The course provides a systematic formation on the cryptographic techniques currently employed in communication and data storage. It focuses on the algorithms, the related HW/SW efficient architectures, and points out the new trends and crypto-schemes under development. It extends and closely examines how to effectively and correctly use cryptography in the broad field of computer security.

The mathematical aspects of modern cryptography are presented, preceded by a comprehensive introdution to the needed notions of algebra. The most important cryptographic schemes are presented, together with their practical realization details, APIs and implementation vulnerabilities. Furthermore, the most common communication protocols (SSL/TLS, SSH, PGP, Kerberos, Onion Routing) and data storage protocols (IEEE P1619 standard used in Truecrypt) are described. Hardware and software architectures for efficient and implementation-secure realizations of cryptographic schemes are presented and detailed for real-world systems. The course interleaves mathematical topics and more engineering-oriented topics through merging theoretical and practical aspects.

These concepts are relevant for a system designer in need to properly use the cryptographic technologies in system and application contexts, and to an hardware designer in need to develop secure digital architectures.

Knowledge and understanding: students will learn 1) the design principles of historical and modern symmetric-key ciphers; in particular they will understand the concept of perfect secrecy and the principles underlying the round structures of block ciphers, the structure of stream ciphers and how to assess the resistance of a block cipher against the linear and differential cryptanalyses; 2) the notions of cryptographic hash functions and the principles underlying their most common constructions as well as how to effectively employ them given the requirements of a target application; 3)  the notions of algebra related to cyclic groups, rings and finite fields that are at the core of asymmetric-key ciphers. 4) the inner working of RSA, ElGamal and Diffie-Hellmann cryptosystems as well as of their variants based on elliptic curve arithmetic; 5) the implementation criteria of asymmetric cryptosystems in the most common software and hardware systems; 6) how the cryptographic primitives are effectively employed in popular protocols employed for authentication, secure communication and  secure data storage.

Applying Knowledge and understanding: given a hardware or software system (or a composition thereof) requiring one or more security services to deal with data in trasfer or at rest, the student will be  able to identify the composition of cryptographic primitives that best match the requirements motivating their choices. In addition, the acquired notions and knowledges will enable them to read and understand the description of more recent developments concerning secure protocols and applications. 

Making judgements: given a cryptographic application, students will be able to analyze and understand its security requirements and will be able to recommend the best configuration parameters and to suggest modifications to the system, keeping into account also implementation issues.    

Communication: students will learn how to clearly and concisely express in writing their technical assessments concerning theoretical and practical security solutions.

Lifelong learning skills: students will learn how to properly choose and configure a cryptographic system, as well as assessing whether the cryptographic building blocks are properly used in complex systems and protocols.

[Cryptography principles and algorithms]

Security services: confidentiality, integrity, authentication and non-repudiation

History of cryptography

Foundations of modern cryptography

Symmetric algorithms and modes of operation

Elements of modern block cipher cryptanalysis

Hash functions

Asymmetric algorithms (RSA, ElGamal, Diffie-Hellman, Elliptic Curve based Cryptosystems)

Elements of asymmetric cipher cryptanalysis

[Architectures and protocols]

Efficient asymmetric cipher implementations

Public Key Infrastructure, Web of Trust and distributed notary schemes

Secure (SSL/TLS, SSH) and anonymous (onion routing) communication protocols

Secure data storage protocols: IEEE P1619 standard

Secure authentication schemes, bruteforcing-safe password storage and Kerberos

Security-aware device architectures: cryptographic accelerators and crypto-processors

Primer on Side channel attack methodologies and countermeasures

REFERENCES

the material will be available on the teacher's website.

http://crypto.dei.polimi.it/doku.php?id=courses:csdd,

http://home.dei.polimi.it/pelosi

None

The exam consists of a written test. It is possible to integrate the written examination either with an optional programming project or with further readings on advanced topics. The additional grade of the project/reading assignment wil be assigned after the presentation of the work to the instructor.  Questions and solutions of past written examinations will be made available. 

The written test will include:

questions asking for the solution of numerical problems aimed at verifying the knowledge of how the presented  cryptographic primitives and procols work (Dublin descriptors 1, 2, 3, 4, 5);

theoretical questions on all course topics with open answer (Dublin descriptors: 1, 2)

exercises focused on both the design of a cryptosystem and its cryptanalysis (Dublin descriptors: 2, 3, 4, 5).