and/or *how the peer is authenticated*, not whether payload is a block/stream cipher.
 
@@ -610,12 +590,15 @@ These describe *how keys are negotiated- and/or *how the peer is authenticated*,
 
 ---
 
-### D) Symmetric encryption / AEAD (this is where "block vs stream" applies)
+### Symmetric encryption / AEAD (this is where "block vs stream" applies)
 
 #### AES family
 
 - **AES128 / AES256 / AES** — **encryption/decryption**; **block cipher**; core algorithm: AES is an SPN (substitution–permutation network) of repeated SubBytes/ShiftRows/MixColumns/AddRoundKey rounds.
-- **AESGCM** — **both encryption + message authentication (AEAD)**; **both** (AES block cipher used in counter mode + auth); core algorithm: encrypt with AES-CTR and authenticate with GHASH over ciphertext/AAD to produce a tag.
+- **AES-GCM** — **both encryption + message authentication (AEAD)**; **both** (AES block cipher used in counter mode + auth); core algorithm: encrypt with AES-CTR and authenticate with GHASH over ciphertext/AAD to produce a tag.
+- **AES-ECB**: Functionality is encryption/decryption (confidentiality only) using a block cipher mode; core algorithm encrypts each 128-bit plaintext block independently under the same key, which deterministically leaks patterns because equal plaintext blocks map to equal ciphertext blocks.
+- **AES-CBC**: Functionality is encryption/decryption (confidentiality only) using a block cipher mode; core algorithm XORs each plaintext block with the previous ciphertext block (starting from a fresh unpredictable IV) before AES-encrypting, which hides repetitions but requires correct IV handling and padding for non-multiple-of-block messages.
+- **AES-OFB** — **encryption**; both (stream-like); repeatedly AES-encrypts an internal state to generate a keystream and XORs it with plaintext, where the state evolves independently of the plaintext/ciphertext.
 - **AESCCM / AESCCM8** — **both encryption + message authentication (AEAD)**; **both**; core algorithm: compute CBC-MAC then encrypt with CTR mode, with 16-byte vs 8-byte tag length variants.
 
 #### ARIA family
@@ -647,7 +630,7 @@ These describe *how keys are negotiated- and/or *how the peer is authenticated*,
 
 ---
 
-### E) Hash / MAC / digest selectors (message authentication side)
+### Hash / MAC / digest selectors (message authentication side)
 
 These are not "ciphers" but are used for integrity/authentication (often as HMAC, PRF, signatures).
 
@@ -656,3 +639,5 @@ These are not "ciphers" but are used for integrity/authentication (often as HMAC
 - **SHA256 / SHA384** — **message authentication component** (HMAC / TLS PRF / signatures); **N/A**; core algorithm: SHA-2 family Merkle–Damgård hashes with different word sizes/output lengths (256-bit vs 384-bit).
 - **GOST94** — **message authentication component** (HMAC based on GOST R 34.11-94); **N/A**; core algorithm: builds an HMAC tag by hashing inner/outer padded key with the message using the GOST hash.
 - **GOST89MAC** — **message authentication**; **block-cipher-based MAC (so "block" internally)**; core algorithm: computes a MAC using the GOST 28147-89 block cipher in a MAC mode (cipher-based chaining). *(Feistel internally via GOST 28147-89)*
+
+> Latest version of cheatsheet distilled from this note.