• Programme
• Writing talks and theses
• Theses topics
• Teaching
  • Winter 2017
  • Summer 2017
  • IPEC Winter 2017
  • Winter 2016/2017
  • IPEC Summer 2016
  • Summer 2016
  • IPEC Winter 2016
  • Winter 2015/2016
  • IPEC Summer 2015
  • Summer 2015
  • IPEC Winter 2015
  • Winter 2014/2015
  • IPEC Summer 2014
  • Summer 2014
  • IPEC Winter 2014
  • Winter 2013/2014
  • IPEC Summer 2013
  • Summer 2013
  • IPEC Winter 2013
  • Winter 2012/2013
  • IPEC Summer 2012
  • Summer 2012
  • IPEC Winter 2012
  • Winter 2011/2012
  • IPEC Summer 2011
  • Summer 2011
  • IPEC Winter 2011
  • Winter 2010/2011
  • IPEC Summer 2010
  • Summer 2010
  • The art of cryptography: integral lattices
  • Esecurity: secure internet & e-voting
  • Seminar Securing ecommerce
  • Seminar Advanced Topics in Cryptography
  • Oberseminar Computer Security, Summer 2010
  • IPEC Winter 2010
  • Winter 2009/2010
  • IPEC Summer 2009
  • Summer 2009
  • IPEC Winter 2009
  • Winter 2008/2009
  • IPEC Summer 2008
  • Summer 2008
  • IPEC Winter 2008
  • Winter 2007/2008
  • IPEC Summer 2007
  • Summer 2007
  • IPEC Winter 2007
  • Winter 2006/2007
  • IPEC Summer 2006
  • Summer 2006
  • IPEC Winter 2006
  • Winter 2005/2006
• Special events
• crypt@b-it
• Schüler-Krypto

Esecurity: secure internet & evoting

Corresponding entry in Aachen Campus, Bonn University.

Responsible

Prof. Dr. Joachim von zur Gathen

Lecture

Michael Nüsken

Tutorial

Konstantin Ziegler

Time & Place

• Tuesday, 13³⁰-15⁰⁰, Hörsaal, b-it. 
• Wednesday, 13³⁰-15⁰⁰, Hörsaal, b-it.
• Tutorial : Tuesday, 15¹⁵-16⁴⁵, Hörsaal, b-it.

First meeting: Tuesday 13 April 2010 at 13³⁰-

All times subject to agreement in class.

First meeting: Wednesday, 12 April 2010, b-it bitmax.

No classes on: 19 May 2010 (Bonn dies), 25-26 May 2010 (excursion week), and 9 June 2010 (Aachen dies).

Exam

Pre-exam meeting: 9 August 2010, 13⁰⁰, b-it cosec seminar room 1.25.

Exam: 13 September 2010, 14⁰⁰, b-it seminar room 2.1.

Post-exam meeting: 16 September 2010, 14⁰⁰, b-it cosec seminar room 1.25.

2nd exam: 19 October 2010, 14⁰⁰, b-it Rheinsaal.

Notes

The screen notes (PDF) contain all handwritten stuff (last updated 28 July 2010, 16:52).

Exercises

• Exercise 1 (PDF, last updated 21 April 2010, 13:37).
• Exercise 2 (PDF, last updated 28 April 2010, 18:34).
• Exercise 3 (PDF, last updated 06 May 2010, 00:29).
• Exercise 4 (PDF, last updated 12 May 2010, 16:12).
• Exercise 5 (PDF, last updated 21 May 2010, 13:02).
• Exercise 6 (PDF, last updated 02 June 2010, 16:42).
• Exercise 7 (PDF, last updated 10 June 2010, 13:57).
• Exercise 8 (PDF, last updated 16 June 2010, 17:41).
• Exercise 9 (PDF, last updated 23 June 2010, 18:26).
• Exercise 10 (PDF, last updated 30 June 2010, 18:07).
• Exercise 11 (PDF, last updated 13 July 2010, 21:03).
• Exercise 12 (PDF, last updated 14 July 2010, 18:32).

Allocation

4+2 SWS, 8 credits. Optionally, 3+2 SWS, 6 credits.

Successful completion of the course yields 8 credit points. For students who only want 6 credit points, a breakpoint at about 3/4 of the teaching time will be defined, and only the course material up to that point will be relevant for their exams and grades.

• Media Informatics: Computer and Communication Technology.
• Recommendation for University of Bonn - Computer Science: A or A1, respectively.

Prerequisites

Basic knowledge in cryptography is needed, as for example the course Cryptography held in the previous winter. Compare our programme.

Contents

This course is about various aspects of security in the internet. In the first part we deal with secure connections, whereas the second part considers electronic voting schemes involving further tasks.

• Who can read my email?
• How do I know that eBay is eBay, or amazon is amazon?
• What is the public key of Angela Merkel? Where do I get it and how do I verify that it's really hers?
• ...

In the internet a large variety of protocols ("chatting programs") are in use to make this or that `secure'. VPN, IPsec, SSL, PKI, PGP are just a few tokens that need explanations. We will try to understand a little of that and how things are used and made available.

Decision finding processes in most democratic societies are guided by the election of representatives. Some smaller states also conduct voting for particular decisions. Apart from political elections, a lot of other voting processes are in use to determine leaderships, opinions, ... Nowadays we require democratic elections to be free and fair. This implies several features, like anonymity and secrecy. (Secret elections only take place since about the middle of the nineteenth century.) German law requires even more:

Die Abgeordneten des Deutschen Bundestages werden in allgemeiner, unmittelbarer, freier, gleicher und geheimer Wahl gewählt. GG Art. 38 Abs. 1 Satz 1 (The members of the German Federal Diet are elected in general, direct, free, fair and secret elections.)

Since the advent of computers and the Internet people have tried to use the new means also in election processes. Major forces driving that are the cost and the election turnout. However, cheaper and faster election processes might have even more, yet unpredictable effects on society and democracy. The topic of the course shall be the treatment of the methods and the one or other solution for electronic elections. This ranges from simple voting machines to complete remote Internet election systems. In the latter, modern cryptographic methods are essential for ensuring major properties.

Literature

• J. Callas, PGP Corporation, L. Donnerhacke, IKS GmbH, H. Finney, PGP Corporation, D. Shaw& R. Thayer (2007). OpenPGP Message Format. RFC 4880.
• Phong Nguyen (2004). Can We Trust Cryptographic Software? Cryptographic Flaws in GNU Privacy Guard v1.2.3. EUROCRYPT 2004.
• J. Klensin (Editor) (2008). Simple Mail Transfer Protocol. RFC 5321.
• Gregory V. Bard, The Vulnerability of SSL to Chosen Plaintext Attack.
• Christopher Soghoian and Sid Stamm, Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL.
• Hari K. Prasad, J. Alex Halderman & Rop Gonggrijp (2010). India's EVMs are Vulnerable to Fraud. [NOTE: This is not our topic, but contains important information.]

Mailinglist

We will put each member on the mailing list