2. Professors
  3. Teaching

ALGORITHMS AND PROTOCOLS FOR SECURITY

Francesco CAUTERUCCIO ALGORITHMS AND PROTOCOLS FOR SECURITY

0622700091
DEPARTMENT OF INFORMATION AND ELECTRICAL ENGINEERING AND APPLIED MATHEMATICS
EQF7
COMPUTER ENGINEERING
2024/2025



OBBLIGATORIO
YEAR OF COURSE 1
YEAR OF DIDACTIC SYSTEM 2022
SPRING SEMESTER
CFUHOURSACTIVITY
432LESSONS
216LAB
324EXERCISES


CARLO MAZZOCCA T Curriculum
FRANCESCO CAUTERUCCIO Curriculum
Objectives
THE COURSE ILLUSTRATES THE METHODOLOGIES AND THE BASIC TOOLS FOR THE MANAGEMENT OF INFORMATION SECURITY IN DIGITAL SYSTEMS AND NETWORKS. THIS GOAL IS ACHIEVED THROUGH KNOWLEDGE OF CRYPTOGRAPHIC TECHNIQUES, ALGORITHMS AND AUTHENTICATION PROTOCOLS, PROTOCOLS FOR SECURE COMMUNICATION, PROTECTION MECHANISMS FROM POSSIBLE VULNERABILITIES.

KNOWLEDGE AND UNDERSTANDING
THEORETICAL AND PRACTICAL ASPECTS OF INFORMATION SECURITY IN SYSTEM AND COMMUNICATION NETWORKS; AUTHENTICATION SCHEMES AND PROTECTION SCHEMES USING CRYPTOGRAPHY; SECURITY PROPERTIES OF CRYPTOGRAPHIC PRIMITIVES; UNDERSTANDING OF MAIN TOOLS TO DESIGN SECURE PRIMITIVES; KNOWLEDGE AND UNDERSTANDING OF TECHNIQUES TO EXPLOIT VULNERABILITIES PENETRATING IN SYSTEMS AND INTRUSION DETECTION; KNOWLEDGE AND CLASSIFICATION OF VIRUSES AND MALWARE, AND TECHNIQUES TO ANALYZE AND DETECT THEM.

APPYING KNOWLEDGE AND UNDERSTANDING
ABILITY TO EVALUATE THE SECURITY PROPERTIES OF A SYSTEM, TO DESIGN A SIMPLE SECURE SYSTEM AND TO DEMONSTRATE ITS PROPERTIES. TO CONFIGURE AUTHENTICATION MECHANISMS AND OF SECURE EXCHANGE OF DATA THROUGH INSECURE NETWORKS. TO IDENTIFY POSSIBLE SOLUTIONS TO DEFEND INFORMATION SYSTEMS IN NETWORKS; CAPABILITY TO DETECT ATTACKS TO SYSTEMS, TO APPLY ACQUIRED KNOWLEDGE TO PREVENT AND REMOVE INTRUSIONS.
Prerequisites
BASIC CONCEPTS OF PROBABILITY, DESIGN AND ANALYSIS OF ALGORITHMS.
Contents
DIDACTIC UNIT 1: RANDOMNESS AND PRIVATE-KEY CRYPTOGRAPHY
(LECTURE/PRACTICE/LABORATORY HOURS 12/6/4)
- 1 (2 HOURS LECTURE): INTRODUCTION TO THE COURSE AND TO DATA PROTECTION
- 2 (2 HOURS LECTURE): HISTORICAL CIPHERS, PERFECT SECURITY AND ONE-TIME PAD
- 3 (2 HOURS LECTURE): RANDOMNESS AND PSEUDORANDOMNESS
- 4 (2 HOURS EXERCISE): EXAMPLES OF ATTACKS TO DATA ENCRYPTION AND THEIR ANALYSES
- 5 (2 HOURS LECTURE): STREAM CIPHERS, BLOCK CIPHERS AND OPERATION MODES
- 6 (2 HOURS EXERCISE): USE CASES ABOUT PROTECTION OF CONFIDENTIAL DATA
- 7 (2 HOURS LAB): USE OF TOOLS FOR DATA ENCRYPTION
- 8 (2 HOURS LECTURE): THREAT MODELS FOR DATA ENCRYPTION
- 9 (2 HOURS LECTURE): MESSAGE AUTHENTICATION CODES
- 10 (2 HOURS EXERCISE): EXAMPLES OF ATTACKS TO DATA INTEGRITY AND THEIR ANALYSES
- 11 (2 HOURS LAB): USE OF TOOLS FOR MAC AND AUTHENTICATED ENCRYPTION
KNOWLEDGE AND UNDERSTANDING: NOTION OF SECURE ENCRYPTION, OF (PSEUDO)RANDOMNESS AND OF MAC
APPLYING KNOWLEDGE AND UNDERSTANDING: TOOLS TO CORRECTLY USE (PSEUDO)RANDOMNESS AND PRIVATE-KEY CRYPTOGRAPHY

