CSE508 Spring 2012. Network Security

Lecturer:	Rob Johnson [ rob at cs.stonybrook.edu ]
TAs:	Xiang Cai and Chia-che Tsai
Location:	Humanities 1003
Time:	MoFr 12:50-2:10
Rob's Office Hours:	Mo 10-11:30, We 12:30-2, 2313D Computer Science Building
TA's Office Hours:	Xiang: Fr 3-5pm, 1208 Computer Science Building Chia-che: Th 12-2pm, 2203 Computer Science Building
Home page:	http://www.cs.sunysb.edu/~cse508/
Textbook:	None, although see recommendations below.

News

The final exam will take place in Javits 102.
Final reports are due by midnight, 5/16. Email them to Rob.
Please sign up using the Demo Sign up Sheet.
Rob's OH during exam week: 3-4pm, Tuesday, May 8 and 12:30-2pm, Wednesday, May 9.
For the week of 5/6-5/12, Xiang's TA OH will be Tue 3-5pm.
Due to a faculty meeting, Rob's office hours today (4/18) are moved to tomorrow (4/19) at 2pm.
The projects page is now available.
The midterm will take place on Friday, 3/30 in class. Here is a sample midterm from Spring 2011.
Solutions for HW1 are now available.
HW1 is available. Due March 19th in class.
For the week of 2/19-2/24, Rob's OH will be Thu 11-2.
We have updated the TA information. (01-31-2012)
We have changed the email address to which you will submit your notes. Please see the "Class Notes" section. (01-31-2012)

Overview

This course will divide into roughly three parts. In the cryptography section, we will cover number theory, symmetric and public key cryptography, and other fundamental cryptographic constructs. In the protocols section, we will discuss applications of the basic cryptogrpaphic tools, such as authentication and secure e-commerce. Finally, we will talk about attacks and defenses for current network architectures.

Topics

Security basics: security goals, threat models, trust, policies, mechanism, security through obscurity
Symmetric cryptography: Block ciphers, stream ciphers, MACs, hash functions, random-number generators
Public-key crypto: RSA, El Gamal, Signatures, PKI
Protocols and applications: Kerberos, SSH, SSL, IPSec, PGP
Network attacks: DoS attacks, DNS attacks, BGP corruption, TCP hijacking, etc.
Network defenses: Firewalls, Intrusion-detection systems, software security
Advanced topics: Zero-knowledge proofs, e-cash, secret-sharing, identity-based crypto

Requirements and Grading

Subject to tweaks throughout the semester.

Homeworks (20%). I will assign 4-5 homeworks throughout the semester. They will not take long - two to four hours each.
Class project (25%). You will work in groups of 2-3 on a class project in computer security.
Class participation (5%). I strongly encourage discussion and debate in class. Please don't hesitate to ask questions if you don't understand or disagree with anything covered in this course.
Midterm exam (25%).
Final exam (25%). The final is cumulative, so it will have questions covering topics from the entire semester.

Class Notes

If you would like to earn extra credit, you may volunteer to write up notes for a lecture. I will count one day's notes as equivalent to one homework problem. Notes should be submitted in PDF format (preferably made using LaTex), and should not just be a scan of your notebook. I will post the notes on the course web page. Submit notes via email to the TAs (cse508notes@gmail.com) with an attachment with name MM-DD-first-last.pdf e.g. 01-23-rob-johnson.pdf and with subject line "CSE508 Notes MM-DD-first-last".

Textbooks

There is no required textbook, but the cryptography section of the class will borrow heavily from Bellare and Rogaway's online course notes, Introduction to Modern Cryptography. You may also refer to Goldwasser and Bellare's Lecture Notes on Cryptography. Other cryptography books you may find useful are:

Handbook of Applied Cryptography, Alfred Menezes, Paul van Oorschot, Scott Vanstone.
Introduction to Modern Cryptography: Principles and Protocols, Jonathan Katz, Yehuda Lindell.

The latter half of the class will cover more "systems-y" topics of network security. We will read papers to cover this material, but you may also find the following books helpful:

Network Security: Private Communication in a Public World, Charlie Kaufman, Radia Perlman, Mike Speciner.
Wireless Security: Models, Threats, and Solutions, Randall K. Nichols, Panos C. Lekkas.
Computer Security: Art and Science, Matt Bishop.
Security Engineering, Ross Anderson.

