Course - Computer Security MT24

A Part A/Part B course on computer security, with a heavy focus on information security.

A lot of the information security topics rely on some foundational assumptions in computational complexity, most strongly that one-way functions exist – i.e. there exist functions $f$ where $f(x)$ is easy to compute but $f^{-1}(x)$ is very difficult to compute. Whether one-way functions exist is actually still an open problem! The existence of one-way functions would imply $\mathbf P = \mathbf{NP}$, so a proof of this fact is expected to be very difficult. Some of [[Course - Quantum Information HT24]]^U instead builds up protocols of secure communication founded in quantum theory, whose security is founded in laws of nature rather than hard computational problems.

• Course Webpage
• Lecture Notes
  • Andrew Ker’s lecture notes (from 2014, and don’t cover all content)
  • 1, Introduction
  • 2, Access control
  • 3, Attacks
  • From the previous year:
    • Andrew Ker’s lecture notes
    • 1, Introduction
    • 2, Access control
    • 3, Attacks
    • 4, Symmetric-key cryptography
    • 5, Hashes
    • 6, Asymmetric crypto
    • 7, MAC
    • 8, Protocols
    • 9, Frameworks
    • 10, NSA slides
• Other courses this term: [[Courses MT24]]^U

Timetable

• Monday 11AM-12PM, Weeks 1,2,3,4,5,7 (lecture)
• Wednesday 11AM-12PM, Weeks 1,2,3,4,5,7 (lecture)
• Friday 11AM-12PM, Weeks 1-4 (lecture)
• Monday 10AM-11AM, Weekly 4,5,7,8 (class)

Notes

• [[Notes - Computer Security MT24, Basic definitions]]^U
• [[Notes - Computer Security MT24, Access control]]^U
• [[Notes - Computer Security MT24, Bell-LaPadula model]]^U
• [[Notes - Computer Security MT24, Clark-Wilson model]]^U
• [[Notes - Computer Security MT24, Access control in UNIX]]^U
• [[Notes - Computer Security MT24, Reference monitors]]^U
• [[Notes - Computer Security MT24, Attacks]]^U
• [[Notes - Computer Security MT24, Symmetric key ciphers]]^U
• [[Notes - Computer Security MT24, Block modes]]^U
• [[Notes - Computer Security MT24, Cipher attacks]]^U
• [[Notes - Computer Security MT24, Stream ciphers]]^U
• [[Notes - Computer Security MT24, RC4]]^U
• [[Notes - Computer Security MT24, Feistel structures]]^U
• [[Notes - Computer Security MT24, DES cryptosystem]]^U
• [[Notes - Computer Security MT24, AES cryptosystem]]^U
• [[Notes - Computer Security MT24, Cryptographic hashes]]^U
• [[Notes - Computer Security MT24, Example hash functions]]^U
• [[Notes - Computer Security MT24, Key generation]]^U
• [[Notes - Computer Security MT24, Asymmetric key ciphers]]^U
• [[Notes - Computer Security MT24, Number theory]]^U
• [[Notes - Computer Security MT24, RSA cryptosystem]]^U
• [[Notes - Computer Security MT24, Rabin cryptosystem]]^U
• [[Notes - Computer Security MT24, Elliptic curve cryptography]]^U
• [[Notes - Computer Security MT24, Diffie-Hellman key exchange]]^U
• [[Notes - Computer Security MT24, Dolev-Yao model]]^U
• [[Notes - Computer Security MT24, MACs]]^U
• [[Notes - Computer Security MT24, Digital signatures]]^U
• [[Notes - Computer Security MT24, Protocols]]^U
• [[Notes - Computer Security MT24, Needham-Schroeder protocol]]^U
• [[Notes - Computer Security MT24, Key distribution and mediated authentication]]^U
• [[Notes - Computer Security MT24, SSL and TLS]]^U

Problem Sheets

• [[Problem Sheet - Computer Security MT24, I]]^?, Sheet 1
• [[Problem Sheet - Computer Security MT24, II]]^?
• [[Problem Sheet - Computer Security MT24, III]]^?
• [[Problem Sheet - Computer Security MT24, IV]]^?
• From the previous year:
  • Sheet 1
  • Sheet 2
  • Sheet 3
  • Sheet 4

To-do List

Covering slides

• 1. Introduction
• 2. Access control
  • Negative permissions
  • Policy conflict and conflict resolution
  • Privileges and roles, role based access control
  • Requirements of reference monitor security
• 3. Attacks
  • Drive-by-downloads
  • Ransomware as denying data not service
  • Double extortion
  • Buffer overflow example
  • Code injection SQL example
  • Command injection PHP example
• 4. Symmetric key crypto
  • Details of AES
  • Other problems with ECB (repeats $\approx \sqrt{2^k}$, re-order blocks)
  • Images for block modes
• 5. Hashes
  • Stretched and salted passwords
  • Details of LM hash
  • scrypt, forcing attacker to use memory as well as time
  • Hash function requirements for different use cases
  • Details of MD4
  • Details of SHA3
  • RC4
• 6. Asymmetric key ciphers
  • Elliptic-curve cryptography
• 7. MACs and digital signatures
  • Combining confidentiality and integrity with one key using Galois Counter Mode
  • Signature padding
  • PKCS#1 v1.5 signature padding
  • RSA-PSS
• 8. Protocols
  • More details about certificates, like their actual content
  • Abstract protocol based on certificates
  • BEAST attack on SSL/TLS
  • Blockwise adaptive CPAs
  • “Prudent engineering principles for cryptoprotocol design”
• 9. Frameworks
  • NIST Framework