CRYPTOGRAPHIC ENGINEERING

• Knowledge and understanding: the student will acquire a technical background on some developing tools for Modern Cryptography; it will cover high-level cryptographic solutions but also low-level developing tools in order to be able to implement any kind of cryptographic schemes.
• Applying knowledge and understanding: the student will learn how to determine the effective security level of a cryptographic solution but also to prevent the use of not-secure approaches in his own code; such goal will be pursued by means of the study of existing applied solutions but by understanding how some notable cryptographic attacks work.
• Making judgements: the student will learn to judge the goodness of existing cryptographic schemes but also its suitability in a software project making use of it.
• Communication skills: the student will learn the specific technical micro-language and he will be able to interface with technical documentation but also to communicate with experts in such field.
• Learning skills: the theoretical background from Cryptography, jointly with the specific practical-technical knowledge acquired in this course, will permit the student to approach the adoption/adaptation/development of any cryptographic scheme in a more complex software project.

In class oral lessons on theoretical arguments and on laboratory-related aspects.

Should teaching be carried out in mixed mode or remotely, it may be necessary to introduce changes with respect to previous statements, in line with the programme planned and outlined in the syllabus.

This class is intended as the continuance of the theoretical path started with the course “Cryptography” and it can be considered a bridge towards the practice. It covers arguments from the, so called, "Cryptographic Engineering" field: it is fusion of the theoretical and practical knowledges that are necessary to implement cryptographic schemes in a sound, secure and efficient way. The first part of the class covers some basic concepts of theory and the introduction of some efficient algorithms widely used in implementations of multi-precision integers (MPI) arithmetic. Such knowledge is strictly necessary in order to optimize the performances of the cryptographic schemes but also to effectively understand many advanced cryptographic attacks presented during in the course. A second part of the class covers the study of some real-world standards (SSL/TLS, SSH) and to some related advanced cryptographic attacks. A third part goes deep in the implementation details on the topic.

• [AvOV] Alfred Menezes, Paul van Oorschot, Scott Vanstone: Handbook of Applied Cryptography
• [PP] Christof Paar, Jan Pelzl: Understanding Cryptography: A Textbook for Students and Practitioners
• [S] N.P. Smart: Cryptography Made Simple

The slides include several references to technical scientific papers.