2DMI10 — Applied Cryptography — 2018

Teachers

Andreas Hülsing, MF 6.097a, e-mail a.t.huelsing@tue.nl
GPG-keys:

Default Schedule

Dates and time: Location:
Tuesday, 10:45 - 12:45 FLUX 0.01
Thursday, 13:30 - 15:30 AUD 10
Last lecture on Thursday, January 10th.

Lecture Videos

All lectures are recorded. The videos should be online the day after the lecture. You can find the videos at the TU/e Mediasite (videocollege.tue.nl) under TU/e lectures → (2) Computer Science → 2DMI10 (2017-2018).

Purpose

At the end of this course:

Topics

This course deals with modern applications of cryptography. Topics covered are These topics will be explained and failure cases and popular attacks will be pointed out.

Exam

This year examination consists of one written assignment and (for the first time) an exam. The written assignment will be to discuss a research paper in one of the topics covered in the course.
The assignment accounts for 1/2 of the final grade. The other 1/2 is your exam grade.
All papers must be submitted encrypted and signed by email.
The exam is scheduled for Monday, 21 January 2019, 13:30 - 16:30 in Gemini-Zuid, rooms 3A.12 and 3A.13.
The exam will be a short quiz about the contents of the course. The exam is closed book, however, you are allowed to bring one sheet of A4 paper, with hand-written notes on both sides.
As I was asked this several times: I will not ask you to write a proof (but I might ask about the concept of proofs).

Assignments

Resit

It is possible to redo the exam, the assignment, or both. If you want to take a resit, please write me an email, specifying which part you want to redo. The exam will most likely be replaced by an oral exam, depending on the number of people that register.

Lectures

Here you find for each lecture a note on what has been treated, the slides, and further literature for some topics.

Tuesday, November 13th

Lecture on PKI.
Slides: [pptx] [pdf]
Topics: PKI basics; X.509; PGP; Certificates; Trust Models; Direkt trust; Web of trust; Hierarchical trust; Certificate chain validation.
Further reading:
Remember to set up PGP for email. Starting next week I will not accept unsigned / unencrypted emails for this class anymore. My proposed solution is to use Thunderbird as email client together with the enigmail plugin. However, there exist workable solutions for all set-ups. Please test your set-up with fellow students (if you do not use the TB+enigmail set-up, preferably with fellow students with a different set-up to test for compatibility!). Don't forget to upload your public key on a key server.

Thursday, November 15th

Lecture on PKI.
Slides: [pptx] [pdf]
Topics: PKI; X.509 Certificates; Revocation (CRL, OCSP, Novomodo); WebPKI (Incidents and counter measures).
Further reading:

Tuesday, November 20th

Lecture on IPsec and SSL/TLS.
Slides: [pdf]
Topics: Crypto on different layers of the network stack; IPsec; SSL and TLS.
Further reading:

Thursday, November 22nd

Lecture on Attacks on SSL/TLS.
Slides: [pdf]
Topics: SSLstrip, BEAST, CRIME, BREACH, POODLE, FREAK, Logjam, ...
Further reading:

Tuesday, November 27th

Lecture by Lorenz on elliptic curves.
Notes: [pdf]
Topics: Edwards curves, other curve forms, point counting, security, weak classes, projective coordinates.
Further reading:

Thursday, November 29th

Lecture by Lorenz on elliptic curves.
Notes: [pdf]
Topics: Pairings, immediate consequences (transfer attacks, DDH solving, BLS signatures), pairings from elliptic curves (torsion subgroups, Weil pairing and modified Weil pairing), types of pairings.
Further reading:

Tuesday, December 4th

Lecture on security of in use RSA signature schemes.
Slides: [pptx] [pdf]
Topics: Attacks on textbook RSA signatures and variants; existential unforgeability under adaptive chosen message attacks; the random oracle model; full domain hash; RSA-PFDH with secruity reduction in ROM.
Further reading:

Thursday, December 6th

Lecture on identity-based cryptography.
Slides: [pdf]
Topics: Identity-based cryptography, models for IB signature schemes (IBS) and encryption (IBE), generic construction for (IBS), Shamir's IBS, ind-id-cca/cpa, Boneh-Franklin IBE, security reduction for BF-IBE.
Further reading:

Tuesday, December 11th

Lecture on electronic cash.
Slides: [pdf]
Topics: Blind Signatures, RSA Blind Signatures, Chaums eCash (online, offline), Bitcoin.
Further reading:

Thursday, December 13th

Lecture on anonymity networks.
Slides: [pdf]
Slides part 2: [pptx] [pdf]
Topics: Dining cryptographers, mix nets, Tor; Zero-knowledge proofs
Further reading:

Thursday, December 14th

Lecture on private social communication.
Slides: [pdf]
Topics: Secure chat protocols; OTR, mpOTR, SCIMP, Signal Protocol.
Further reading:

Tuesday, December 19th

Lecture on post-quantum cryptography.
Slides: [pdf] [pptx]
Topics: Quantum computation; conjectured quantum-hard problems; multivariate, code-base, lattice-based crypto; hash-based signatures.
Further reading:

Tuesday, January 8th

Lecture by Mina Sheikh Alishahi on Secure Multi-party Computation.
Slides: [pdf]
Topics: Topics: Homomorphic encryption and application to different scenarios for MPC: love game, finding potential terrorists, face recognition, auction, distributed data clustering.
Further reading:

Thursday, January 10th

Lecture on Password Security and Password Hashing.
Slides: [pdf]
Topics: Different ways how to create passwords; dictionaries and rainbow tables; PBKDF2, bcrypt, scrypt, and Argon2.
Further reading:

Links


Latest modification: January 16, 2019.