• Lecturer: Prof. Dr. Schwenk
• Language: German
• Credits: 5 CP
• Programs: B.Sc. IT-Security, M.Sc. IT-Security / Networks and Systems
• Examination: 100 % Written Exam (120 Minutes) + 10 % Homework

Course Description

When cryptography is used in a technical environment such as a computer, data or telephone network, security depends not only on purely cryptographic factors but also on the technical embedding of the encryption and signature algorithms. Prominent examples (of faulty embedding) are EFAIL (efail.de), attacks on the WLAN encryption systems WEP and WPA (KRACK) and various attacks on TLS (Bleichenbacher, POODLE, DROWN, ROBOT). The module deals with concrete networks for data transmission and examines them from all sides with regard to their security. It includes to following parts:

• Introduction: Internet
• Introduction: Confidentiality
• Introduction: Integrity
• Introduction: Cryptographic protocols
• PPP security (esp. PPTP), EAP protocols
• WLAN security (WEP, WPA, Wardriving, KRACK)
• GSM and UMTS mobile communications (authentication and encryption)
• IPSec (ESP and AH, IKEv1 and v2, attacks on IPSec)
• File encryption with OpenPGP (data format, efail, Klima-Rosa)
• E-Mail encryption with S/MIME (SMTP, data format, Efail, POP3, IMAP)