Esecurity: secure internet & e-cash

Corresponding entry in Aachen Campus, Bonn Basis.

Responsible

Prof. Dr. Joachim von zur Gathen

Lecture

Michael Nüsken

Tutorial

Raoul Blankertz

Time & Place

Tuesday, 13³⁰-15⁰⁰, b-it bitmax.
Wednesday, 13³⁰-15⁰⁰, b-it bitmax.
Tutorial: Tuesday, 15¹⁵-16⁴⁵, b-it bitmax.

First meeting: Tuesday, 03 April 2012 at 13³⁰, b-it bitmax.

All times subject to agreement in class.

Exam

Exam: 27 July 2012, 10⁰⁰-13⁰⁰, b-it seminar room 2.1.

Post-exam meeting: probably 31 July 2012, 14⁰⁰, b-it cosec seminar room 1.25.

2nd exam (repetitions only): planned 27 September 2012, 14⁰⁰-17⁰⁰, b-it [room tba].

2nd Post-exam meeting: probably 16 October 2012, 10⁰⁰, b-it [room tba].

About handins, credits and boni

Of course, you know that solving exercises is vital to understand the topics of the course. As an additional motivation, you can earn credits with a small influence on your final mark. Note that to be admitted to the exam you need to earn at least 50% of the credits. Experience shows that you should try all exercises and tutorials. Students are encouraged to discuss the given exercises among each other. Still, every student has to write up his/her solutions on his/her own. Your solution has to be self-explanatory. Stating the final result is never enough.

You are encouraged to form groups to discuss and solve the exercises. However, you must formulate and write down the solutions individually.
Always hand in to .
Your solution must consists of
- either: a single attached, printable file, best a PDF,
- or: as text only in the mail body.
A printout of this single thing must contain your name. Your solution can only be graded if the name is on the printout readably.

(A zipped file is not printable and counts as many files!)

Please make sure that a printout is readable!
Make sure that you have uploaded your key to the keyserver according to the first part of Exercise 1.1.
Sign the entire mail including attachments. (It would be a lot of extra work to check extra signatures for attachments, as our tools do not automatically do that.)

The second part of Exercise 1.1 was to present *personally* a fingerprint of your signature (&encryption) key. From sheet 2 onwards the bonus for validly signed handins will only awarded when we trust your key. (This trust will be given after we've got your fingerprint; if we do trust your key we will sign it until Friday. You can check for our signature by updating your own key versus the keyserver.)
Usually do not encrypt.
Any encrypted mail to must be encrypted for Raoul and Michael.
Try to keep the size of your mail fairly below 5MB.

If you do follow these rules and we can easily verify your signature then you earn an extra credit (per sheet). Otherwise you earn a malus (per sheet).

Obvious: credits are awarded for solutions that arrive within the respective deadline. Any post-deadline submission may be ignored.
Admission and boni
- If you solved 50% of all corrected exercises, you are admitted to the exam.
- If you solved 70% of all corrected exercises, you earn a single bonus.
- If you even solved 90% of all corrected exercises, you earn a second bonus.
- If you pass the exam and the exam is not an oral one, your final mark will be increased by approximately one third point per earned bonus.

Notes

The screen notes (PDF 21.1MB) contain all handwritten stuff (last updated 11 May 2012, 17:32).

Exercises

Exercise 1 (PDF, last updated 04 April 2012, 16:54).
Exercise 2 (PDF, last updated 11 April 2012, 21:57).
Exercise 3 (PDF, last updated 18 April 2012, 18:32).
Exercise 4 (PDF, last updated 25 April 2012, 18:47).
Exercise 5 (PDF, last updated 09 May 2012, 16:10).
Exercise 6 (PDF, last updated 16 May 2012, 19:47).

Allocation

4+2 SWS, 8 credits. Optionally, 3+2 SWS, 6 credits.

Successful completion of the course yields 8 credit points. For students who only want 6 credit points, a breakpoint at about 3/4 of the teaching time will be defined, and only the course material up to that point will be relevant for their exams and grades.

Media Informatics: Computer and Communication Technology.
Recommendation for University of Bonn - Computer Science: A or A1, respectively.

Prerequisites

Basic knowledge in cryptography is needed, as for example the course Cryptography held in the previous winter. Compare our programme.

This course is about various aspects of security in the internet. In the first part we deal with secure connections, whereas the second part considers electronic voting schemes involving further tasks.

Who can read my email?
How do I know that eBay is eBay, or amazon is amazon?
What is the public key of Angela Merkel? Where do I get it and how do I verify that it's really hers?
...

In the internet a large variety of protocols ("chatting programs") are in use to make this or that `secure'. VPN, IPsec, SSL, PKI, PGP are just a few tokens that need explanations. We will try to understand a little of that and how things are used and made available.

The application issue this year deals with electronic cash. There are a variety of proposals about how to realize a counter part to real coins (cash!) in the internet. However, most of the approaches that are used in practive are account based. But then transactions are not anonymous. What we are heading for in this chapter are systems that are as anonymous as real coins are. In particular, they must be account free since otherwise the account manager sees all transactions. Thus a certain bit string may be a valid coin. The problem with bit strings as compared to real coins is: they are fairly easy to copy. But one should not be able to just duplicate coins because that would render that kind of coin worthless. There are solutions to this double spending problem. Further issues then arise: real coins can be transferred many times from owner to owner, in case of extortion we may want a tracing option, ...

Literature

J. Klensin (Editor) (2008). Simple Mail Transfer Protocol. RFC 5321.
Phong Nguyen (2004). Can We Trust Cryptographic Software? Cryptographic Flaws in GNU Privacy Guard v1.2.3. EUROCRYPT 2004.
N. Freed (Editor) (1995). SMTP service Extention. RFC 1869.
David Ross (2002-2011). PGP Public Key Servers.
Russ Cox (2008). Lessons from the Debian/OpenSSL Fiasco.
Thorsten Kleinjung et al. (2010). Factorization of a 768-bit RSA modulus.
Niels Ferguson and Bruce Schneier (2003). A Cryptographic Evaluation of IPsec.
C. Kaufman et al. (2010). Internet Key Exchange Protocol Version 2 (IKEv2). RFC 5996.

Mailinglist

We will put each member on the mailing list . You can also subscribe yourself. The list is intented for all participants of the course as a platform for discussions around the topic. Furthermore, announcements regarding the course are made here.