The course has two main parts. In the first part, the emphasis is on replication as the means to tolerate faults. Applications to cluster computing and cloud computing services will be presented. In the second part, the goal is to protect clients from powerful but untrusted, remote storage and computation providers. The course presents principles and fundamental methods, and shows how they are applied to real-world systems.
Dates.
| Lecture: | Friday, 13:15-15:00, ML F 34. |
| Exercise: | Friday, 15:15-16:00, ML F 34. |
Web page. http://www.zurich.ibm.com/~cca/sft13/,
The course is part of the Information Security Master Track.
Prerequisites. Knowledge in information security and/or network security, cryptology, and distributed systems. In particular, this course uses concepts from public-key cryptology (RSA, Diffie-Hellman) and reliability in asynchronous message-passing systems. Corresponding to ETHZ D-INFK courses "Information Security" and "Verteilte Systeme" ("Distributed Systems") or equivalent.
| Date | Lecture notes | Assigned exercise | |
| 22. Feb. | (1) Introduction and
(2) Dependability
|
Exercise 1 | |
| 1. March | RAID-6 (EVENODD);
Primitives (communication, failure detectors, cryptography) [CGR11] 1; 2.1, 2.2, 2.4.1, 2.4.4, 2.5 |
Exercise 2 | |
| 8. March | Failure detectors; (2) Reliable broadcast, FIFO broadcast, causal broadcast [CGR11] 2.6.1, 2.6.2; 3.1, 3.2, 3.3 (excl. 3.3.2), 3.9 (3.9.1-3.9.4) |
Exercise 3 | |
| 15. March | (2ff.) Quorums; Causal and Byzantine broadcasts [CGR11] 2.7.3; 3.9.7, 3.10 (excl. 3.10.4), 3.11 |
Exercise 4 | |
| 22. March | (3) Distributed storage, semantics and implementations [CGR11] 4.1, 4.2, 4.3.1, 4.3.4, 4.4.1-4.4.2 |
Exercise 5 | |
| 12. April | (3ff.) Byzantine distributed storage; (4) Consensus and atomic broadcast [CGR11] 4.7.1-4.7.2; 5.1.1, 5.2.1, 5.2.2, 6.1 |
Exercise 6 | |
| 19. April | (4ff.) Atomic broadcast, leader election, and fail-noisy uniform consensus (Paxos) [CGR11] 6.1, 4.7.1-4.7.2; 5.1.1, 5.2.1, 5.2.2 |
Exercise 7 | |
| 26. April | (6) Distributed cryptography and proactive recovery Handout sections 6.1-6.3 |
Exercise 8 | |
| 3. May | (6ff.) RSA threshold signatures and proactive cryptosystems (handout, 6.4-6.6); Non-blocking atomic commit ([CGR11] 6.6) |
Exercise 9 | |
| 10. May | (7) Cryptography for storage systems (printer-friendly format) For background concepts, see [WHKMV08]. |
No exercise | |
| 17. May | (8) Oblivious transfer and secure computation [S08] Chapter 24:3; Chapter 26:1-2. Alternative formulation in [LP09] Section 1. |
Exercise 10 | |
| 24. May | (8ff.) More on two-party secure computation,
CBMC-based garbled circuit
evaluation [HFKV12]; Fully homomorphic encryption;
Interaction is needed in secure computation [ACCK01] Sec. 1-2;
|
Exercise 11 | |
| 31. May | (8ff.) Commitments [S08] Chapter 24:2; Fairness and fair exchange; (5ff.) Windows Azure Storage [CWO11]. |
No exercise |
|
[CGR11] Christian Cachin, Rachid Guerraoui, and Luís Rodrigues. Introduction to Reliable and Secure Distributed Programming (Second Edition). Springer, 2011. The notes at the end of every chapter provide background literature. Chapter 7 points to related and more advanced literature. |
Further references
There will be an oral exam, held during the ETHZ exam session. The exam will cover the material presented in class and also some material presented in the exercises.