2DMI10 — Applied Cryptography — 2015

Teachers

Andreas Hülsing, MF 6.146, e-mail a.t.huelsing@tue.nl
GPG-key: 152BFF2E
Fingerprint: BF9B D534 C876 99CA B62D 0E94 E2DE 5372 152B FF2E

Ruben Niederhagen, MF 6.146, e-mail r.niederhagen@tue.nl
GPG-key: CC0FAD03
Fingerprint: 795E 9F9C B476 2E3E ECDA F7E5 20F7 7DB0 CC0F AD03

Christine van Vredendaal, MF 6.100, e-mail c.v.vredendaal@tue.nl
GPG-key: 4BAFF310
Fingerprint: FDA6 0890 80ED 1F6D B6D3 69E9 5DDF 7EBD 4BAF F310

Default Schedule

Dates and time: Location:
Tuesday, 10:45 - 12:30 AUDITORIUM 14
Thursday, 13:45 - 15:30 AUDITORIUM 15
Last lecture on Thursday, January 7th.

Purpose

At the end of this course:

Topics

This course deals with modern applications of cryptography. Topics covered are These topics will be explained and failure cases and popular attacks will be pointed out. Depending on time and up to date developments the course might also cover private information retrieval, proofs of storage, quantum cryptography, post-quantum cryptography, and a 'bug of the week' section.

Exam

You have to write two papers, one in mid-term and one in the exam period. You will be asked to study some literature or a standard document, and report on that in written form. The first one will be on PKI, the second one on one of the other topics. In both cases there will be a list of topics from which you can choose.
The first paper has weight 1/3, the second one has weight 2/3.
All papers must be submitted encrypted and signed by email.

Assignments

Lectures

Here you find for each lecture a note on what has been treated, the slides, and further literature for some topics.

Tuesday, November 10th

Lecture by Andreas on security reductions.
Slides: [pptx] [pdf]
Topics: Attacks on textbook and PKCS#1v1.x RSA signatures; existential unforgeability under adaptive chosen message attacks; the random oracle model; full domain hash; RSA-PFDH with secruity reduction in ROM.
Further reading:

Thursday, November 12th

Lecture by Andreas on PKI.
Slides: [pptx] [pdf]
Topics: PKI basics; X.509; PGP; Certificates; Trust Models; Direkt trust; Web of trust; Hierarchical trust.
Further reading:

Tuesday, November 17th

Lecture by Andreas on PKI.
Slides: [pptx] [pdf]
Topics: PKI; Certificat chain validation; X.509 Certificates; Revocation (CRL, OCSP, Novomodo); WebPKI (Incidents and counter measures).
Further reading:

Thursday, November 19th

Lecture by Andreas on identity-based cryptography.
Slides: [pdf]
Topics: Identity-based cryptography, models for IB signature schemes (IBS) and encryption (IBE), generic construction for (IBS), Shamir's IBS, ind-id-cca/cpa, Boneh-Franklin IBE, security reduction for BF-IBE.
Further reading:

Tuesday, November 24th

Lecture by Ruben on IPsec and SSL/TLS.
Slides: [pdf]
Topics: Crypto on different layers of the network stack; IPsec; SSL and TLS: key exchange, PRF, cipher suits.
Further reading:

Thursday, November 26th

Lecture by Ruben on Attacks on SSL/TLS.
Slides: [pdf] FREAK attack fixed!
Topics: SSLstrip, BEAST, CRIME, BREACH, POODLE, FREAK, Logjam, ...
Further reading:

Tuesday, December 1st, and Thursday, December 3rd

Guest lectures by Jacob Appelbaum on Tor.
Slides: [pdf]
Topics: Tor overview: directory authorities, consensus, overlay network, metrics, ...
Further reading:

Tuesday, December 8th

Lecture by Andreas on electronic cash.
Slides: [pdf]
Topics: Blind Signatures, RSA Blind Signatures, Chaums eCash (online, offline), Bitcoin.
Further reading:

Thursday, December 10th

Lecture by Andreas on post-quantum cryptography.
Slides: [pdf] [pptx]
Topics: Quantum computation; conjectured quantum-hard problems; multivariate, code-base, lattice-based crypto; hash-based signatures.
Further reading:

Tuesday, December 15th

Lecture by Ruben on kleptography.
Slides: [pdf]
Topics: Kleptography in RSA, DH, and Dual EC.
Further reading:

Thursday, December 17th

Guest lecture by Dan Bernstein on DNSSEC.
Slides: [pdf]
Topics: The DNS security mess.
Further reading:

Tuesday, January 5th

Lecture by Ruben on OTR.
Slides: [pdf]
Topics: OTR and secure asynchronous chat; secure group chat protocols.
Further reading:

Thursday, January 7th

Lecture by Ruben on Password Security and Password Hashing.
Slides: [pdf]
Topics: Differnt ways ho to create passwors; dictionaries and rainbow tables; PBKDF2, bcrypt, scrypt, and Argon2.
Further reading:

Links


Latest modification: Jan 11, 2016.