teaching security in distance learning courses

1
teaching security in distance learning courses

• Leeds - 20.01.05

2
Agenda

• E-learning characteristics
• Discipline-aware e-learning tools
• Example system teaching cryptography in a
  distance learning environment
• E-learning framework
• Conclusions

3
E-learning characteristics

• E-learning technologies
• Different roles, e.g. facilitator, student,
  acc.manager
• Communication channel(s) between different people
  (with different roles)
• Can facilitate scenario-driven activity
• optional Role-play

From Cutler and Hay (2000, 182)
4
Some initial observations 1/2

• Cryptography is about communication in the
  presence of adversaries (Rivest, 1990)
• Roles Sender, Receiver, Adversary
• Communication model

5
Some initial observations 2/2

• How does cryptography fit in communications?

6
Proposed system

• Aim To develop (specialised) elearning
  technologies for teaching cryptography
• Characteristics/requirements
• Role allocation Alice, Bob, Eve
• Reduced computational effort
• User synergy

7
Main components 1/2

• Crypto communications suite
• (untrusted) communications channel
• Crypto modules
• Temporary secure channel
• The adversarys toolkit
• (untrusted) communications channel
• Data analysis subcomponents
• Intra-adversary communication
• Scenario and role allocation management suite

8
Main components 2/2

Temp secure communication channel

availability
cipher
cipher
logic

suite

suite

Untrusted communication channel

Alice

Bob

data
data
a
nalysis

analysis

cipher
cipher
suite

suite

Adversary

Adversary

Intra
-
adversary communication
channel

9
Example scenarios 1/3

• Cryptographic strength
• Monoalphabetic encryption
• Simple substitution cpk mod n
• Temp. channel volume-based availability
• Adversary tools letter frequency distributions,
  bi-grams, tri-grams, modular calculator
• Polyalphabetic encryption
• Vigenère cipher
• Temp. channel volume-based availability
• Adversary tools Kasiski metric, Index of
  Coincidence monoalphabetic tools

10
Example scenarios 2/3

• Cryptographic strength
• Vernam cipher
• Same as Vigenère cipher BUT
• Key size message size
• Temp. channel time-based availability
• Adversary tools same as in Vigenère
• System will disclose gradually the key bits
• Demonstrates unconditional security

11
Example scenarios 3/3

• One-way functions
• Coin flipping over the phone protocol

even is heads odd is tails
307561
457673
45767332 --gt even
12
E-learning security framework

• E-learning framework
• Cryptography
• Network security
• Security policies
• Access control
• Risk management
• Audit

13
Conclusions

• Lessons learnt from DL can be brought to an
  on-Campus course
• Need for specialised e-learning tool
• Teaching discipline-aware
• Leverage attributes of e-learning technologies
• Use computer security discipline as a vehicle to
  investigate/develop e-learning tools

14
Thank you

• Questions ?