COMP3441/COMP9441 Cryptographic Approaches to Distributed Systems Security
Course Outline
Prerequisites:
A course in networks AND a course in algorithms,
or permission of instructor
Topics:
The course will introduce cryptography, cryptographic protocols and
their applications in securing distributed systems, with a focus
towards emerging issues in the internet and electronic commerce. The
emphasis will be on applications of cryptographic mechanisms rather
than the mathematics underlying ciphers. The course will be taught in
a seminar format, with students expected to give presentations based
on readings of primary and secondary sources.
- historical overview of ciphers: one-time pads, shared key cryptography, DES,
Diffie-Hellman, RSA, elliptic curve, hashes, one way functions
- cryptanalysis, sociological and technical attacks
- zero knowledge protocols
- sociological issues: key escrow, key length, export restrictions
role of government security/law enforcement organisations
privacy debate
- Public Key Infrastructures: x.509, PKIX, SDSI/SPKI, PGP
certification authorities and PKI management, revocation
- authentication protocols, Kerberos, single-signon, SSL, SSH
- Authentication protocol analysis, BAN Logic and its successors
Dolev Yao algebraic model and the Model Checking approach
- Certificates in Distributed operating systems,
TAOS and its authorization theory
- Java security model & WWW security
- mobile code: code modification and proof bearing code
- Digital Signatures, Non-repudiation, Timestamping
- trust management: Keynote and related systems
- Payment protocols, SET
- Digital Cash
- Digital (Copy)rights management, watermarking
Assessment methods:
- Seminar presentation 20%
- Written report 40%
- Exam 40%