CSE408/508 Fall 2009. Network Security

Lecturer:	Rob Johnson
TA:	Mingwei Zhang
Location:	Computer Science 2311
Time:	MoFr 12:50pm-2:10pm
Rob's Office Hours:	Tu 4:00-6:30pm, 2313D Computer Science Building
TA's Office Hours:	Mon 2:30-5:30pm, 2110 Computer Science Building
Home page:	http://www.cs.sunysb.edu/~cse508/
Textbook:	None, although see recommendations below.

News

Project information is now available.
Solutions to HW1 are now available.
HW1 is now available, with source. Due 10/16.
Class moved to Computer Science 2311. Please come to 2311 Friday, 9/4.

Overview

This course will divide into roughly three parts. In the cryptography section, we will cover number theory, symmetric and public key cryptography, and other fundamental cryptographic constructs. In the protocols section, we will discuss applications of the basic cryptogrpaphic tools, such as authentication and secure e-commerce. Finally, we will talk about attacks and defenses for current network architectures.

Topics

Security basics: security goals, threat models, trust, policies, mechanism, security through obscurity
Symmetric cryptography: Block ciphers, stream ciphers, MACs, hash functions, random-number generators
Public-key crypto: RSA, El Gamal, Signatures, PKI
Protocols and applications: Kerberos, SSH, SSL, IPSec, PGP
Network attacks: DoS attacks, DNS attacks, BGP corruption, TCP hijacking, etc.
Network defenses: Firewalls, Intrusion-detection systems, software security
Advanced topics: Zero-knowledge proofs, e-cash, secret-sharing, identity-based crypto

Requirements and Grading

Subject to tweaks throughout the semester.

Homeworks (20%). I will assign 4-5 homeworks throughout the semester. They will not take long - two to four hours each.
Class project (25%). You will work in groups of 2-3 on a class project in computer security.
Class participation (5%). I strongly encourage discussion and debate in class. Please don't hesitate to ask questions if you don't understand or disagree with anything covered in this course.
Midterm exam (25%).
Final exam (25%). The final is cumulative, so it will have questions covering topics from the entire semester.

Class Notes

If you would like to earn extra credit, you may volunteer to write up notes for a lecture. I will count one day's notes as equivalent to one homework problem. Notes should be submitted in PDF format, and should not just be a scan of your notebook. I will post the notes on the course web page.

Textbooks

There is no required textbook, but the cryptography section of the class will borrow heavily from Bellare and Rogaway's online course notes, Introduction to Modern Cryptography. You may also refer to Goldwasser and Bellare's Lecture Notes on Cryptography. Other cryptography books you may find useful are:

Handbook of Applied Cryptography, Alfred Menezes, Paul van Oorschot, Scott Vanstone.
Introduction to Modern Cryptography: Principles and Protocols, Jonathan Katz, Yehuda Lindell.

The latter half of the class will cover more "systems-y" topics of network security. We will read papers to cover this material, but you may also find the following books helpful:

Network Security: Private Communication in a Public World, Charlie Kaufman, Radia Perlman, Mike Speciner.
Wireless Security: Models, Threats, and Solutions, Randall K. Nichols, Panos C. Lekkas.
Computer Security: Art and Science, Matt Bishop.
Security Engineering, Ross Anderson.

Note: If you have a physical, psychological, medical or learning disability that may impact on your ability to carry out assigned course work, please contact the staff in the Disabled Student Services office (DSS), Room 133, Humanities, 632-6748v/TDD. DSS will review your concerns and determine with you what accommodations are necessary and appropriate. All information and documentation of disability are confidential.

Course Audio Recording

Course Schedule

Note: the schedule may change throughout the semester.

