Lecture Notes

Note, these are the lecture notes for 2009-00. We have revised them from feedback and our own thoughts raised by previous years' courses. The advantage of our willigness to update them is that they are always evolving. The disadvantage is that sometimes there are typos and/or errors. We then try to point you towards those during the lectures, and might make more updates during the year.

Most importantly you might notice that the last couple of slots are kept free for student lectures. To find out more about those, have a look at the pages about the course work.

Further reading: for each topic covered we provide lecture notes and some hints for reading. As the course covers many areas, there is no single book that we can recommend as textbook. However, some (old) lecture notes which were used in another but similar type of course are here.

Lecture	Notes	Outline of Contents and Background Reading
1,2	L0 PDF L1 PDF L1 3x3	Introduction Introduction to unit, outline, course work Brief overview of basic crypto and (crypto) terminology needed Reading: whilst Nigel's book is a good and simple introduction to cryptography, you will probably not more than what Wikipedia offers on cryptography.
3,4	PDF 3x3	Access Control Access Control Methods: Access control matrices, lists, tickets Access Control Models (Bell La Padula, Biba, etc.) Reading: Read relevant parts of chapters 4 and 7 of the Ross Anderson book for general access control and multilevel security, and the Ferraiolo-Kuhn paper about RBAC.
5,6	PDF 3x3	Entity Authenication Basic methods Using cryptographic devices Protocols Reading: Read the relevant parts of chapter 10 of the Handbook of Applied Cryptography. Videos: Smart card reverse engineering, Mifare cloning Slides: Fingerprint recognition
7,8,9,10	PDF 3x3	Key Establishment: Symmetric Keys Kerberos Diffie--Hellman STS, MTI, MQV etc Formal analysis (BAN Logic) Reading: Read the relevant parts of chapters 12 and 13 of the Handbook of Applied Cryptography. The information related to Kerberos in WinNT is from the Windows documentation.
11,12	PDF 3x3	Key establishment: Asymmetric Keys Introduction to PKI X.509 vs. PGP, stuff around certificates and signatures SSL, IPSEC as examples of real world usage of PKIs Reading: For SSL, IPSEC, and PGP you can consult the RFCs specifying them (just follow the links from their Wikipedia sites, you do NOT have to memorise details about SSL just the working principle, i.e. choice of ciphers, authentication, key exchange), a good book for all issues around PKIs is Adams and Lloyd's "Understanding PKI" (second edition, publisher is Addison-Wesley, we have copies in the library).
13,14,15,16	PDF 3x3	Physical Security Timing Analysis Simple and Differential Power Analysis Fault analysis Reading: the relevant chapters of Ross Anderson's book are a good, high-level introduction. Another high-level overview is in a book chapter here.
17		Writing and presenting clinic: for those students/groups who would like some feedback on their papers and or presentations, I will be available in the usual lecture room to answer questions and give advice. Please if you come to this session, prepare some questions!
18		Writing and presenting clinic: for those students/groups who would like some feedback on their papers and or presentations, I will be available in the usual lecture room to answer questions and give advice. Please if you come to this session, prepare some questions!
19		Student lectures: this session will last for TWO hours. We will not be in 1.8 but in 1.68! 15:00-15:15 G8 15:15-15:30 G12 15:30-15:45 G13 15:45-16:00 G7 16:00-16:15 G9 16:15-16:30 G2 Groups presenting in this slot must send their presentation to Elisabeth by Monday evening!
20		Student lectures: this lecture will start FIVE minutes early and finish FIVE minutes late. 11:05-11:20 G5 11:20-11:35 G10 11:35-11:50 G11 11:50-12:05 G4 Groups presenting in this slot must send their presentation to Elisabeth by Tuesday evening!