Ensimag Rubrique Formation 2022

Security architectures: network, system, key management, cybersecurity of industrial IT - WMM9SY02

  • Number of hours

    • Lectures 48.0
    • Projects -
    • Tutorials -
    • Internship -
    • Laboratory works 30.0
    • Written tests -

    ECTS

    ECTS 6.0

Goal(s)

Security architectures:
key managements, blockchains, cybersecurity of industrial IT, network and system

Responsible(s)

Jean-Guillaume DUMAS

Content(s)

1. Introduction
*) Motivation/Diffie-Hellman ; MitM ; Kerberos ;
*) Electronic Signatures ; DSS ; RSA-PSS ;
*) References : RFC/PKCS/FIPS

2. Key Management
*) PKI elements, functions ; Certificates, ASN.1, X509, CRL ;
*) Trust models
*) PKIX : Administration ; migration ; OCSP, SCVP, Novomodo;
TP1/TP2 Building an X.509 PKI with openssl
*) Cross-certification ; Bridge ;
*) Embedded Model : demo Certificates Browsers/OS; pinning, EV certs, notaries, bulletin board ;
*) PGP + GnuPG ; Spooky/Sudsy ; IBE; CBE ;
TP3/TP4 PGP and GnuPG

3. Authentification by PKI
*) fips-196 and variants
*) Key transport
*) Authenticated Diffie-Hellman (SIGMA)
*) TLS (handshake)

4. Cybersecurity of industrial IT
*) Electronic Signature and industrial PKI
*) Certification and Security Policies
*) PKI deployement in industry
*) Attacks against certification authorities and similar services
*) Evaluation Criteria and regulations (common criteria ; RGS ; e-IDAS)

5. Application Security
*) Transactions: EMV ; SET ; 3D-Secure ; bitcoin
*) Messaging: E-mail, S/MIME ; OTR
*) Web: https
*) PKI: application integration

6. Threats
*) Introduction / Concepts / Threat Landscape
*) Network Architecture - Theats / Protection Layer 1 to 7

7. Communication Security
*) VPN: TLS, IPsec
*) Firewall / proxying
*) Wireless Security
*) IPv6
*) Routing: DNS / DNSSec ; TOR
*) Canal: TLS ; IPsec

8. OS Security
*) hardening
*) SeLinux, AppArmor, GRSec
*) HIDS

Prerequisites

Classic symmetric or asymmetric cryptosystems (RSA, AES, El Gamal).

Test

0.375 TP + 0.625 Exam

Examen : 62.5%
TP : 37.5%

The exam is given in english only FR

Calendar

The course exists in the following branches:

  • Curriculum - Master in Computer Science - Semester 9 (this course is given in english only EN)
  • Curriculum - Master in Applied Mathematics - Semester 9 (this course is given in english only EN)
see the course schedule for 2022-2023

Additional Information

Course ID : WMM9SY02
Course language(s): FR

You can find this course among all other courses.

Bibliography

J-G. Dumas, P. Lafourcade et P. Redon. Architectures PKI et communications sécurisées. Dunod, 2015.
J-G. Dumas, P. Lafourcade, A. Tichit et S. Varrette. Les Blockchains en 50 questions. Dunod, 2018.
CNIL. Blockchain and the GDPR: Solutions for a responsible use of the blockchain in the context of personal data.
ENISA. Threat Landscape Report.
NIST. Cryptographic Standards and Guidelines.
Brian Komar. Windows Server 2008 PKI and Certificate Security. Microsoft Press, 2008.
Carlisle Adams and Steve Lloyd. Understanding PKI: Concepts, Standards, and Deployment Considerations. Addison-Wesley Professional; 2nd edition 2002.
C. Cachat et D. Carella. PKI Open source: déploiement et administration. O'Reilly 2003.
Thierry Autret, Laurent Bellefin et Marie-Laure Oble-Laffaire. Sécuriser ses échanges électroniques avec une PKI: Solutions techniques et aspects juridiques. Eyrolles 2002.
Enjeux de la sécurité multimédia, T. Ebrahimi, F. Leprevost, and B. Warusfeld, éditeurs, Hermès 2006.
Cryptographie et sécurité des systèmes et réseaux, T. Ebrahimi, F. Leprevost, and B. Warusfeld, éditeurs, Hermès 2006.
B. Schneier. Secrets and Lies. John Wiley & Sons, 2000.
A. J. Menezes, P. C. van Orschot et S. A. Vanstone. Handbook of Applied Cryptography. CRC Press 1997.
W. Stallings. Sécurité des Réseaux: applications et standards. Vuibert 2002.
J. A. Buchmann, E. Karatsiolis et A. Wiesmaier. Introduction to Public Key Infrastructures. Springer 2013.
A. Karamanian, S. Tenneti et F. Dessart. PKI Uncovered: Certificate-Based Security Solutions for Next-Generation Networks. Cisco Press 2011.
K. Bannelier et T. Christakis. Cyberattaques - Prévention-réactions : rôle des États et des acteurs privés, Les Cahiers de la Revue Défense Nationale, Paris, 2017.
J-G. Dumas, J-L. Roch, É. Tannier et S. Varrette. Théorie des codes: compression, cryptage, correction. Dunod 2007.
J-G. Dumas, J-L. Roch, É. Tannier et S. Varrette. Foundations of Coding: compression, encryption, error-correction. 2012.