Date	Topic/optional reading assignment
8/31	Review of networks, network security goals, threat models for network security, information-theoretic security Notes, Chaitanya Ramachandra Notes, Nicolo Davis Notes, Deepika Srinivasan Notes, Vijit Kharbanda Notes, Sagnik Dhar Notes, Rajarshi Agnihotri Notes, Sumeet Dash
9/4	Pseudo-Random Generators, Stream Ciphers, Computational Indistinguishability Notes, Ritin Suthagaran Notes, Sumeet Dash Notes, Prabakar Radhakrishnan Notes, Pranav Jadhav Notes, Sagnik Dhar Notes, Supreet Padhi Notes, Chaitanya Rramachandra Notes, Rajarshi Agnihotri Notes, Vijit Kharban
9/7	No class - labor day
9/11	Pseudo-random functions and permutations, block ciphers Notes, Chaitanya Ramachandra Notes, Ishani Garg Notes, Manoj Harpalani Notes, Prabakar Radhakrishnan Notes, Sumeet Dash Notes, Supreet Padhi Notes, Vijit Kharbanda Notes,Rajarshi Agnihotri
9/14	Encryption security definitions (IND-CPA, Semantic Security), modes of operation Notes, Vijit Kharbanda Notes, Chaithanya Kr Notes, Sumeet Dash Notes, Supreet Padhi
9/18	MACs, INT-CTXT and INT-PTXT Notes, Vijit Kharbanda Notes, Chaitanya Ramachandra Notes, Rajarshi Agnihotri
9/21	Combining MACs and encryption -- IND-CCA security Notes, Vijit Kharbanda Notes, Supreet Padhi Notes, Anonymous Notes, Rajarshi Agnihotri
9/25	Public key encryption - security definitions, RSA, El Gamal Notes, Supreet Padhi Notes, Vijit Kharbanda Notes,Rajarshi Agnihotri Notes, Sumeet Dash
9/28	No class - Yom Kippur
9/29	Make up class for 9/29 Notes, Rajarshi Agnihotri
10/2	Diffie-Hellman, Public Key Signatures Notes, Anthony Dimillo Notes, Chaitanya Ramachandra Notes, Sumeet Dash Notes, Supreet Padhi Notes,Sruthi Thummala Notes, Rajarshi Agnihotri
10/5	Zero Knowledge Protocols Notes, Sumeet Dash Notes, Chaitanya Ramachandra Notes, Supreet Padhi Notes, Rajarshi Agnihotri Notes, Aman Jain
10/9	Basics of authentication protocols: nonces, timers, counters Notes, Sagnik Dhar Notes, Jamal Irving Notes, Akshay Bhatnagar Notes,Chaitanya Ramachandra Notes, Rajarshi Agnihotr
10/12	Kerberos Notes, Sagnik Dhar Notes, Hema Venkataramani Notes, AnandSagar Kothapalli
10/16	Number Theory Notes, Sagnik Dhar Notes, Kenzley Alphonse Notes, hema Venkataramani Notes, Anand Kothapalli Notes, Vijit Kharbanda Notes, Manish Mehra Notes, Linet Souza
10/19	Miller-Rabin primality test, RSA Signatures Notes, Linet Souza Notes, Kenzley Alphonse Notes, Manoj Harpalani
10/23	El Gamal encryption and signatures, Diffie-Hellman key agreement
10/26	Midterm
10/30	Zero-knowledge protocols Notes Arvindhakshan Madhavan
11/2	Authentication Protocol Notes Arvindhakshan Madhavan Notes Alexandros Adrahtas Notes Linet Dsouza Notes Manoj Harpalani
11/6	Authentication & Kerberos Notes Stratis Frangos
11/9	Secure Remote Password Protocol (SRP-6) Notes Kenzley Alphonse Notes Arvindhakshan Madhavan
11/13	Software security: buffer overflows, format-string bugs, integer overflows, SQL injection bugs, XSS bugs
11/16	Software defenses: static analysis, program transformation, and host-based intrusion detection systems
11/20	Network defenses: firewalls, proxies, and network intrusion-detection systems
11/23	Web security: mashups, javascript isolation, browser security
11/27	No class -- Thanksgiving
11/30	Botnets and worms
12/4	Phishing and other usability issues
12/7	Privacy and anonymity, mixnets, anonymous remailers, TOR
12/11	TBD
12/16	2:15pm-4:45pm Final Exam