Note: If you have a physical, psychological, medical or learning disability that may impact on your ability to carry out assigned course work, please contact the staff in the Disabled Student Services office (DSS), Room 133, Humanities, 632-6748v/TDD. DSS will review your concerns and determine with you what accommodations are necessary and appropriate. All information and documentation of disability are confidential.

Course Schedule

Date	Topic/optional reading assignment Warning: Notes may contain errors.
1/23	Week 1, Mon: Review of network security goals, threat models for network security, WEP: an example of why this stuff matters Notes: Bhushan Jain, Gokulraj Mohanasundaram
1/27	Week 1, Fri: What does it mean for an encryption system to be "secure"? Information-theoretic security, the one-time pad, security definitions: IND-CPA, IND-CCA, general notion of computational indistinguishability Notes: Gokulraj Mohanasundaram, Yulong Wang
1/30	Week 2, Mon: Pseudo-Random Generators, the data processing inequality (DPI), transitivity theorem, example PRNGs Notes: Manisha Kamal, Jihoo Ryoo
2/3	Week 2, Fri: Pseudo Random Functions (PRF), DPI for PRFs, Transitivity of Indistinguishability for PRFs, Examples of PRFs (using AES and RSA), Constructing PRGs from PRFs. Notes: Swastika Singhal, Rong Zhang
2/6	Week 3, Mon: Pseudo Random Permutations (PRP), Indistinguishability of PRPs from PRFs, Examples of PRPs (AES), Examples of bad PRPs, Introduction of modes of operations (block ciphers) Notes: Sandeep Koppala, Kavita Malani
2/10	Week 3, Fri: Nimbus, Multi-Swap, Introduction to AES Notes: Sandeep Koppala, Manisha Kamal
2/13	Week 4, Mon: IND-CCA, INT-CCA, MAC Notes: Manisha Kamal, Rong Zhang
2/20	Week 5, Mon: Public Key Encryption, RSA Notes: Manisha Kamal, Rong Zhang, Kavita Malani
2/24	Week 5, Fri: Public Key Encryption, RSA Notes: Manisha Kamal
2/27	Week 6, Mon: Public Key Encryption, RSA Notes: Manish Kamal
3/2	Week 6, Fri: Diffie-Hellman, Public Key Signatures Notes: Manisha Kamal, Rong Zhang
3/5	Week 7, Mon: Public Key Signatures, Full Domain Hashing Signatures Notes: Manisha Kamal, Bhushan Jain
3/9	Week 7, Fri: Secure Public Key Notes: Niti Khadapkar
3/12	Week 8, Mon: Notes:
3/16	Week 8, Fri: Needham-Schroeder Protocol and Kerberos Notes: Manisha Kamal, Niti Khadapkar
3/19	Week 9, Mon: Public Key Agreement Protocols, PKI and SSL PKI Notes: Kavita Malani, Rong Zhang
3/23	Week 9, Fri: DNS Security, SBGP and ICANN Notes: Manisha Kamal, Nupur Agrawal
3/26	Week 10, Mon: Weak and Strong Whisper, TCP Hijacking and Firewalls Notes: Shweta Joshi, Gokulraj Mohanasundaram
3/30	Week 10, Fri: Midterm Exam
4/2	Week 11, Mon: Spring Break
4/6	Week 11, Fri: Spring Break
4/9	Week 12, Mon: Notes:
4/13	Week 12, Fri: Software Security Notes: Nupur Agrawal, Yulong Wang
4/16	Week 13, Mon: Web Security Notes: Kavita Malani, Yulong Wang
4/20	Week 13, Fri: Cross-Site Request Forgery, Mashup Security and Phishing Notes: Saranya Rajasekar, Rong Zhang
4/23	Week 14, Mon: Conditioned Safe Ceremonies, PhorceField and Secure Devie Pairing Notes: Kavita Malani, Yulong Wang
4/27	Week 14, Fri: Notes:
4/30	Week 15, Mon: Notes:
5/4	Week 15, Fri: Privacy in Mobile Applications Notes:Manisha Kamal, Saamaja Vupputuri
5/15	Finals Week, Tue, 2:15-4:45: CSE508 Finals, Javits 102. Good luck!