Dennis Hofheinz: Catalogue data in Spring Semester 2022
|Name||Prof. Dr. Dennis Hofheinz|
Inst. f. Theoretische Informatik
ETH Zürich, CAB E 78
|Telephone||+41 44 632 40 29|
|252-0211-00L||Information Security||8 credits||4V + 3U||D. Hofheinz, S. Krstic, K. Paterson, J. L. Toro Pozo|
|Abstract||This course provides an introduction to Information Security. The focus|
is on fundamental concepts and models, basic cryptography, protocols and system security, and privacy and data protection. While the emphasis is on foundations, case studies will be given that examine different realizations of these ideas in practice.
|Objective||Master fundamental concepts in Information Security and their|
application to system building. (See objectives listed below for more details).
|Content||1. Introduction and Motivation (OBJECTIVE: Broad conceptual overview of information security) Motivation: implications of IT on society/economy, Classical security problems, Approaches to |
defining security and security goals, Abstractions, assumptions, and trust, Risk management and the human factor, Course verview. 2. Foundations of Cryptography (OBJECTIVE: Understand basic
cryptographic mechanisms and applications) Introduction, Basic concepts in cryptography: Overview, Types of Security, computational hardness, Abstraction of channel security properties, Symmetric
encryption, Hash functions, Message authentication codes, Public-key distribution, Public-key cryptosystems, Digital signatures, Application case studies, Comparison of encryption at different layers, VPN, SSL, Digital payment systems, blind signatures, e-cash, Time stamping 3. Key Management and Public-key Infrastructures (OBJECTIVE: Understand the basic mechanisms relevant in an Internet context) Key management in distributed systems, Exact characterization of requirements, the role of trust, Public-key Certificates, Public-key Infrastructures, Digital evidence and non-repudiation, Application case studies, Kerberos, X.509, PGP. 4. Security Protocols (OBJECTIVE: Understand network-oriented security, i.e.. how to employ building blocks to secure applications in (open) networks) Introduction, Requirements/properties, Establishing shared secrets, Principal and message origin authentication, Environmental assumptions, Dolev-Yao intruder model and
variants, Illustrative examples, Formal models and reasoning, Trace-based interleaving semantics, Inductive verification, or model-checking for falsification, Techniques for protocol design,
Application case study 1: from Needham-Schroeder Shared-Key to Kerberos, Application case study 2: from DH to IKE. 5. Access Control and Security Policies (OBJECTIVES: Study system-oriented security, i.e., policies, models, and mechanisms) Motivation (relationship to CIA, relationship to Crypto) and examples Concepts: policies versus models versus mechanisms, DAC and MAC, Modeling formalism, Access Control Matrix Model, Roll Based Access Control, Bell-LaPadula, Harrison-Ruzzo-Ullmann, Information flow, Chinese Wall, Biba, Clark-Wilson, System mechanisms: Operating Systems, Hardware Security Features, Reference Monitors, File-system protection, Application case studies 6. Anonymity and Privacy (OBJECTIVE: examine protection goals beyond standard CIA and corresponding mechanisms) Motivation and Definitions, Privacy, policies and policy languages, mechanisms, problems, Anonymity: simple mechanisms (pseudonyms, proxies), Application case studies: mix networks and crowds. 7. Larger application case study: GSM, mobility
|263-4651-00L||Current Topics in Cryptography |
Number of participants limited to 24.
The deadline for deregistering expires at the end of the second week of the semester. Students who are still registered after that date, but do not attend the seminar, will officially fail the seminar.
|2 credits||2S||D. Hofheinz, U. Maurer, K. Paterson|
|Abstract||In this seminar course, students present and discuss a variety of recent research papers in Cryptography.|
|Objective||Independent study of scientific literature and assessment of its contributions as well as learning and practicing presentation techniques.|
|Content||The course lecturers will provide a list of papers from which students will select.|
|Literature||The reading list will be published on the course website.|
|Prerequisites / Notice||Ideally, students will have taken the D-INFK Bachelors course “Information Security" or an equivalent course at Bachelors level. Ideally, they will have attended or will attend in parallel the Masters course in "Applied Cryptography”.|
|263-4656-00L||Digital Signatures||5 credits||2V + 2A||D. Hofheinz|
|Abstract||Digital signatures as one central cryptographic building block. Different security goals and security definitions for digital signatures, followed by a variety of popular and fundamental signature schemes with their security analyses.|
|Objective||The student knows a variety of techniques to construct and analyze the security of digital signature schemes. This includes modularity as a central tool of constructing secure schemes, and reductions as a central tool to proving the security of schemes.|
|Content||We will start with several definitions of security for signature schemes, and investigate the relations among them. We will proceed to generic (but inefficient) constructions of secure signatures, and then move on to a number of efficient schemes based on concrete computational hardness assumptions. On the way, we will get to know paradigms such as hash-then-sign, one-time signatures, and chameleon hashing as central tools to construct secure signatures.|
|Literature||Jonathan Katz, "Digital Signatures."|
|Prerequisites / Notice||Ideally, students will have taken the D-INFK Bachelors course "Information Security" or an equivalent course at Bachelors level.|