Le kiosk
INPG-UJF / SCCI Master-2 (second year)

Security models: proofs, protocols and politics

Florent Autreau Cristian Ene Jean-Louis Roch

Teachers team (click to send an e-mail)

LECTURES:
Jean-Louis Roch
Florent Autreau
Cristian Ene

Welcome to the homepage of the course "Security models: proofs, protocols and politics" !

Description

The course presents the theroretical and pratical models and tools used to assess and to characterize the security of a cryptosystem, a protocol or an effective information system. The course is divided in three parts:

Security proofs [12 lectures M2R and M2P, 3 trainings M2P, Prof: Jean-Louis Roch]: foundations of provable security in relation with complexity

Introduction: computationally, provably, unconditionally secure; Attack models; Probabilities
Entropy and perfect secret/unconditional secure symmetric cryptosystem
Provably secure cryptosystem - Asymetric cryptosystems, one-way functions and Polynomial reductions
One-way hash function
Pseudo-random generators
Probabilistic algorithm - Interactive proofs
Zero-knowledge protocols
Application to other protocols: Identification schemes, key distribution, Sharing secret.

Models for Security [12 lectures M2R and M2P, 3 trainings M2P, Prof: Cristian Ene]: foundations of semantic security,

Indistinguishability
Public Encryption
Symmetric encryption
Protocol Symbolic model and computational model
Non-interference
Acess control and security policies

Security poiltics and audit [2 lectures M2P, 8 trainings M2P, Prof: Florent Autreau]: methods and tools to assess and characterize security, availability and performance for Information System.

Concepts
Threats, risks.
Methods and Standards
Tools
Hand-on labs ('Capture the Flag')

Course materials

Online book: The handbook of applied cryptography", by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone.
Bruce Schneier, Applied cryptography,
The Foundations of Cryptography (vol 1 and 2) by Oded Goldreich. Online fragments
Douglas Stinson, Cryptography: Theory and Practice,
Matt Bishop, Computer Security: Art and Science,
Simon Singh, The Code Book: The Secret History of Codes and Code Breaking.
Bruce Schneier's Blog: http://www.schneier.com/blog/ and his electronic newsletter http://www.counterpane.com/crypto-gram.html

Lecture notes by students

For each course, a group of 2 students (named by the professor) has to write the notes on the course in latex; those notes, together with the name of the students, will be made available on the course kiosk, additionnaly to the slides of the course.
NB The two students have to send their note prior to the next course.

Evaluation

ET: Final examination : 1 written exam (3 hours)
TP: Practical work : 1 project lab with homework
CC: Continuous controls: 2 written controls (30' each). The mark obtained to the continuous control is taken into account only if larger than the mark of the final examination.
Final mark session 1: 20% * TP + 65% * ET + 15% * MAX(ET,CC)
Session 2: (under decision of the jury) :
ET2: one final examination in session 2.: oral (30') if <= 5 students; written (1h) if i >=6 students
Final mark session 2: 20% * TP + 65% * ET2 + 15% * MAX(ET2, CC)

Cooperation and Cheating

Feel free to discuss project labs with other members of the class, your professors, or the Teaching Assistant. However, do not look at or copy another team solution to a homework or lab. We are not concerned with how you come to understand the problem and how to solve it, but once you have the background necessary to solve it, you must provide your own solution. Exchanging lab solutions is cheating and will be reported to the University, and you will lose credit for the course.