• Programme
• Writing talks and theses
• Theses topics
• Teaching
  • Winter 2017
  • Summer 2017
  • IPEC Winter 2017
  • Winter 2016/2017
  • IPEC Summer 2016
  • Summer 2016
  • IPEC Winter 2016
  • Winter 2015/2016
  • IPEC Summer 2015
  • Summer 2015
  • IPEC Winter 2015
  • Winter 2014/2015
  • IPEC Summer 2014
  • Summer 2014
  • IPEC Winter 2014
  • Winter 2013/2014
  • IPEC Summer 2013
  • Summer 2013
  • IPEC Winter 2013
  • Winter 2012/2013
  • IPEC Summer 2012
  • Summer 2012
  • IPEC Winter 2012
  • Winter 2011/2012
  • IPEC Summer 2011
  • Summer 2011
  • The art of cryptography: algorithmic cryptanalysis
  • Esecurity: secure internet & e-passports
  • Seminar block cipher cryptanalysis
  • Seminar Advanced Topics in Cryptography
  • Oberseminar Computer Security, Summer 2011
  • IPEC Winter 2011
  • Winter 2010/2011
  • IPEC Summer 2010
  • Summer 2010
  • IPEC Winter 2010
  • Winter 2009/2010
  • IPEC Summer 2009
  • Summer 2009
  • IPEC Winter 2009
  • Winter 2008/2009
  • IPEC Summer 2008
  • Summer 2008
  • IPEC Winter 2008
  • Winter 2007/2008
  • IPEC Summer 2007
  • Summer 2007
  • IPEC Winter 2007
  • Winter 2006/2007
  • IPEC Summer 2006
  • Summer 2006
  • IPEC Winter 2006
  • Winter 2005/2006
• Special events
• crypt@b-it
• Schüler-Krypto

Esecurity: secure internet & e-passports

Corresponding entry in Aachen Campus, Bonn Basis.

Responsible

Prof. Dr. Joachim von zur Gathen

Lecture

Michael Nüsken

Tutorial

Raoul Blankertz

Time & Place

• Tuesday, 13³⁰-15⁰⁰, b-it Rheinsaal.
• Wednesday, 13³⁰-15⁰⁰, b-it Rheinsaal.
• Tutorial: Tuesday, 15¹⁵-16⁴⁵, b-it Rheinsaal.

First meeting: Tuesday, 05 April 2011 at 13³⁰, b-it Rheinsaal.

All times subject to agreement in class.

Exam

Exam: 5 August 2011, 14⁰⁰-17⁰⁰, b-it Rheinsaal.

Post-exam meeting: 12 August 2011, 14⁰⁰, b-it cosec seminar room 1.25.

2nd exam (repetitions only): 5 Oktober 2011, 14⁰⁰-17⁰⁰, room 2.1.

2nd Post-exam meeting: 7 Oktober 2011, 15⁰⁰, b-it cosec seminar room 1.25.

Notes

The screen notes (PDF 116MB) contain all handwritten stuff (last updated 13 July 2011, 18:35).

Exercises

• Exercise 1 (PDF, last updated 07 April 2011, 10:36).
• Exercise 2 (PDF, last updated 13 April 2011, 22:40).
• Exercise 3 (PDF, last updated 20 April 2011, 19:07).
• Exercise 4 (PDF, last updated 27 April 2011, 17:44).
• Exercise 5 (PDF, last updated 04 May 2011, 18:53).
• Exercise 6 (PDF, last updated 11 May 2011, 18:25).
• Exercise 7 (PDF, last updated 18 May 2011, 16:33).
• Exercise 8 (PDF, last updated 26 May 2011, 13:38).
• Exercise 9 (PDF, last updated 01 June 2011, 18:22).
• Exercise 10 (PDF, last updated 08 June 2011, 18:59).
• Exercise 11 (PDF, last updated 22 June 2011, 22:13).
• Exercise 12 (PDF, last updated 29 June 2011, 17:43).
• Exercise 13 (PDF, last updated 06 July 2011, 19:32).
• Exercise 14 (PDF, last updated 14 July 2011, 19:58).

Files

Allocation

4+2 SWS, 8 credits. Optionally, 3+2 SWS, 6 credits.

Successful completion of the course yields 8 credit points. For students who only want 6 credit points, a breakpoint at about 3/4 of the teaching time will be defined, and only the course material up to that point will be relevant for their exams and grades.

• Media Informatics: Computer and Communication Technology.
• Recommendation for University of Bonn - Computer Science: A or A1, respectively.

Prerequisites

Basic knowledge in cryptography is needed, as for example the course Cryptography held in the previous winter. Compare our programme.

Contents

This course is about various aspects of security in the internet. In the first part we deal with secure connections, whereas the second part considers electronic voting schemes involving further tasks.

• Who can read my email?
• How do I know that eBay is eBay, or amazon is amazon?
• What is the public key of Angela Merkel? Where do I get it and how do I verify that it's really hers?
• ...

In the internet a large variety of protocols ("chatting programs") are in use to make this or that `secure'. VPN, IPsec, SSL, PKI, PGP are just a few tokens that need explanations. We will try to understand a little of that and how things are used and made available.

