Our crypto course at AIT
Together with Levente Buttyán (Crysys Lab) and István Lám (Tresorit) we run a course called Applied Cryptography at Aquincum Institute of Technology. AIT is a faculty of the Budapest University of Technology and Economics (BME), offering a study abroad program for North American students.
Our course introduces students to building blocks of cryptography (primitives), provides an overview of PKI and electronic signatures shows crypto protocols for secure communications and how crypto can be used in cloud services. While providing mathematical background, the course focuses on how crypto can be used - covering its technical, business, management and legal aspects.
I am holding the lectures about PKI and electronic signatures, please find my slides for the lectures of this module below:
Public Key Cryptographic Primitives
introducing public key crypto, explaining when we need the public or the private key, and describing the basics of two public key cryptosystems: RSA and ECC.
Certificates, CAs, Certification Paths (2 lectures)
describing the concept of a certificate, showing what a certificate authority does, introducing the concept of a trust anchor, and showing some caveats of certificate path building.
Electronic Signature (2 lectures)
introducing the concept of the legally binding electronic signature, comparing EU and US legal approaches, showing the details of how a signature is created (e.g. using a smart card), what signature formats are used (describing the EU AdES formats in detail), and concluding with the long-term verification of electronic signatures.
Information Security Management at CAs
defining information security, and information security management, emphasizing that crypto can yield security only if used in secure processes, introducing the basics of the ISO 27001 standard, and concluding with how all this can be applied at a certificate authority.
describing the global market for webserver certificates, the market for Electronic Signatures (in the EU), and provides an overview of substitutes to webserver certificates.
Note that my slides provide an outline of my lectures only, for instance they do not contain those parts when I show students how to do certain tasks in browsers or signature creation/verification software.
Students also need to complete a PKI homework during the semester so they need to use certificates in practice too.
My slides can be used and distributed according to the Creative Commons license CC BY-NC-ND 4.0 (attribution required, no commercial use, no derivatives).
Other areas related to PKI like symmetric key cryptography, random number generators, details of the TLS protocol, and attacks against it are covered by the other two lectures.