Project Description
Obiettivi
Programma
attacks to TLS with CBC (BEAST); attacks to TLS messaging (padding oracle, side channel attacks); attacks to TLS compression (CRIME), attacks to TLS session integrity (truncation attack), attacks to TLS handshake (renegotiation attack); key derivation hierarchy and PRFs, KDFs; comparative analysis with IPsec, VPN with IPsec, IKE. 4) advanced cryptographic approaches: trivial secret sharing, Shamir’ secret sharing, commitments and verificable secret sharing (Feldman, Pedersen); Secure Multiparty Computation based on secret sharing; Pedersen’s distributed key generation; linear secret sharing and access control matrices; threshold cryptography; threshold signatures and issues with threshold RSA (why Shoup’s construction); basics of elliptic curve cryptography; ECDH; ECDSA; bilinear maps (pairing based cryptography) and example constructions (Joux 3-way DH, Boneh/Franklin Identity Based Encryption, brief hints to Attribute Based Encryption). 5) miscellaneous topics: TESLA, Merkel Trees and their applications, further topics may be optionally addressed in dedicated talks by invited experts, depending on the year (touching selected aspects of system security, intrusion detection and network protection, security certification, etc).
The 6 CFU-course is organized in the following main areas:
1) basic cryptography and network security: attacks, countermeasures, security services, basic cryptographic constructions (stream ciphers, block ciphers and modes, hash functions, Merkle-Damgard Construction, NMAC and HMAC, pseudo random functions, key management, public key algorithms, digital signatures, etc);
2) authentication and network protocol support: basics, PPP PAP and CHAP and relevant extensions, one time passwords, EAP, authentication in 3G, RADIUS and relevant vulnerabilities; DIAMETER, Public Key Infrastructure;
3) in-depth analysis of TLS and IPsec: basics, handshake, key management with RSA, anonymous/fixed/ephemeral Diffie-Hellman and integration in TLS; TLS record; MAC and encryption composition (and vulnerabilities); attacks to TLS with CBC (BEAST); attacks to TLS messaging (padding oracle, side channel attacks); attacks to TLS compression (CRIME), attacks to TLS session integrity (truncation attack), attacks to TLS handshake (renegotiation attack); key derivation hierarchy and PRFs, KDFs; comparative analysis with IPsec, VPN with IPsec, IKE.