Passports shall carry more and more sensitive information in a easily accessible way in the future. This information may, apart from name, origin and the like, contain fingerprints or retina scans. And it is stored in electronic form, and it can be accessed by wireless transmissions. This raises a lot of new problems:

• The passport holder cannot immediately control the contents of the stored information.
• Unauthorized eavesdroppers might be able to gather or actively read information from the passport unnoticed. So one could think that identifying a certain person passing at a certain place, or tracking her path through a department store might be possible.
• Personal rights of a person are touched when acquiring and storing biometric information.

The course will try to give an overview what and how things are implemented. We will discuss the concerns of and threats to holders, society and government. Biometrical information has long been used to identify persons. Already, in 1901 Scotland Yard started to use fingerprints to identify criminals. Since then various other methods have been introduced: iris scan, face recognition, retina scans, hand geometry to name just the most prominent. Since about 1965 people have tried to automate all these identification methods. This has shown many difficulties. It is still not clear which information identify a person: for example, though it is widely believed that fingerprints do, only few scientific studies are available. And it turns out to be pretty difficult to find a reliable automatic pattern matcher. Mind that it is not like searching a given fixed string in a dictionary. You have to find the template(s) that are most similar to a given one, or tell that there is none within given bounds.

Literature

• J. Klensin (Editor) (2008). Simple Mail Transfer Protocol. RFC 5321.
• Phong Nguyen (2004). Can We Trust Cryptographic Software? Cryptographic Flaws in GNU Privacy Guard v1.2.3. EUROCRYPT 2004.
• N. Freed (Editor) (1995). SMTP service Extention. RFC 1869.
• D. Cooper et al. (2008). Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280.
• Thorsten Kleinjung et al. (2010). Factorization of a 768-bit RSA modulus.
• Niels Ferguson and Bruce Schneier (2003). A Cryptographic Evaluation of IPsec.
• C. Kaufman et al. (2010). Internet Key Exchange Protocol Version 2 (IKEv2). RFC 5996.
• S. Frankel and S. Krishnan (2011). IP Security (IPsec) and Internet Key Exchange (IKE) Document Roadmap. RFC 6071.
• Debian (2008). Debian Security Advisory: DSA-1571-1 openssl -- predictable random number generator.
• Russ Cox (2008). Lessons from the Debian/OpenSSL Fiasco.
• H. D. Moore (2008). The bug.
• IETF (2005-2010). IPsec incl. IKEv2:
  • RFC4301 Security Architecture for the Internet Protocol,
  • RFC4302 IP Authentication Header,
  • RFC4303 IP Encapsulating Security Payload (ESP),
  • RFC4304 Extended Sequence Number (ESN) Addendum to IPsec Domain of Interpretation (DOI) for Internet Security Association and Key Management Protocol (ISAKMP),
  • RFC4835 Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH),
  • RFC5996 Internet Key Exchange Protocol Version 2 (IKEv2),
  • RFC4307 Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2),
  • RFC4308 Cryptographic Suites for IPsec,
  • RFC4309 Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP).
• IETF (2006). SSH.
  • The Secure Shell (SSH) Transport Layer Protocol RFC4253
  • The Secure Shell (SSH) Protocol Assigned Numbers RFC4250
  • The Secure Shell (SSH) Protocol Architecture RFC4251
  • The Secure Shell (SSH) Authentication Protocol RFC4252
  • The Secure Shell (SSH) Connection Protocol RFC4254
• IETF (2004-2011). TLS/SSL.
  • The Transport Layer Security (TLS) Protocol Version 1.2 RFC5246
  • Transport Layer Security Protocol Compression Methods RFC3749
  • Transport Layer Security (TLS) Extensions: Extension Definitions RFC6066
  • Using OpenPGP Keys for Transport Layer Security (TLS) Authentication  RFC6091
  • Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) RFC4279
  • Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) RFC4492

• Gregory V. Bard (2004). Vulnerability of SSL to Chosen-Plaintext Attack.
• Christopher Soghoian & Sid Stamm (2010). Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL.
• P. Rogaway & D. Wagner (2003). A Critique of CCM.
• Dorothy E. Denning & Giovanni Maria Sacco (1981). Timestamps in key distribution protocols.
• ICAO (2005-2008). Doc 9303.
• BSI (-2010). BSI TR-03110: Advanced Security Mechanisms for Machine Readable Travel Documents ? Extended Access Control (EAC), Password Authenticated Connection Establishment (PACE), and Restricted Identification (RI). (PDF)
• BSI (-2011). Elektronische Ausweise.
• Lee et al. (2008). Elliptic-Curve-Based Security Processor for RFID.
• Chothia & Smirnov (2010). A traceability attack against e-passports.
• Ellis (2010). 39 Myth about e-Passports.
• BSI, Begleitstudien zum neuen Personalausweis.
  
• Division of Health Improvement, Fingerprint Techniques Manual (PDF).
• Distribution of NCIC FPC Including 17'951'192 Males , 4'313'521 Females .
  This is a statistics about the distribution of fingerprints in a large criminal file maintained by the FBI according to a system based on the Henry classification.

Mailinglist

We will put each member on the mailing list