Introduction to Computer and Network Security

3

    The Hebrew University -- Institute of Computer Science 

 

Introduction to Computer and Network Security

67649 - Fall 2004/2005

 

 

General information

Exercises

 

General information

Instructor

Dr. Shlomo Kipnis                                   

mailto:skipnis@hadassah-col.ac.il

Office:     +972 2 629 1953

http://www.hadassah-col.ac.il/cs

 

Teaching Assistant

Danny Bickson

E-mail: daniel51@cs.huji.ac.il

Course E-mail: security@cs.huji.ac.il

Reception hour: Sunday, 11:00 – 12:00, Ross 107. (Tl. 02-658-5706)

 

Classes

Monday, 16:00 – 17:45, Shprinzak 115.

Exercise hour, Monday, 18:00 – 18:45, Shprinzak 115.

Wednesday, 16:00 – 17:45, Shprinzak 115.

 

Course Objectives

Understanding the goals, issues, technologies, algorithms, protocols, systems, and design criteria used in cryptography and data security.  Developing basic system analysis and solution synthesis skills.

 

Topics

System Security: security policies, security goals, security mechanisms, security principles, physical security, hackers, risk management.  Introduction to Cryptography: classical cryptography, perfect cryptography, one-time pad (OTP), one-time MAC (OTM).  Computational Cryptography: symmetric encryption, block ciphers, Feistel ciphers, DES, attacks on DES, 2-DES, 3-DES, IDEA, AES, encryption of long texts, stream ciphers, linear feedback shift registers.  Authentication Functions: by symmetric encryption, by asymmetric encryption, by hash functions, one-time-signatures.  Hash Functions: uses of hash functions, design of hash functions, birthday paradox, birthday attack, MD5, SHA-1, HMAC.  Public-Key Cryptography: basics number theory, Diffie-Hellman Key-Exchange protocol, El-Gamal protocols, DSS signatures, RSA algorithm.  Authentication: passwords and pass phrases, biometrics technologies, cryptographic authentication, authentication protocols, challenge response protocols, mutual authentication, authentication attacks.  Symmetric Key-Exchange Protocols: Key-Distribution Centers (KDC), Kerberos.  Asymmetric Key-Distribution: public-key certificates, certificate authorities, X.509 certificates, public key cryptographic standards, public-key infrastructure (PKI).  Network Layer Security: Internet Protocol Security (IPSec), Internet Key Exchange (IKE).  Transport Layer Security: SSL and TLS.  Application Layer Security: Pretty Good Privacy (PGP), Email security, Web security, Electronic commerce.

 

Reading Material

There are many books on cryptography and data security.  Some books for further study of these areas are listed below.  Copies of many of these books exist in the library.

 

Textbooks:

1.      Douglas R. Stinson, Cryptography: Theory and Practice, Second Edition, Chapman & Hall/CRC, 2002.

2.      Alfred Menezes, Paul van Oorschot, and Scott Vanstone, Handbook of Applied Cryptography, CRC Press, 1997.

3.      Bruce Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition, John Wiley & Sons, 1996.

4.      William Stallings, Cryptography and Network Security: Principles and Practice, Third Edition, Prentice Hall, 2003.

5.      Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World, Second Edition, Prentice Hall, 2002.

6.      Carlisle Adams and Steve Lloyd, Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations, New Riders Publishing, 1999.

7.      Naganand Doraswamy and Dan Harkins, IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks, Prentice Hall, 1999.

8.      Eric Rescorla, SSL and TLS: Designing and Building Secure Systems, Addison-Wesley, 2001.

9.      Bruce Schneier, E-Mail Security: How to Keep Your Electronic Messages Private, John Wiley & Sons, 1995.

10.  Simon Garfinkel, PGP: Pretty Good Privacy, O’Reilly & Associates, 1995.

 

