UE Security architectures : network, system, key managements, blockchains, cybersecurity of industrial IT
Two majors:
- Prolegomenon
- Cryptographic Hash functions
- MAC: message authentication codes
- Electronic Signatures
- Key exchange
- Introduction
- Motivation/Diffie-Hellman ; MitM ; Kerberos ;
- PBKDF ; Electronic Signatures Properties ; DSS ; RSA-PSS ;
- Zero-knowledge proof of knowledge
- References : RFC/PKCS/FIPS
- Key Management (INP, UGA)
- PKI elements, functions ; Certificates, ASN.1, X509, CRL ;
- Trust models
- PKIX : Administration ; migration ; OCSP, SCVP, Novomodo;
- Cross-certification ; Bridge ;
- Embedded Model : Certificates Browsers/OS; pinning, EV
certs, notaries, bulletin board, CRLite ;
- PGP + GnuPG ; Spooky/Sudsy ; IBE; CBE ;
- Blockchains (INP, UGA)
- Distributed ledger;
- Consensus, peer-to-peer system (P2P), public/private/consortium blockchains;
- Miners, Proof of work, Proof of stake, forks, lightning network;
- Bitcoin, cryptocurrencies, ICO, DeFi, wallets;
- Smart contracts (Ethereum), tokens, DAO, NFT, etc.;
- BPKI, DPKI, DNSChain.
- Authentification by PKI (INP, UGA)
- SASL and variants
- Key transport
- Authenticated Diffie-Hellman (SIGMA)
- TLS (handshake)
- Cybersecurity of industrial IT (INP, UGA)
- Electronic Signature and industrial PKI
- Certification and Security Policies
- PKI deployement in industry
- Attacks against certification authorities and similar services
- Evaluation Criteria and regulations (common criteria ; RGS ; e-IDAS)
- Application Security (INP, UGA)
- Transactions: EMV ; SET ; 3D-Secure ; cryptocurrencies ; e-IDAS
- Messaging: E-mail, S/MIME ; OTR
- Web: https
- Threats
- Introduction / Concepts / Threat Landscape
- Network Architecture - Theats / Protection Layer 1 to 7
- Communication Security
- VPN: TLS, IPsec
- Firewall / proxying
- Wireless Security
- IPv6
- Routing: DNS / DNSSec ; TOR
- Canal: TLS ; IPsec
- OS Security
- hardening
- SeLinux, AppArmor, GRSec
- HIDS
- J-G. Dumas, P. Lafourcade et P. Redon.
Architectures de sécurité pour Internet. Dunod, 2020.
- Colin Boyd, Anish Mathuria et Douglas Stebila.
Protocols for Authentication and Key Establishment. Springer 2020.
- J-G. Dumas, P. Lafourcade, A. Tichit et S. Varrette.
Les Blockchains en 50 questions. Dunod, 2nde ed., 2022.
- J-G. Dumas, P. Lafourcade, E. Roudeix, A. Tichit et S. Varrette.
Les NFT en 40 questions. Dunod, 2022.
- J. Stapleton, W. C. Epstein.
Security without Obscurity: A Guide to PKI Operations.
CRC 2016.
- CNIL. Blockchain and the GDPR: Solutions for a responsible use of the blockchain in the context of personal data.
- ENISA. Threat Landscape Report.
- NIST. Cryptographic Standards and Guidelines.
- Dan Boneh, and Victor Shoup. A Graduate Course in Applied Cryptography,toc.cryptobook.us 2023.
- Brian Komar. Windows Server 2008 PKI and Certificate Security. Microsoft Press, 2008.
- Carlisle Adams and Steve Lloyd. Understanding PKI: Concepts, Standards, and Deployment Considerations. Addison-Wesley Professional; 2nd edition 2002.
- C. Cachat et D. Carella. PKI Open source: déploiement et administration. O'Reilly 2003.
- Thierry Autret, Laurent Bellefin et Marie-Laure Oble-Laffaire.
Sécuriser ses échanges électroniques avec une PKI:
Solutions techniques et aspects juridiques. Eyrolles 2002.
- T. Ebrahimi, F. Leprevost, and B. Warusfeld, éditeurs. Enjeux de la sécurité multimédia, Hermès 2006.
- T. Ebrahimi, F. Leprevost, and B. Warusfeld, éditeurs. Cryptographie et sécurité des systèmes et réseaux, Hermès 2006.
- B. Schneier. Secrets and Lies. John Wiley & Sons, 2000.
- A. J. Menezes, P. C. van Orschot et S. A. Vanstone. Handbook of Applied Cryptography. CRC Press 1997.
- W. Stallings. Sécurité des Réseaux: applications et standards. Vuibert 2002.
-
J. A. Buchmann, E. Karatsiolis et A. Wiesmaier.
Introduction to Public Key Infrastructures.
Springer 2013.
-
A. Karamanian, S. Tenneti et F. Dessart.
PKI Uncovered: Certificate-Based Security Solutions for Next-Generation Networks.
Cisco Press 2011.
- K. Bannelier et T. Christakis. Cyberattaques - Prévention-réactions : rôle des États et des acteurs privés, Les Cahiers de la Revue Défense Nationale, Paris, 2017.
- J-G. Dumas, J-L. Roch, É. Tannier et S. Varrette. Théorie des codes: compression, cryptage, correction. Dunod 2018.
- J-G. Dumas, J-L. Roch, É. Tannier et
S. Varrette. Foundations of Coding:
compression, encryption,
error-correction. 2015.
Jean-Guillaume Dumas,
Florent Autréau
Last update: Thursday, September 21, 2023