70 likes | 76 Views
CS/ECE 478 Introduction to Network Security Dr. Attila Altay Yavuz. Course Overview and Organization. Spring 2018. High-Level Objectives. Cryptographic primitives and Net. Sec. foundations: Essential cryptographic building blocks Their properties and use
E N D
CS/ECE 478 Introduction to Network Security Dr. Attila Altay Yavuz Course Overview and Organization Dr. Attila Altay Yavuz Spring 2018
High-Level Objectives • Cryptographic primitives and Net. Sec. foundations: • Essential cryptographic building blocks • Their properties and use • Basic Service: Authentication and Handshakes • Primitives • Protocols • Key Management and Establishment Protocols • Network Security Protocols • Selected Advanced Topics
Pre-reqs and Grading • Required: • Good C/C++ programming • CS 372 and CS 321 • Desirable but not required: Previous security courses • CS 370 or CS 427 • Grading: No mid-term or final! • 5 Homeworks (10% each): 50% total • HWs are research-oriented (10 days each) • 3-4 Mini-projects in form of labs: 50% total • You will have access to remote Virtual Machines (VMs) to work • Implementation of network security protocols with crypto libraries • Around 2-weeks duration each • Extra credit quizzes (e.g., 7-8%)
Topics – Syllabi Outline – TENTATIVE TIMING • Week 1-2: Hash-based primitives and Net. Sec. Tools • Week 3-4: Preparation for Network Security Protocols • Symmetric Primitives: DES and AES (not covered in CS 427) • Key Exchange: DH and Certificates (quick recap with some number theory) • Encryption/Authentication: Elgamal, Schnorr, DSA, (not covered in CS 427) • Week 4-5-6: Net. Sec. Protocols • Handshake principles, replay attacks, etc.. • Needham-Schroeder,Otway-Rees, Kerberos, Station-to-Station protocol, common mistakes • Week 6-7: Net. Sec. Protocols • SSL/TLS • IPSec, Basic Cloud Security • Week 7-8: Key Management and Establishment: IoT Key Distribution • Group Key Establishment: GDH protocols • Group Key Management: Iolus, Logical Key Hierarchy, Key Trees • Week 9: Privacy in Cloud and Emerging Wireless Systems • Searchable Encryption for Cloud Storage: Privacy versus data utilization dilemma • Location-Privacy in Cognitive Radio Networks • Week 10: Selected Topics in Emerging Network Security
Pre-reqs and Grading • Homeworks (5 HWs, each has generally 5-6 questions): • Some asks you to dig deeper in topics covered in class • Some complements topics not covered in class: Research-based questions • Some involve a proof or algorithm analysis • Mini-projects (3-4 lab assignments) • ZeroMQ network package to connect processes, remote access for implementation • MIRACL cryptographic library for protocol implementation • Counter Denial of Service Tool • Implement a client-server puzzle with client-server model • Authentication at Post-Quantum Era • Implement a simple multiple-time hash based signature • A Secure Digital Forensic Tool: Loss/Compromise Resilient Logger • Implement forward-secure and aggregate authentication for logs • Compression and information dispersal for network resiliency • Implement your mini TLS • Implement an authenticated TLS handshake with certificates and ECC Crypto
Logistics and Notes • Instructor Office Hours and Course Webpage: • Tuesday 2:00 – 4:00 PM (to be updated), KEC 3065 • http://web.engr.oregonstate.edu/~yavuza/ • Class email (important!) and in-class announcement • Your TA and Office Hours: • Mr. Rouzbeh Behnia, John 125 • Monday and Wednesday, 12:00 – 1:30 PMs (extra grading hours will be hold). • Grading and assignment related questions go to TA, everything else is me. • A protocol and cryptography oriented approach to network security • This is not a system security course! No hacking, etc… • Plenty of protocols, coding and cryptography! • Instructor Travels • 2 weeks of travel (out of state and out of US) • 1 week will be covered by guest faculty • 1 week will be covered by TA
Extra Resources (not required but optional) • No textbook is required. Lecture slides and reading papers will be provided at course website. However, some optional books that may be useful: • Charlie Kaufman, Radia Perlman, and Mike Speciner, “Network Security: Private Communication in a Public World”, Second Edition, Prentice Hall. (some slides and assignments are from this book) • Douglas R. Stinson, “Cryptography Theory and Practice, 3rd edition". • Jonathan Katz & Yehuda Lindell , “Introduction to Modern Cryptography”. • Free online cryptography resources: • Lecture notes of Dr. Mihir Bellare: https://cseweb.ucsd.edu/~mihir/cse207/classnotes.html • "The Joy Cryptography" from Dr. Mike Rosulek: http://web.engr.oregonstate.edu/~rosulekm/crypto/