Lecture Notes and Handouts

Course Information PDF

Lecture 1 -- Introduction to Security - October 18, 2004.  PDF

Lecture 2 -- Security Engineering - October 20, 2004. PDF

Lecture 3 -- Classical Cryptography I - October 25, 2004. PDF

Lecture 4 -- Classical Cryptography II - October 27, 2004. PDF

Lecture 5 -- Modern Cryptography - Novemeber 1, 2004. PDF

Lecture 6 -- Symmetric Cryptography I - Novemeber 3, 2004. PDF

Lecture 7 -- Symmetric Cryptography II - Novemeber 8, 2004. PDF

Lecture 8 -- Symmetric Cryptography III - Novemeber 10, 2004. PDF

Lecture 9 -- Authentication and Integrity - Novemeber 15, 2004. PDF

Lecture 10 -- Hash Functions - Novemeber 17, 2004. PDF

Lecture 11 -- Algebra and Number Theory - Novemeber 22, 2004. PDF

Lecture 12 -- Public Key Cryptography I - Novemeber 24, 2004. PDF

Lecture 13 - Public Key Cryptography II - Novemeber 29, 2004. PDF

Lecture 14 -- Public Key Cryptography III - December 1, 2004. PDF

Lecture 15 - People Authentication I - December 6, 2004. PDF

Lecture 16 -- People Authentication II - December 8, 2004. PDF

Lecture 17 - Authentication Protocols I - December 13, 2004. PDF

Lecture 18 -- Authentication Protocols II - December 15, 2004. PDF

Lecture 19 -- Symmetric Key Distribution - December 20, 2004. PDF

Lecture 20 -- Kerberos - December 22, 2004. PDF

Lecture 21 -- Public Key Systems - December 27, 2004. PDF

Lecture 22 -- Public Key Infrastructure December 29, 2004. PDF

Lecture 23 -- Network Layer Security I January 3, 2005. PDF

Exercises

Assignments guidelines

Problem Sets:

There will be seven problem sets in the course – one problem set every two weeks.  Four of the problem sets will be theoretical, each involving solving 4 questions on paper.  The theoretical problem sets should be submitted based on individual work (that is – no collaboration is allowed on the theoretical problem sets).  The other three problem sets will be practical and will involve some programming.  The practical problems sets can be worked on in pairs (pair = 2 people).  All the problem sets are mandatory.  Students should submit all the problem sets.  The problem sets should be submitted on time.  Late submissions will be accepted only up to one week (7 days) and will incur substantial penalties.  The problem sets should be submitted in print (Hebrew or English).  The problem sets will be worth about 50% of the final grade.

Final Exam:

There will be a final exam.  The final exam may contain some open-ended questions and some multiple-choice questions.  The final exam will be worth about 50% of the final grade.

 Newsgroups

The course has two newsgroups:

local.course.security.ta . This is a moderated news group - your posting will not appear in the newsgroup until the course stuff answers them. Use this news    

group for asking questions about exercises etc. You should regularly read messages published in the moderated news group. Any message that is posted in this news group will be considered known by all, and will not be repeated elsewhere. To stress this point, in case when, e.g., a clear guideline concerning the exercise implementation is published in the news group, anyone who would not comply with it will loose points.

local.course.security.stud This is a newsgroup for students discussion, Please do not share answers or source code there.

 

Registration and Submission

All students taking this course for credit are required to register to the system. In order that we have your Email for announcements, etc., please register as soon as possible. You also need to register in order to submit exercises. The registration and submission links are below:

Registration

Submission

Grades

 

 

Targil Notes

Targil 1 – October 17.  Introduction. Beale cipher. PDF

Targil 2 – October 24.  Classic Crypto. Vigenere Cipher. vigenere.pdf mono.pdf

Targil 3 – October 31. Vigenere Cipher - Cont.

Targil 4 – November 8. Solved PS1. Answered PS2 questions.

Targil 5 – November 15. Explained PS3. ECB/CBC/OFB modes, examples and attacks

Targil 6 – November 22. Number theory. Notes from last year

Targil 7 – November 29. Fast CRT. Pollard rho algorithm (Cormen chapter 35). Ex. 4 Pollard tho tutorial
Efficient Computations.Chapter 14 of Menzes' book For the exercise, you should implement algorithms 14.76, 14.79 and (14.82 or 14.85) from this chapter.

Targil 8 – Decemeber 6. Solved ex. 3. Notes from last year

Targil 9 – December 13. Login protocols. Given ex. 5.

Targil 10 – December 20. The insecurity of the WEP protocol. ppt

 

Exercises Appeal Procedure and Policy

You have 2 weeks from the date at which the exercise has been returned to appeal.

 In order to appeal, please summarize your concerns in a clear handwriting or in print on a piece of paper, staple it with your original checked exercise and put it into the course submitted exercise box at Ross -2 (not into the returned exercise closet!!!)

 Take into account that every appealed exercise will be rechecked. As a result your grade might either get better or get worse.

 

Assignments

  Future exercises links are broken in purpose.

Ex1.  PDF

Ex2.  PDF

Ex3.  PDF

Ex4.  PDF

Ex5.  PDF

Ex6.  PDF

Ex7.  PDF

 

 

Old Exams

Old exams are used as a reference only. They are taken from 2002 security course of Prof. Dahlia Malkhi 

and 2001 security course by Dr. Shlomo Kipnis and Prof. Dahlia Malkhi. The syllabus of those courses might not be fully identical to our course.

Exam Moed A 2005 + Solution

Exam A

Exam B Solution

Exam C

Exam D

Exam Moed A Solution