• Programme
• Writing talks and theses
• Theses topics
• Teaching
  • Winter 2017
  • Summer 2017
  • IPEC Winter 2017
  • Winter 2016/2017
  • IPEC Summer 2016
  • Summer 2016
  • IPEC Winter 2016
  • Winter 2015/2016
  • IPEC Summer 2015
  • Summer 2015
  • IPEC Winter 2015
  • Winter 2014/2015
  • IPEC Summer 2014
  • Summer 2014
  • IPEC Winter 2014
  • Winter 2013/2014
  • IPEC Summer 2013
  • Summer 2013
  • IPEC Winter 2013
  • Winter 2012/2013
  • IPEC Summer 2012
  • Summer 2012
  • IPEC Winter 2012
  • Winter 2011/2012
  • Cryptography
  • Advanced cryptography: light-weight cryptography
  • Seminar Mobile Security
  • Seminar Advanced Topics in Cryptography
  • Oberseminar Computer Security, Winter 2011/2012
  • IPEC Summer 2011
  • Summer 2011
  • IPEC Winter 2011
  • Winter 2010/2011
  • IPEC Summer 2010
  • Summer 2010
  • IPEC Winter 2010
  • Winter 2009/2010
  • IPEC Summer 2009
  • Summer 2009
  • IPEC Winter 2009
  • Winter 2008/2009
  • IPEC Summer 2008
  • Summer 2008
  • IPEC Winter 2008
  • Winter 2007/2008
  • IPEC Summer 2007
  • Summer 2007
  • IPEC Winter 2007
  • Winter 2006/2007
  • IPEC Summer 2006
  • Summer 2006
  • IPEC Winter 2006
  • Winter 2005/2006
• Special events
• crypt@b-it
• Schüler-Krypto

Advanced Cryptography: light-weight cryptography

Corresponding entry in Aachen Campus, Bonn Basis.

Responsible

Prof. Dr. Joachim von zur Gathen

Lecture

Michael Nüsken

Tutorial

Daniel Loebenberger

Time & Place

• Tuesday 13³⁰-15⁰⁰, b-it 2.1.
• Wednesday 13³⁰-15⁰⁰, b-it 2.1.
• Tutorial: Tuesday 15³⁰-17⁰⁰, b-it 1.25.

First meeting: Tuesday, 25 October 2011.

All times subject to agreement in class.

Exam

Pre-exam meeting: tba.

Exam: Thursday, 01 March 2012, 11⁰⁰-14⁰⁰, b-it-max.

Post-exam meeting: tba.

Second exam (repetitions only): Friday, 27 April 2012, 10⁰⁰-13⁰⁰, b-it-max.

Post-exam meeting 2: tba.

Notes

The screen notes (PDF) contain all handwritten stuff (last updated 02 February 2012, 14:59).

Exercises

• Exercise 0 (PDF, last updated 26 October 2011, 17:27).
• Exercise 1 (PDF, last updated 26 October 2011, 18:06).
• Exercise 2 (PDF, last updated 15 November 2011, 11:01).
• Exercise 3 (PDF, last updated 16 November 2011, 15:43).
• Exercise 4 (PDF, last updated 23 November 2011, 16:55).
• Exercise 5 (PDF, last updated 07 December 2011, 14:38).
• Exercise 6 (PDF, last updated 07 December 2011, 14:38).
• Exercise 7 (PDF, last updated 14 December 2011, 14:43).
• Exercise 8 (PDF, last updated 23 December 2011, 10:31).
• Exercise 9 (PDF, last updated 17 January 2013, 13:23).
• Exercise 10 (PDF, last updated 18 January 2012, 19:54).
• Exercise 11 (PDF, last updated 25 January 2012, 15:52).

Sources

Here you find some useful code examples:

• S-Box finding stub in ANSI C (source).
• Our newest version of the finder (source).
• Version 3.1 of the finder (source).

Prerequisites

Basic knowledge in cryptography is required.

Contents

Many small devices spread in the world: mobile phones, processors in cars, RFID tags on articles, sensor arrays. Their designers want them to communicate with each other. This is easy as long as there is no adversary. But that is real fiction. So we have to deal with the protection of communication and computation. Well, there's plenty of cryptography to do that: primitives, schemes and protocols. In cryptography we mostly deal with symmetric ciphers designed to have a very high throughput under very strong security demands and with asymmetric schemes and protocols designed for high security. However, all this either runs on specialized hardware or on fast and powerful computers. However, leight-weight cryptography is directed to weak devices and shall still grant a suitable security level. The problem is that these devices have only low power and few energy, their size is very limited, the communication bandwidth may be comparatively small, their lifetime is usually short and they are much easier to capture. Typical processors range from 8 bit, 4 Mhz variants to 64 bit, 80 Mhz processors, this is a wide range but definitely much weaker than a PC. One has to walk a thin line between good crypto and fast and energy efficient mechanisms.

Literature

• Guang Gong (2010). Tutorial Lightweight Crypto for RFID. PDF part 1, PDF part 2, PDF part 3.
  

  Part 1: RFID (physics, standards).
  Part 2: several lightweight crypto primitives.
  Part 3: authentication protocols.

• Axel York Poschmann (2009). Leightweight Cryptography, Cryptographic Engineering for a PervasiveWorld. Dissertation (PDF). eprint.iacr.org.
• Howard M. Heys (2001). A Tutorial on Linear and Differential Cryptanalysis. TR CORR 2001-17, University of Waterloo (PDF). Also: Cryptologia XXVI(3), 189-221.
• D. Coppersmith (1994). The Data Encryption Standard (DES) and its strength against attacks. PDF.
• Mitsuru Matsui (1994). Linear Cryptanalysis Method for DES Cipher. EUROCRYPT'93, LNCS 765, 386-397, DOI 10.1007/3-540-48285-7_33.
• ECRYPT II (2008). eSTREAM project.
• Chiu C. Tan, Haodong Wang, Sheng Zhong & Qun Li (2009). IBE-Lite: A Lightweight Identity-Based
  Cryptography for Body Sensor Networks. IEEE transactions on information technology in biomedicine 13(6). Preprint at CiteSeer.

Allocation

4+2 SWS, 8 credits. Optionally, 3+2 SWS, 6 credits.

Successful completion of the course yields 8 credit points. For students who only want 6 credit points, a breakpoint at about 3/4 of the teaching time will be defined, and only the course material up to that point will be relevant for their exams and grades.

• Media Informatics: Computer and Communication Technology.
• Recommendation for University of Bonn - Computer Science: A or A1, respectively.

Mailinglist

We will put each member on the mailing list