Information Security and Cryptography —
Fundamentals and Applications

June 11-13, 2018 in Zurich, Switzerland

Lecturers: Prof. David Basin and Prof. Ueli Maurer

This seminar provides an in-depth coverage of Information Security and Cryptography from both a conceptual and an application-oriented viewpoint. At the same time, the mathematical, algorithmic, protocol-specific, and system-oriented aspects are explained in a way understandable to a wide audience. This includes the foundations needed to understand the different approaches, a critical look at the state-of-the-art, and a perspective on future security technologies.

The material is presented at three different levels. At the highest level, the basic concepts are presented in detail, but abstractly (e.g., as black boxes), without mathematics. No background is required to follow at this level. At an intermediate level, the most important concrete schemes, models, algorithms, and protocols are presented as well as their applications. Here some minimal mathematical and systems background is assumed. At the deepest level, which is not required to understand the higher levels, different special topics, requiring some mathematical background, are discussed.

Information Security: An Overview

  • Information at Risk: Threats, Security Objectives, and Security Measures
  • Classification of the Fundamental Information Security Problems
  • Course Overview

Cryptography: Basic Concepts and Terminology

  • Some History
  • Types and Models of Cryptographic Systems
  • Cryptographic Functions, Hash Functions
  • Secrecy, Authenticity, and their Duality and Independence
  • Symmetric Cryptography: Block Ciphers, Stream Ciphers, MACs, etc.
  • Randomness and Pseudo-Randomness
  • Cryptanalytic Attacks, Assumptions, Security Definitions
  • Public-Key Encryption and Secret-Key Agreement
  • Digital Signatures, Certificates

Cryptography Foundations

  • Discrete Mathematics Basics, Groups, Fields
  • Theoretical Foundations of Cryptography
  • Discrete Logarithms, Factoring, and other Hard Problems
  • Design and Analysis of Cryptographic Systems
  • RSA: Workings and Security Analysis
  • Diffie-Hellman Protocol: Workings and Security Analysis
  • Elliptic Curve Cryptography
  • Modes of Operation for Cryptographic Systems
  • Security Proofs, Indistinguishability, Reductions
  • Constructive Cryptography and Universal Composability

System and Network Security

  • Networking Essentials
  • Trade-offs in Securing Network Layers
  • Security Protocols including Kerberos, SSL, IPsec
  • Security Architectures
  • Firewalls and Intrusion Detection

PKI and Key Management

  • Key Management Challenges
  • PKI Certificates, Architectures, and Standards
  • Key Revocation and Recovery
  • Trust Models (Direct, Cross, Hierarchical, Web of Trust)
  • X.509 and PGP
  • Alternative PKIs: Client, CA, and Domain-Centric Options
  • Certificate Handling in Web Browsers

Authentication, Authorization, and Access Control

  • AAA Architectures: Authentication, Authorization, and Access Control
  • Authentication: Passwords, Biometrics, and Token-based
  • Policies and Models
  • Access Control Matrix Model
  • DAC and MAC Models
  • BLP, Biba, and Chinese Wall Models
  • Single Sign-on
  • Identity Management

Privacy and Usage Control

  • Data Protection and Control of Intellectual Property
  • Anonymity and Privacy-enhancing Technologies
  • Proxies, Mix Networks, and other Anonymity Approaches
  • Usage Control Architectures
  • Digital Rights Management and Trusted Computing

Security Engineering and Web-Application Security

  • Security Engineering in the Software Engineering Life Cycle
  • Common Vulnerability Classes including: Session Management, Injection Attacks, Cross-Site Scripting, and Race Conditions
  • Security Standards and Certification

Advanced Topics in Cryptography

  • Cryptographic Protocols
  • Zero-Knowledge Protocols
  • Secure Multi-Party Computation
  • E-Voting
  • Digital Payment Systems, E-Cash
  • Block-chains, Smart Contracts
  • Crypto-Currencies, Bitcoin
  • Quantum Cryptography

Download our seminar brochure with the course description.

Seminar's format

The sessions are interactive, with the possibility to decide, on demand, which topics should be treated in more depth. There are coffee breaks in the morning and afternoon. The lecturers will also be available for discussions on all related topics. The lectures and all course material are in English.

Seminar enrollment: complete and send us this form to enroll in the seminar.

Venue of the seminar 2018

June 11-13, 2018

Marriott Courtyard Zurich North
Max-Bill-Platz 1
CH-8050 Zurich
P: +41 (0)44 564 0404
F: +41 (0)44 564 0400

To make reservation for your accommodation at the seminar venue, download the PDF of the hotel reservation form.

For your convenience, use this reservation link to book your accommodation at a speical group rate.