Esecurity: secure internet & e-cash

This course is listed in Aachen Campus as Esecurity: secure internet & e-cash and in Bonn Basis as Esecurity: secure internet & e-cash oder MA-INF 3222 - Esecurity: secure internet & e-cash.

Responsible

Prof. Dr. Joachim von zur Gathen

Lecture

Michael Nüsken

Tutorial

Michael Nüsken

Time & Place

Tuesday, 13³⁰-15⁰⁰, b-it bitmax.
Wednesday, 13³⁰-15⁰⁰, b-it bitmax.
Tutorial: Tuesday, 15¹⁵-16⁴⁵, b-it bitmax.

First meeting: Tuesday, 07 April 2015.

All times subject to agreement in class.

Exam

Pre-exam meeting: probably Tuesday, 8 September 2015, 10⁰⁰, b-it 1.25 (cosec meeting room).

Exam: Monday, 14 September 2015, 10⁰⁰, b-it 0.4.

Post-exam meeting: Monday, 19 October 2015, 14⁰⁰, b-it 1.25 (cosec meeting room).

Exam2 (repetitions only): Wednesday, 18 November 2015, 14⁰⁰, b-it 1.25 (cosec meeting room).

Post-exam meeting: Thursday, 14 January 2016, 14³⁰, b-it 1.25 (cosec meeting room).

Notes

The screen notes (PDF 32.4MB) contain all handwritten stuff (last updated 17 July 2015, 17:46).

Exercises

Sheet 1 (PDF, last updated 08 April 2015, 17:09).
Sheet 2 (PDF, last updated 15 April 2015, 17:33).
Sheet 3 (PDF, last updated 23 April 2015, 09:30).
Sheet 4 (PDF, last updated 30 April 2015, 11:58).
Sheet 5 (PDF, last updated 06 May 2015, 16:32).
Sheet 6 (PDF, last updated 21 May 2015, 16:45).
Sheet 7 (PDF, last updated 03 June 2015, 17:44).
Sheet 8 (PDF, last updated 12 June 2015, 09:41).
Sheet 9 (PDF, last updated 19 June 2015, 15:14).
Sheet 10 (PDF, last updated 25 June 2015, 10:11).
Sheet 11 (PDF, last updated 02 July 2015, 13:13).
Sheet 12 (PDF, last updated 10 July 2015, 09:13).

Literature

J. Klensin (Editor) (2008). Simple Mail Transfer Protocol. RFC 5321.
N. Freed (Editor) (1995). SMTP service Extention. RFC 1869.
heise (Monika Ermert & mho) (2015). E-Mail-Sicherheit: Gedächtnislücken und Darkmail-Ideen.
Phong Nguyen (2004). Can We Trust Cryptographic Software? Cryptographic Flaws in GNU Privacy Guard v1.2.3. EUROCRYPT 2004.
J.-J. Quisquater, L. Guillou and families, with T. Berson (1990). How to explain zero-knowledge protocols to your children . In G. Brassard, ed., Advances in Cryptology, CRYPTO 89, Lectures Notes in Computer Science 0435, Springer, Heidelberg. 628-631.
Tibor Jager, Florian Kohlar, Sven Schäge & Jörg Schwenk (2011/2013). On the Security of TLS-DHE in the Standard Model. Preprint, ePrint 2011/219.
Hugo Krawczyk, Kenny Paterson & Hoeteck Wee (2013). On the Security of TLS-DHE in the Standard Model. CRYPTO 2013, ePrint 2013/339.
Niels Ferguson (1994). Single term off-line coins. Workshop on the theory and application of cryptographic techniques on Advances in cryptology. LNCS.
Stefan Brands (1998). Electronic cash. Preprint. Chapter 44 in Atallah (1998). Handbook on Algorithms and Theory of Computation. CRC. ISBN 9780849326493.
Lipmaa. Literature on ecash. Webpage.
...

Allocation

4+2 SWS.

Master in Media Informatics: Computer and Communication Technology.
8 ECTS credits.
Optionally, 3+2 SWS, 6 ECTS credits. On request a breakpoint at about 3/4 of the teaching time will be defined, and only the course material up to that point will be relevant for their exams and grades.
Master in Computer Science at University of Bonn: MA-INF 3222.
9 CP.
Students have to register this course with POS/BASIS.
Recommendation for diploma students of University of Bonn - Computer Science: A or A1, respectively.

Prerequisites

Basic knowledge in cryptography is needed, as for example the course Cryptography held in the previous winter. Compare our programme.

This course is about various aspects of security in the internet. In the first part we deal with secure connections, whereas the second part considers electronic voting schemes involving further tasks.

Who can read my email?
How do I know that eBay is eBay, or amazon is amazon?
What is the public key of Angela Merkel? Where do I get it and how do I verify that it's really hers?
...

In the internet a large variety of protocols ("chatting programs") are in use to make this or that `secure'. VPN, IPsec, SSL, PKI, PGP are just a few tokens that need explanations. We will try to understand a little of that and how things are used and made available.

The application issue this year deals with electronic cash. There are a variety of proposals about how to realize a counter part to real coins (cash!) in the internet. However, most of the approaches that are used in practive are account based. But then transactions are not anonymous. What we are heading for in this chapter are systems that are as anonymous as real coins are. In particular, they must be account free since otherwise the account manager sees all transactions. Thus a certain bit string may be a valid coin. The problem with bit strings as compared to real coins is: they are fairly easy to copy. But one should not be able to just duplicate coins because that would render that kind of coin worthless. There are solutions to this double spending problem. Further issues then arise: real coins can be transferred many times from owner to owner, in case of extortion we may want a tracing option, ...

Mailinglist

We will put each member on the mailing list . You can also subscribe yourself. The list is intented for all participants of the course as a platform for discussions around the topic. Furthermore, announcements regarding the course are made here.