DIDACTIC UNIT 2: PUBLIC-KEY CRYPTOGRAPHY
(LECTURE/PRACTICE/LABORATORY HOURS 8/6/4)
- 12 (2 HOURS LECTURE): NUMBER THEORY
- 13 (2 HOURS EXERCISE): EXAMPLES OF CONCRETE NUMBER THEORY PROBLEMS THAT ARE CONJECTURED INFEASIBLE
- 14 (2 HOURS LECTURE): KEY EXCHANGE ON PUBLIC CHANNELS
- 15 (2 HOURS EXERCISE): COMBINING KEY EXCHANGE WITH PRIVATE-KEY ENCRYPTION
- 16 (2 HOURS LECTURE): PUBLIC-KEY ENCRYPTION
- 17 (2 HOURS EXERCISE): EXAMPLES OF ATTACKS AND OF USE OF HYBRID ENCRYPTION
- 18 (2 HOURS LAB): PROGRAMMING WITH ELEMENTS IN LARGE FINITE GROUPS AND PRIME NUMBERS
- 19 (2 HOURS LAB): PROGRAMMING AND TOOLS FOR KEY EXCHANGE AND PUBLIC-KEY ENCRYPTION
- 20 (2 HOURS LECTURE): DIGITAL SIGNATURES
KNOWLEDGE AND UNDERSTANDING: PUBLIC-KEY ENCRYPTION, DIGITAL SIGNATURES AND ELEMENTS OF NUMBER THEORY FOR CRYPTOGRAPHY
APPLYING KNOWLEDGE AND UNDERSTANDING: TOOLS TO CORRECTLY USE ASYMMETRIC CRYPTOGRAPHY

DIDACTIC UNIT 3: CRYPTOGRAPHIC HASH FUNCTIONS AND DECENTRALIZATION
(LECTURE/PRACTICE/LABORATORY HOURS 6/2/2)
- 21 (2 HOURS LECTURE): COLLISION-RESISTANT HASH FUNCTIONS (CRHF) AND RANDOM ORACLES
- 22 (2 HOURS EXERCISE): USE OF CRHFS FOR DIGITAL SIGNATURES AND PROOFS OF WORK
- 23 (2 HOURS LECTURE): USE OF CRHFS AND DIGITAL SIGNATURES FOR DECENTRALIZED SERVICES
- 24 (2 HOURS LECTURE): SECRET SHARING AND THRESHOLD DECRYPTION
- 25 (2 HOURS LAB): USE OF TOOLS FOR CRHFS AND THEIR APPLICATIONS
KNOWLEDGE AND UNDERSTANDING: THE POWER OF CRYPTOGRAPHIC HASH FUNCTIONS AND OF DECENTRALIZING A SINGLE POINT OF FAILURE
APPLYING KNOWLEDGE AND UNDERSTANDING: TOOLS TO CORRECTLY PERFORM CRYPTOGRAPHIC HASH

DIDACTIC UNIT 4: PUBLIC-KEY INFRASTRUCTURE AND TLS
(LECTURE/PRACTICE/LABORATORY HOURS 2/2/4)
- 26 (2 HOURS LECTURE): PKI, X509V3 DIGITAL CERTIFICATES AND TLS
- 27 (2 HOURS EXERCISE): EXAMPLES OF ATTACKS AND COUNTERMEASURES WITH PKIX+TLS
- 28 (2 HOURS LAB): MANAGEMENT OF A CERTIFICATION AUTHORITY
- 29 (2 HOURS LAB): USE OF TOOLS FOR DIGITAL CERTIFICATES AND TLS
KNOWLEDGE AND UNDERSTANDING: DIGITAL CERTIFICATES AND SECURE COMMUNICATION OVER INSECURE CHANNELS
APPLYING KNOWLEDGE AND UNDERSTANDING: TOOLS FOR THE MANAGEMENT OF DIGITAL CERTIFICATES AND SECURE COMMUNICATION

