CAS CS 591. Topics in Internet Security

office: MCS-284, phone: 353-5285
office hours: Monday 1-3pm and 6-7pm

Here are the slides (MS PowerPoint) more or less as I showed them. I might change them a bit. I recommend to view them as in the ppt show (i.e. as I show them in class, rather than in the edit mode or in the printouts).

• Crypto Overview
• Broadcast Encryption & Asymmetric MACs

references:
• "Broadcast Encryption", A.Fiat and M. Naor, Proc. of Crypto-93.
• R. Canetti, J. Garay, G. Itkis, D. Micciancio,  M. Naor and B. Pinkas, Issues in Multicast Security: A Taxonomy  and Efficient Constructions, Proc. of INFOCOM'99, New York, NY, March 1999.
• Asymmetric MACs, ramp session presentation in Crypto-96
related references:
• Moni Naor and Benny Pinkas, Threshold Traitor Tracing, Crypto 98.

traitor tracing is an interesting twist of the same problem: what if someone leaks the keys of Broadcast Encryption (say, posts them on the internet) - how can we catch who is this traitor?
• Doug Stinson's papers (with co-authors), also see his bibliographies.

• Student presentation (Jeffrey Considine and Gregory Fletcher: chaffing & winnowing)

+ my lecture (multicast key management):
• Chaffing and Winnowing (by  Ron Rivest )
• IP Multicast Security

references & links:
•  D.M. Wallner, E. J. Harder, R. C. Agee, Key Management for Multicast: Issues and Architectures, September 1998
• R. Canetti, J. Garay, G. Itkis, D. Micciancio,  M. Naor and B. Pinkas, Issues in Multicast Security: A Taxonomy  and Efficient Constructions, Proc. of INFOCOM'99, New York, NY, March 1999.

 
• SMUG: secure multicast research group (a number of links there, esp. the Internet drafts)
• General Multicast: IP Multicast Initiative

• Trator Tracing; Certificate Revocation
• Moni Naor and Kobbi Nissim, Certificate Revocation and Certificate Update, 7th USENIX Security Symposium, 1998.

• More student presentations:
• Karen Pinkas, Anukool Lakhina and Scott Savarese: traitor tracing. (see original paper above)
• Paul Barford (see his msg with the description) on intrusion detection and anonymity
• Sumit Mehrotra and Thomas Gschwendtner (secure multicast: a framework and a protocol)
• Mulyadi Tandio: VPNs
• Steve Peckham, Kan Hayashi, Steve Miskovitz: firewalls
• Amer Sharaf:e-commerce
• metering
• pay-per-click
• ...
• Guest Lectures:
• Tan and Kingpin from L0pht

• Suggested topics
• Public Key Infrastructures, Revocation Lists, etc.

starting points:
• SDSI
• Can We Eliminate Revocation Lists? (by Ronald L. Rivest)

Theory of Cryptography library - latest papers on-line, great source for research topics

Excellent source of security and crypto links by David Wagner
Another good collection of security links is by Bennet Yee
Network security papers from IBM, Zurich research group
Some good links from TISC (check out their conference in Boston)
An interesting white paper on Network Security (from IBM group).

Pages of some active researches - good starting points

 Bill Stallings' page for his Network Security book

 Bruce Schneier (the author of the "Applied Cryptography" book)

 Ron Rivest (the "R" of RSA)

 Dan Boneh

 Ross Anderson

 Markus Kuhn - a student I mentioned in my lecture in connection with Star Trek season...

Eli Biham (one of the best cryptoanalysts)

Alex Biryukov

Moti Yung (a father of Kleptography)

Paul Kocher (the author of timing attacks - featured in NYT) has a company  where he does a lot of cool research and maintains lots of good links. (for onspiration, check out the team members bios, starting with Paul himself - he may not be much older than many of you)

Doug Stinson

 Carl Ellison

Mihir Belare (including Inremental Crypto, and other interesting suff)

Daniele Micciancio  (including Incremental Crypto)

Matt Franklin

Markus Jakobsson

Benny Pinkas (Benny co-authored some of the papers we have seen, but still has a few left, which are interesting and fun)

Happy browsing! I highly recommend you start looking for your topics ASAP!