Winter
2022/23

Electronic Identity

[3313019] SE  (2 SWS)
Di 11:15-12:45 RUD 26, 1.307
Instructor: Dr. Wolf Müller
 


Computer Science Department
Systems Architecture Group

 

 
Abstract: The Internet was built without a way to know who and what you are connecting to. This limits what we can do with it and exposes us to growing dangers. If we do nothing, we will face rapidly proliferating episodes of theft and deception that
will cumulatively erode public trust in the Internet. [Kim Cameron, identityblog]


©xkcd
Synopsis:
  • Seminar, Praktische Informatik
  • 2h each week, 2 SWS
  • Students will present a selection of papers that will help you understand which threats exist, judge their significance and learn methods to defend your system against hackers. In addition you will explore the mathematical underpinnings of today's most common security tools and protocols.

Credits:

  In order to obtain credits for this seminar, participants are expected to:

  • Is possible for Bachelor.
  • This seminar can be combined with "VL IT-Sicherheit Grundlagen" "Modul mit Seminar (BSEM)" zur Studienordnung Bachelor Informatik (Mono-Bachelor) [link]
  • Attend regularly (at least 80%).
  • Read each paper before the seminar, to be adequately prepared for discussion.
  • Research an assigned subject; present major findings (30 min presentation; 15 min discussion).
  • Presentations will be evaluated by two members of the audience at the end of each class (Bewertungskriterien-Seminarvortrag.pdf).
  • Presenters summarize their in a term paper (German or English).
    The paper should have 6 .. 10 pages (without counting the references), and should contain, abstract, motivation, related work, presentation of topic, conclusion and references.
  • Presentations may be given in German or English.

Prerequisites:

  • This seminar is suitable for students of all technical science disciplines who have previously completed courses "GdP" and "algorithms and data structures" or equivalent.

COVID-19:

  • We start the semester in presence (If the conditions change, a fallback to online teaching is of course possible):
    Please bring warm clothes as we will be airing out regularly.
    I wish us good and healthy success.

Topics (16/20 assigned):

  • ---Post Quantum Cryptography---
  • Motivation und Survey (Grover, Shor, Timeline, Recommendations, Challenge) [pdf][NIST] (Emily)
  • Quantum Cryptography [pdf:Kapitel 4][pdf](Lea)
  • HASH-based Signatures [https][pdf] (Luca)
  • SPHINCS+ [html][pdf][git] (Robert)
  • FALCON [html][pdf][code]
  • CRYSTALS-KYBER [html][pdf][git]
  • Attack on SIKE [sarwiki] (Clemens)
    ---Private or Anonymous Communication: Tools, Building blocks & Limits---
  • Password Hashing [html][git][pdf] (Kamal)
  • One-TIME-Passwords [RFC6238][RFC4226][https]
  • TOR the onion router [pdf][Attack: pdf][Datagram: pdf] (Johannes)
  • openPGP [RFC][Handbook GNUpg pdf]
  • OTR Off-the-Record Messaging Protocol (version 3) [https]
  • Signal [https][https][git] (Tobias)
  • Kryptografie mit elliptischen Kurven, ECDSA [pdf]
  • Dragonfly Key Exchange [RFC]
  • VeraCrypt [https][Probleme] (Benedict)
    ---Authentication: Techniques and Tokens---
  • Mozilla Sync 1.5 API (Theory and Praxis) [https][https]
  • WebAuthn / FIDO2 / U2F / [W3C][Video][https][WireShark-dissector][Demo]
  • Direct Anonymous Attestation (DAA) [pdf]
  • One TPM to Bind Them All: Fixing TPM 2.0 for Provably Secure Anonymous Attestation [pdf] (mathematisch anspruchsvoll)
    ---German electronic IDs---
  • ePASS [ICAO] (Jan)
  • nPA: PACE, EAC [TR-03110]
  • Digital Seal / JAB-Code [TR-03137][TR-03137-2]
    ---Payment---
  • Bitcoin [whitepaper] (Angelina)
  • Ethereum [whitepaper][guide]
    ---Network---
  • WLAN WPA-2 KRACK [https][pdf] (Pascal)
  • Bluetooth Pairing / KNOB-Attack [Specification / 4.2 Security, 4.2.2 Pairing] [https] (Israa)
  • TLS 1.3 [blog][RFC] (Lukas)
  • TLS Revocation Mechanismen (CRL, OCSP, OCSP-stapling) in Theorie & Praxis [https]
  • OpenVPN [pdf][https][https][https] (Leon)
  • WireGuard VPN [pdf]
  • E2E Encryption for Zoom Meetings [pdf]
  • --- (further topics are possible, also own interesting suggestions are welcome) ---
  • Advanced Social Engineering Attacks [pdf] (Alaa)
  • Decentralized Identifiers [https]
  • Verifying COVID-19-QR-Codes (QR -->base45-->uncompress-->cose-->CBOR) [https][git]
     

Syllabus:

DatePresentersTopicSlides
18.10.22 bootstrap / assignment of topics 
25.10.22(optional)consultation (fine tuning of topics) 
01.11.22allelevator speeches
08.11.22   
15.11.22Kamal
Emily		Password Hashing
PQC: Motivation und Survey
[pdf]
22.11.22Clemens
Lea		Attack on SIKE
Quantum Cryptography		[pdf]
[pdf]
29.11.22
fällt aus		Luca
Robert		HASH-based Signatures
SPHINCS+
06.12.22Johannes
Tobias		TOR
Signal
[pdf]
13.12.22Benedict
Jan		VeraCrypt
ePass		[pdf]
03.01.23Luca
Robert		HASH-based Signatures
SPHINCS+
[pdf]
10.01.23Lukas
Leon		TLS 1.3
OpenVPN		 
17.01.23
fällt aus		IsraaBluetooth Pairing / KNOB-Attack 
24.01.23Alaa
Angelina 		Advanced Social Engineering Attacks
Bitcoin
[pdf]
31.01.23
[online]		AnarOpenVPN[pdf]
07.02.23KamalPassword Hashing 
14.02.23Wolf MüllerKonsultation bei Bedarf[pdf]


Recent / Incoming:

Further Readings (Research@SAR & Books):

 Links
Cambridge
Ross Anderson's home page
Bruce Schneier
home page
Safe Personal Computing
NIST
Computer Security Resource Center
NIST
Federal Information Standards (FIPS)
CERT
cert.org
 
Legal disclaimer. .  © 2024 Humboldt-Universität zu Berlin, Computer Science Department, Systems Architecture Group.Contact: sar@informatik.hu-berlin.de .