Suchergebnis: Katalogdaten im Frühjahrssemester 2023

Informatik Master Information
Ergänzungen
Ergänzung in Information Security
NummerTitelTypECTSUmfangDozierende
252-0408-00LCryptographic Protocols Information W6 KP2V + 2U + 1AM. Hirt
KurzbeschreibungIn a cryptographic protocol, a set of parties wants to achieve some common goal, while some of the parties are dishonest. Most prominent example of a cryptographic protocol is multi-party computation, where the parties compute an arbitrary (but fixed) function of their inputs, while maintaining the secrecy of the inputs and the correctness of the outputs even if some of the parties try to cheat.
LernzielTo know and understand a selection of cryptographic protocols and to
be able to analyze and prove their security and efficiency.
InhaltThe selection of considered protocols varies. Currently, we consider
multi-party computation, secret-sharing, broadcast and Byzantine
agreement. We look at both the synchronous and the asynchronous
communication model, and focus on simple protocols as well as on
highly-efficient protocols.
SkriptWe provide handouts of the slides. For some of the topics, we also
provide papers and/or lecture notes.
Voraussetzungen / BesonderesA basic understanding of fundamental cryptographic concepts (as taught
for example in the course Information Security) is useful, but not
required.
KompetenzenKompetenzen
Fachspezifische KompetenzenKonzepte und Theoriengeprüft
Verfahren und Technologiengeprüft
Methodenspezifische KompetenzenAnalytische Kompetenzengeprüft
Entscheidungsfindunggefördert
Persönliche KompetenzenKreatives Denkengefördert
Kritisches Denkengefördert
263-2925-00LProgram Analysis for System Security and Reliability Information
Findet dieses Semester nicht statt.
W7 KP2V + 1U + 3AM. Vechev
KurzbeschreibungSecurity issues in modern systems (blockchains, datacenters, deep learning, etc.) result in billions of losses due to hacks and system downtime. This course introduces fundamental techniques (ranging over automated analysis, machine learning, synthesis, zero-knowledge, differential privacy, and their combinations) that can be applied in practice so to build more secure and reliable modern systems.
Lernziel* Understand the fundamental techniques used to create modern security and reliability analysis engines that are used worldwide.

* Understand how symbolic techniques are combined with machine learning (e.g., deep learning, reinforcement learning) so to create new kinds of learning-based analyzers.

* Understand how to quantify and fix security and reliability issues in modern deep learning models.

* Understand open research questions from both theoretical and practical perspectives.
InhaltPlease see: https://www.sri.inf.ethz.ch/teaching/pass2022 for detailed course content.
263-4600-00LFormal Methods for Information Security Information
Findet dieses Semester nicht statt.
W5 KP2V + 1U + 1A
KurzbeschreibungThe course focuses on formal methods for the modeling and analysis of security protocols for critical systems, ranging from authentication protocols for network security to electronic voting protocols and online banking. In addition, we will also introduce the notions of non-interference and runtime monitoring.
LernzielThe students will learn the key ideas and theoretical foundations of formal modeling and analysis of security protocols. The students will complement their theoretical knowledge by solving practical exercises, completing a small project, and using state-of-the-art tools. The students also learn the fundamentals of non-interference and runtime monitoring.
InhaltThe course treats formal methods mainly for the modeling and analysis of security protocols. Cryptographic protocols (such as SSL/TLS, SSH, Kerberos, SAML single-sign on, and IPSec) form the basis for secure communication and business processes. Numerous attacks on published protocols show that the design of cryptographic protocols is extremely error-prone. A rigorous analysis of these protocols is therefore indispensable, and manual analysis is insufficient. The lectures cover the theoretical basis for the (tool-supported) formal modeling and analysis of such protocols. Specifically, we discuss their operational semantics, the formalization of security properties, and techniques and algorithms for their verification.

The second part of this course will cover a selection of advanced topics in security protocols such as abstraction techniques for efficient verification, secure communication with humans, the link between symbolic protocol models and cryptographic models as well as RFID protocols (a staple of the Internet of Things) and electronic voting protocols, including the relevant privacy properties.

Moreover, we will give an introduction to two additional topics: non-interference as a general notion of secure systems, both from a semantic and a programming language perspective (type system), and runtime verification/monitoring to detect violations of security policies expressed as trace properties.
263-4656-00LDigital Signatures Information W5 KP2V + 2AD. Hofheinz
KurzbeschreibungDigital signatures as one central cryptographic building block. Different security goals and security definitions for digital signatures, followed by a variety of popular and fundamental signature schemes with their security analyses.
LernzielThe student knows a variety of techniques to construct and analyze the security of digital signature schemes. This includes modularity as a central tool of constructing secure schemes, and reductions as a central tool to proving the security of schemes.
InhaltWe will start with several definitions of security for signature schemes, and investigate the relations among them. We will proceed to generic (but inefficient) constructions of secure signatures, and then move on to a number of efficient schemes based on concrete computational hardness assumptions. On the way, we will get to know paradigms such as hash-then-sign, one-time signatures, and chameleon hashing as central tools to construct secure signatures.
LiteraturJonathan Katz, "Digital Signatures."
Voraussetzungen / BesonderesIdeally, students will have taken the D-INFK Bachelors course "Information Security" or an equivalent course at Bachelors level.
263-4660-00LApplied Cryptography Information Belegung eingeschränkt - Details anzeigen W8 KP3V + 2U + 2PK. Paterson, F. Günther
KurzbeschreibungThis course will introduce the basic primitives of cryptography, using rigorous syntax and game-based security definitions. The course will show how these primitives can be combined to build cryptographic protocols and systems.
LernzielThe goal of the course is to put students' understanding of cryptography on sound foundations, to enable them to start to build well-designed cryptographic systems, and to expose them to some of the pitfalls that arise when doing so.
InhaltBasic symmetric primitives (block ciphers, modes, hash functions); generic composition; AEAD; basic secure channels; basic public key primitives (encryption,signature, DH key exchange); ECC; randomness; applications.
LiteraturTextbook: Boneh and Shoup, “A Graduate Course in Applied Cryptography”, http://toc.cryptobook.us/book.pdf.
Voraussetzungen / BesonderesStudents should have taken the D-INFK Bachelor's course “Information Security" (252-0211-00) or an alternative first course covering cryptography at a similar level. / In this course, we will use Moodle for content delivery: https://moodle-app2.let.ethz.ch/course/view.php?id=19644.
KompetenzenKompetenzen
Fachspezifische KompetenzenKonzepte und Theoriengeprüft
Verfahren und Technologiengeprüft
Methodenspezifische KompetenzenAnalytische Kompetenzengeprüft
Medien und digitale Technologiengeprüft
Persönliche KompetenzenKreatives Denkengefördert
Kritisches Denkengefördert
Integrität und Arbeitsethikgefördert
  •  Seite  1  von  1