3
The Hebrew University -- Institute of
Computer Science
Introduction to Computer and Network Security
67649 - Winter
2003
General information
Exercises
General information
Instructor
Dr. Shlomo Kipnis
Department Head
Computer Science Department
The Hadassah Academic College
Jerusalem
http://www.cs.huji.ac.il/sec_www/skipnis@hadassah-col.ac.il
Office:
+972 2 629 1953
Web:
http://www.hadassah-col.ac.il/cs
Teaching
Assistant
E-mail: daniel51@cs.huji.ac.il
Reception hour: Sunday,
Classes
Monday,
Targil hour, Monday,
Wednesday,
Course Objectives
Understanding the goals, issues, technologies, algorithms, protocols, systems, and design criteria used in cryptography and data security. Developing basic system analysis and solution synthesis skills.
Topics
System Security: security policies, security goals, security mechanisms, security principles, physical security, hackers, risk management. Introduction to Cryptography: classical cryptography, perfect cryptography, one-time pad (OTP), one-time MAC (OTM). Computational Cryptography: symmetric encryption, block ciphers, Feistel ciphers, DES, attacks on DES, 2-DES, 3-DES, IDEA, AES, encryption of long texts, stream ciphers, linear feedback shift registers. Hash Functions: uses of hash functions, design of hash functions, birthday paradox, birthday attack, SHA-1, HMAC. Public-Key Cryptography: basics number theory, Diffie-Hellman protocol, El-Gamal protocols, DSS signatures, RSA algorithm. Authentication: passwords and pass phrases, biometrics technologies, cryptographic authentication, authentication protocols, challenge response protocols, mutual authentication, authentication attacks. Symmetric Key-Exchange Protocols: Key-Distribution Centers (KDC), Kerberos. Asymmetric Key-Distribution: public-key certificates, certificate authorities, X.509 certificates, public key cryptographic standards, public-key infrastructure (PKI). Network Layer Security: Internet Protocol Security (IPSec), Internet Key Exchange (IKE). Transport Layer Security: SSL and TLS. Application Layer Security: Pretty Good Privacy (PGP), Email security, Web security, Electronic commerce.
Reading
Material
There are many books on
cryptography and data security. Some
books for further study of these areas are listed below. Copies of many of these books exist in the
library.
Textbooks:
1.
Douglas R.
Stinson, Cryptography: Theory and Practice, Second Edition, Chapman
& Hall/CRC, 2002.
2.
Alfred Menezes, Paul van Oorschot, and
Scott Vanstone, Handbook of Applied
Cryptography, CRC Press, 1997.
3.
Bruce Schneier, Applied
Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition,
John Wiley & Sons, 1996.
4.
William
Stallings, Cryptography and Network
Security: Principles and Practice, Third Edition, Prentice Hall, 2003.
5.
Charlie
Kaufman, Radia Perlman, and
Mike Speciner,
Network Security: Private Communication in a Public World, Second Edition,
Prentice Hall, 2002.
6.
7.
Naganand Doraswamy and Dan Harkins, IPSec: The New Security Standard for the
Internet, Intranets, and Virtual Private Networks, Prentice Hall, 1999.
8.
Eric Rescorla, SSL and TLS: Designing and Building Secure
Systems, Addison-Wesley, 2001.
9.
Bruce Schneier, E-Mail
Security: How to Keep Your Electronic Messages Private, John Wiley &
Sons, 1995.
10. Simon Garfinkel,
PGP: Pretty Good Privacy, OReilly
& Associates, 1995.
