1 / 12

Foundations of Network and Computer Security

Foundations of Network and Computer Security. J ohn Black. CSCI 6268/TLEN 5550, Fall 2009. Introduction. UC Davis PhD in 2000 Cryptography Interested in broader security as well UNR two years CU Boulder seven years My teaching style and personality. This Class.

lucian-vaughn
Download Presentation

Foundations of Network and Computer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Foundations of Network and Computer Security John Black CSCI 6268/TLEN 5550, Fall 2009

  2. Introduction • UC Davis • PhD in 2000 • Cryptography • Interested in broader security as well • UNR two years • CU Boulder seven years • My teaching style and personality

  3. This Class http://www.cs.colorado.edu/~jrblack/class/csci6268/f09/ • Use above for all materials • Available from my home page • This is a CAETE course • Several distance-learning students • Lectures available on the web (later) • Lectures on VHS in library in Math bldg

  4. Logistics • MWF, ECCS 1B28, 10am – 10:50am • Final, Tuesday Dec. 15th, 4:30pm – 7pm • Office Hours • ECOT 627, M 11-11:50am; F 4:00-4:50pm • More as needed • jrblack@cs.colorado.edu (better than dropping by without an appt)

  5. Grading • See course info sheet • Let’s go over it now • Course Topics • Why no book? • Cryptography and Network Security • Quite a blend of math, hacking, and thinking

  6. Topics • Policy, Law, History • A Taste Today • Cryptography • Not how to make it, but how to use it • Hacking • Buffer overruns, WEP attack, TCP session hijacking, DDoS, prevention • Some hands-on using OpenSSL (project)

  7. Miscellany Class Format: Informal • Small class • Ask questions! • Slides • Sometimes available in advance • Schedule • Usually up-to-date and online

  8. History • Early days of Cryptography • Lucifer and DES • Export restrictions • 40 bit keys! • Public Key Cryptography • MI6 had it first?! • Differential cryptanalysis • NSA knew first

  9. Who is the NSA? • National Security Agency • Huge • Fort Meade, MD • More mathematicians than anywhere • Classified budget

  10. Laws • DMCA • Felten RIAA/SDMI case most famous • 2001 SDMI challenge • Many believe it’s the right idea, but a bad law • All reverse-engineering is sketchy • CALEA (1994) • Communications Assistance for Law Enforcement Act • 2004 ruling says VoIP must provide compliance • Has withstood all court challenges • Patriot Act

  11. Case Study • Accountant for crime ring • Used PGP • Pretty Good Privacy • Phil Zimmerman • Feds seized computer • Couldn’t read files! • Subpoena for keylogger • Worked like a charm!

  12. Policy • Government has attempted to control encryption before • Skipjack • Key Escrow • Clipper Chip • Ultimately failed due to massive protest from “privacy advocates” • Electronic Frontier Foundation (John Gilmore)

More Related