Crypto pages

• CSI:Dublin
• Magma Tutorials
• Talks
• Criptografas Latinoamericanas

Personal links

• My Flickr
• My twitter
• My tumblr

Third-party links

• Laboratory of Cybersecurity CIC-IPN
• SHA-3 Hardware
• MIRACL
• RELIC
• Breaking ECC2K-130
• ECC news by Galbraith et al.
• Mike's blog
• The Pairing-Based Crypto Lounge
• The Cryptology Pointers
• Matthew Green's blog
• IACR's eprint archive (curr)

My sponsors & affiliations

My previous sponsors & affiliations

π

edit SideBar

• View
• Edit
• History
• Print

Security in Information Systems

• This is a final course at CIMAT. The following corresponds to the Zacatecas Campus.

Description

• This is an introduction course to the very wide field of computing, data networks, and information security. It will cover information security, data network security, and relevant aspects of cryptography.

Objective

• Review the general topics on the information security that affects the information systems.

Specific objectives

• Bring interest to the assistnats to the diverse areas of informatics that require specific security aspects, and to demonstrate the consequences of an inadecuate use of the information resources, and its possible solutions
• It will set the basis of cryptography in order to provide security to services and applications. It will be demonstrated the existent tools for the security expert, and the administration aspects of the information security
• It is also a goal of this module that the assistants seek deeper detail about the topic

Organization

• This course is offered once in CIMAT Zacatecas
• The lectures will be offered daily from October 24th to November 17th
• There will be a practice test, and talk, and a written exam

Topics

1. Introducción
   1. Introducción a la seguridad en los sistemas de información
   2. Conceptos generales de la seguridad de la información
2. Criptografía
   1. Introducción a la criptografía
      1. Criptografía Simétrica
      2. Criptografía Asimétrica
      3. Infraestructura de Llave Pública (PKI)
3. Criptografía en la seguridad de la información
   1. Firmas digitales
   2. Privacidad y Seguridad
   3. Tópicos selectos de criptografía aplicada
4. Seguridad Perimetral
   1. Modelo TCP/IP
   2. IGMP
   3. IP
   4. TCP/UDP
5. Seguridad en redes
   1. Intranet, Extranet, Internet. DMZ
   2. Planeación de una red de datos
   3. Segmentación en IPv4, e IPv6
   4. SNMP
   5. Políticas de acceso
   6. Administración de la red, y sus herramientas
   7. Seguridad perimetral
      1. Firewall
      2. Mecanismos de prevención y detección de intrusos
      3. Pasarelas de aplicación
   8. Redes privadas virtuales
   9. Privacidad en la red
   10. Seguridad versus privacidad
   11. Técnicas de anonimato en la red
6. Seguridad del Software y políticas de seguridad
   1. Estándares y mejores prácticas de la seguridad de la información en el desarrollo del software
   2. Certificaciones relacionadas a la seguridad en sistemas de información
   3. ISO 27001 - Sistemas de Gestión de Seguridad de la Información
   4. Principales controles y mecanismos para la detección y mitigación de riesgos de seguridad en aplicaciones
   5. Creación y gestión de políticas de seguridad informática
   6. Vulnerabilidades de software

Calendar

• 10/24 - Introduction
• 10/25 - Status 2015 + Malware
• 10/26 - Intro to Crypto
• 10/27 - AES
• 10/28 - Hash + tools
• 10/31 - RSA + signatures
• 11/01 - More on PKI
• 11/03 - ECC + PQCrypto
• 11/04 - Complexity + IND-CCA/CPA
• 11/07 - Selected topics
• 11/07 - Data networks
• 11/08 - Presentation session 1
• 11/09 - Presentation session 2
• 11/10 - Development models
• 11/11 - Invited lecturer
• 11/16 - Project presentation 1
• 11/17 - Project presentation 2

Grades

Projects (Pick one on first served basis)

• M-PIN (Auth)
• Botnet
• Group chat
• Game: Conquian
• Mini TOR
• Denuncia anónima
• Sistema de digitalización masiva y firma de documentos
• Game: 2D tanks
• Expediente clínico
• Password manager
• Any other software proposal
• Other encryption software
• Other authentication software

Essay options (talk)

• Analysis of the security in mobile OS
• Virus Morris
• S7 Protocol (WhatsApp/Signal)
• Cyberwar
• Snowden
• Assagne (Wikileaks)
• Bitcoin
• Mirai malware
• Samsung Knox
• Antivirus 2016 Status: best, comparison (at least 10)
• Facebook privacy

Rules (for my sections)

• Email delivery only to luis.dominguez
• Pack your homework and name the file appropriately: t1_lastname.zip
• Use PGP to encrypt your file. Public Key
• Time delivery is at mid-night of the day, 10\% penalty per delayed day
• No plagiarism
• Include bibliography
• Add documentation in LNCS format to your homework:
  • For programs, the report must be 3-5 pages
  • For essay, 5-10 pages

Slides (For my sections)

• Preview
• 10/24 - General Introduction to the course
• 10/26 - Intro to Crypto
• 10/27 - Symetric Cryptography
• 10/28 - Hash and tools
• 10/31 - Asymetric Cryptography MCD
• 11/01 - SSL/TLS
• 11/01 - SSL/TLS b
• 11/03 - ECC
• 11/03 - PQ
• Complexity + talk on the projects
• 11/07 - Selected topics: TrueCrypt, Bitcoin, and Privacy
• 11/07 - Cloud Security
• 11/07 - Encrypted DB
• 11/07 - DiskEncryption
• 11/07 - WSN
• 11/07 - Data network
• 11/08 - Student session 1
• 11/09 - Student session 2
• 11/10 - Secure software development models, and SDL
• 11/11 - Privilege Escalation, video + Examen
• 11/16 - Student project presentation 1
• 11/17 - Student project presentation 2

Video

Video Video