Lectures
Lecture 1 -- Introduction to Security -
Lecture 2 -- Security Engineering -
Lecture 3 -- Classical Cryptography I --
Lecture 4 -- Classical Cryptography II --
Lecture 5 -- Modern Cryptography --
Lecture 6 -- Symmetric Cryptography I --
Lecture 7 -- Symmetric Cryptography II --
Lecture 8 -- Symmetric Cryptography III --
Lecture10 -- Hash Functions --
Lecture11 -- Public-Key Cryptography I --
Lecture12 -- Basic Number Theory --
Lecture13 -- Public-Key Cryptography II --
Lecture14 -- Optimizing Crypto Algorithms --
Lecture15 -- People Authentication I --
Lecture16 -- People Authentication II --
Lecture17 -- Authentication Protocols I --
Lecture18 -- Authentication Protocols II --
Lecture19 -- Key Distribution Centers --
Lecture20 -- Kerberos --
Lecture21 -- Public-Key Infrastructure --
Exercises
Assignments
guidelines
Problem Sets: There will be between six and seven problem sets during the course approximately one problem set every 2 weeks. Four or five of the problem sets will be theoretical, each involving solving between 3 and 4 exercises on paper. The theoretical problem sets should be submitted based on individual work (that is no collaboration on the theoretical problem sets). The other two problem sets will be practical and might involve some programming. The practical problems sets can be worked on in pairs (but no more than pairs). The problem sets are mandatory. Each student should submit all the problem sets. The problem sets should be submitted on time. Late submission will not be allowed. The problem sets will be worth between 40% and 50% of the final grade in the course.
Final Exam: There will be a final exam. The final exam might contain some open-ended problems and some multiple-choice problems. The final exam will be worth between 50% and 60% of the final grade in the course.
Newsgroups
The course has two
newsgroups:
local.course.security.ta . This is a moderated news group - your posting will not
appear in the newsgroup until the course stuff answers them. Use this
news
group for asking questions about exercises etc. You should regularly read messages published in the moderated news group. Any message that is posted in this news group will be considered known by all, and will not be repeated elsewhere. To stress this point, in case when, e.g., a clear guideline concerning the exercise implementation is published in the news group, anyone who would not comply with it will loose points.
local.course.security.stud
This is a newsgroup for students discussion, Please do not share answers or
source code there.
Registration
and Submission
All students
taking this course for credit are required to register to the system. In order
that we have your Email for announcements, etc., please register as soon as
possible. You also need to register in order to submit exercises. The
registration and submission links are below:
Late
Submission Policy
Every day late reduces 10% of the final grade. For example, for one day late you will get 90% of your grade. For 2 days, 80% of your grade. Please try to submit on time. Start working early on the exercises.
Targil Notes
Targil 1 October 27. Introduction. Beale cipher. PDF
Targil 2 November 3. Breaking monoalphabetic ciphers. PDF
Targil 3 November 11. Breaking Vigener cipher. PDF
Targil 4 November 18. Reception hour for the exercise.
Targil 5 November 25. CBC uses and attacks.
Targil 6 December 1. Basic number theory. PDF
Targil 7 December 8. Fast CRT exponenciation.
Targil 8 December 15. Review of solutions to ex1 + ex3.
Targil 9 December 22. Communications overview. TCP/IP protocol headers. Insecurity of WEP protocol. Executive summary. Full paper.
Targil 10 December 29.
Targil 11 January 5. Pollards rho method.
Exercises
Appeal Procedure and Policy
You have 2 weeks from the date at which the exercise has been returned to appeal.
In order to appeal, please summarize your concerns in a clear handwriting or in print on a piece of paper, staple it with your original checked exercise and put it
into the course submitted exercise box at Ross -2 (not into the returned exercise closet!!!)
Take into account that
every appealed exercise will be rechecked. As a result your grade might either
get better or get worse.
Assignments
Ex1. submission
date:
Ex2. submission date:
Ex3. submission date:
Ex4. submission date:
Ex5. submission date:
Ex6. submission date:
Old
Exams
Old
exams are used as a reference only. They are taken from 2002 security course of
Prof. Dahlia Malkhi
and 2001
security course by Dr. Shlomo Kipnis
and Prof. Dahlia Malkhi. The syllabus of those
courses might not be fully identical to our course.
This
year the exam will have also open (non-American) questions.
Exam A
Exam B Solution
Exam C
Exam D
Exam Moed A Solution