University of Oxford Logo University of OxfordProfessional Master’s programme - Home
CMS

Communication Security

To describe and enable participants to explore how cryptogrphic primitives are used to enable secure communication. The course will introduce the students to a large number of important goals and properties between networked devices that is necessary to provide the services we use every day in a secure manner. The course will focus on concrete and technical skills that enable students to understand the details of what a communication protocol can and cannot provide.

Frequency

This course normally runs twice a year.

Course dates

Future courses are expected, but yet to be scheduled.

Objectives

Successful participants will:

  • Understand the basics of secure communication over an insecure channel (network)
  • Study a number of real world security protocols and understand the choices and trade-offs in their design
  • Be able to design simple security protocols to achieve different properties, including
    • Key agreement
    • Liveness
    • Message confidentiality
    • Message integrity
    • Message Authentication
    • Sender Authentication (one way or mutual)
    • Perfect forward secrecy
    • Post compromise security
  • Be familiar with more advanced/unusual properties, for example
    • Localisation and Location verification
    • Distance bounding
    • Crypto currencies: Event ordering, double spending, smart contracts
  • Be able to describe the high level workings of more complex building blocks, like
    • Zero knowledge protocols, Interactive and non interactive
    • Oblivious transfer
    • Private set intersection
    • Private information retrieval

Contents

Introduction:
What is the purpose of a protocol? How do we describe protocols and how to we model the system and adversary to be able to make concrete statements about the security of a protocol.
Security protocol case studies:
SSL -> TLS, how has it changed over time and why where these changes made? What are the assumptions and how is the adversary modeled? What about SSH, TOR, etc. We will also look at cellular networks and the requirements that exist in that domain (lawful interception).
Protocol design and analysis:
How do we analyse protocols and how can they be proven secure with respect to the desired properties. What do the various properties mean in the context of communication.
Unusual properties:
When do we need them and why might we need a different set of assumptions to solve certain problems. Examples include localization and location verification protocols, ans well as distance bounding.
Building blocks for complex systems:
How to accomplish security sub-tasks that are needed over and over in large complex systems. Proofs by zero knowledge, voting with oblivious transfer, information exchange and retrieval in a privacy preserving way

Requirements

There are no strict requirements for this course although it will be beneficial to have a passing familiarity with concepts like encryption, hashing, MACs, and signatures.