AG Sichere Identität

Regular Meetings

We hold regular meetings dedicated to research discussions, thesis presentations, talks by guest speakers, hacking and tinkering with software and hardware.

SCADACS meetings are invitation-only but guests are welcome, particularly students. If you are interested to attend then please contact Johannes Klick for an invitation or ask a SCADACS member to sponsor you.

See also: SCADACS

Annual Lecture, Winter Term

Cryptography and Networked Systems Security

This graduate level course (4V+2Ü) begins with a historical perspective of cryptography and its importance today, followed by an introduction to the theory, principles and application of modern cryptography with a focus on the asymptotic security model. The course covers pseudorandomness, secret key and public key encryption, operation modes, hash functions, message authentication codes, digital signatures, homomorphic encryption, eavesdropping attacks, chosen plaintext attacks, chosen ciphertext attacks, secure message transmission schemes, the random oracle model, sequences of games, limitations of the asymptotic security model, key distribution and key management. Along the lines, students will learn to avoid common mistakes when designing cryptographic protocols and they learn to properly assess cryptographic protocol proposals at a high level. This parts of the course puts heavy emphasis on proofs of security and sound formal arguments. In the last part of the course we will cover a variety of security protocols in common use.

Prerequisites:

Literature:

Annual Lecture, Summer Term

Computer Security

This graduate level course (4V+2Ü) begins with a historical perspective of computer security and its importance today, followed by an introduction to the concepts necessary to understand, model and assess computer security. The course covers topics such as passwords, access control theory, security policies, reference monitors, security kernels, capabilities, hardware security mechanisms, information flow control, compiler-based security mechanisms, Trojan Horses, covert channels, side-channel attacks, input validation, stack, heap and integer overflows, format string vulnerabilities, race conditions, computer security criteria, evaluation assurance, user interfaces and security. This is a reading-intensive course. Students will be exposed to a broad range of computer security issues. Along those lines, students will learn to identify and avoid typical software development mistakes that lead to security vulnerabilities.

Please note that cryptography is not a computer security topic. The treatment of cryptography in computer security books tends to be shallow. For a thorough introduction to cryptography please refer to books that focus on it.

Prerequisites:

Literature:

Current courses

Here is a list of past courses.

Papers Projects Theses People Offices AG-SI CS FUB Imprint