DIDACTIC UNIT 5: PRIVACY AND SECURITY BY DESIGN
(LECTURE/PRACTICE/LABORATORY HOURS 0/6/2)
- 30 (2 HOURS EXERCISE): EXAMPLES OF SECURITY MODELS WITH THREAT MODELS AND INTEGRITY/CONFIDENTIALITY PROPERTIES
- 31 (2 HOURS EXERCISE): EXAMPLES OF COMBINED USE OF ALGORITHMS AND PROTOCOL TO SECURELY REALIZE A FUNCTIONALITY
- 32 (2 HOURS EXERCISE): EXAMPLES OF ANALYSIS OF THE SECURITY AND PRIVACY OF A DIGITIZED SYSTEM
- 33 (2 HOURS LAB): CONFIGURATION OF AN HTTPS WEB SERVER
KNOWLEDGE AND UNDERSTANDING: MODELLING, DESIGN AND ANALYSIS OF SECURE AND PRIVATE SYSTEMS BY DESIGN
APPLYING KNOWLEDGE AND UNDERSTANDING: SECURING CLIENT-SERVER WEB COMMUNICATIONS WITH HTTPS

DIDACTIC UNIT 6: SYSTEM PROTECTION
(LECTURE/PRACTICE/LABORATORY HOURS 4/2/0)

- 34 (2 HOURS LECTURE): INTRUSION TECHNIQUES AND INTRUSION DETECTION, VPN AND TUNNELLING
- 35 (2 HOURS LECTURE): VIRUS, MALWARE, TROJAN, RANSOMWARE
- 36 (2 HOURS EXERCISE): CONFIGURATION OF A FIREWALL AND EXAMPLES OF USE OF VPN AND TUNNELLING
KNOWLEDGE AND UNDERSTANDING: INTRUSION MECHANISMS AND COUNTERMEASURES
APPLYING KNOWLEDGE AND UNDERSTANDING: MANAGEMENT OF A FIREWALL AND USE OF A VPN

TOTAL LECTURE/PRACTICE/LABORATORY HOURS 32/24/16
Teaching Methods
THE CLASS CONSISTS OF LECTURES, GUIDED EXERCISES IN THE CLASSROOM OR IN A LAB.
THE LECTURES PRESENT CRYPTOGRAPHIC PRIMITIVES, ALGORITHMS AND SECURE PROTOCOLS DISCUSSING SPECIFICALLY THEIR APPLICATIONS TO SOLVE REAL-WORLD PROBLEMS.
IN THE LAB STUDENTS ARE REQUIRED TO USE TOOLS RELATED TO THE TOPICS DISCUSSED DURING THE LECTURES. IN THE GUIDED EXERCISES STUDENTS ARE DIVIDED IN GROUPS AND A PROJECT-WORK IS ASSIGNED TO EACH GROUP TO DEVELOP DURING THE COURSE. THE PROJECT-WORK INCLUDES THE MAIN TOPICS OF THE COURSE AND IS FINALIZED TO THE ACQUISITION OF THE CAPACITY TO USE THE APPROPRIATE TOOLS TO SOLVE A PROBLEM. THE PROJECT-WORK IS ALSO USEFUL TO DEVELOP AND STRENGTHEN THE ABILITY OF WORKING IN A TEAM.
Verification of learning
THE FINAL EXAM IS DESIGNED TO EVALUATE AS A WHOLE THE KNOWLEDGE AND UNDERSTANDING OF THE CONCEPTS PRESENTED IN THE COURSE, AND THE ABILITY TO APPLY SUCH KNOWLEDGE IN SOLVING SECURITY PROBLEMS.

THE EXAM CONSISTS OF THE EVALUATION OF THE PROJECT REALIZED DURING THE COURSE AND OF A WRITTEN EXAM.
THE EXAM WILL FOCUS ON ASSESSING KNOWLEDGE OF CRYPTOGRAPHIC PRIMITIVES, SECURITY ALGORITHMS AND PROTOCOLS, INTRUSIONS AND VULNERABILITIES. THE WORK-PROJECT WILL BE USEFUL TO ASSESS EXPERTISE IN APPLYING NOTIONS ILLUSTRATED DURING THE COURSE.
IN THE FINAL EVALUATION, EXPRESSED IN THIRTIES, THE EVALUATION OF THE PROJECT WILL IMPACT ON THE 40% OF THE FINAL VOTE, WHILE THE WRITTEN EXAM FOR THE REMAINING 60%.
Texts
THERE IS A MAIN TEXTBOOK:
JONATHAN KATZ, YEHUDA LINDELL
INTRODUCTION TO MODERN CRYPTOGRAPHY
CHAPMAN AND HALL/CRC; (3RD EDITION).

THE TEACHING MATERIAL IS AVAILABLE ON THE UNIVERSITY E-LEARNING PLATFORM (HTTP://ELEARNING.UNISA.IT) ACCESSIBLE TO STUDENTS USING THEIR OWN UNIVERSITY CREDENTIALS.
More Information
THE COURSE IS HELD IN ITALIAN

  BETA VERSION Data source ESSE3 [Ultima Sincronizzazione: 2024-10-16]