Network Security

20-ECES-653-001

Network Security

Secret Key, Public Key, Hash Algorithms, IPSec, Kerberos, Authentication, more

Quote(s) of the Week

Put all your eggs in one basket, and watch that basket carefully.

Taken from the text, Page 218

--- Anonymous

News:

    5 Sep 07: Welcome to Network Security

    28 Sep 07: Homework 1 - Please check

    19 Oct 07: Difference between cookie and checksum

Past Midterm Exams: 2001 2003 2004 2005

2007 Midterm Exam Results: Plain Text

Useful Pages Unix Tutorials Sample Unix (bash) Init Files

2007 Syllabus

System Commands

bashrc

Webpedia Wikipedia

Emacs (text editor)

bash_profile

java 1.5 API j2se_1.5.0

Lecture Notes

    Network basics and Firewalls     20 Sep

    Secret & Public Key/Merkle-Hellman     25 Sep

    Merkle-Hellman Demonstration     25 Sep

    Sending Sequence of Encrypted Blocks     25 Sep

    DES, IDEA, AES     27 Sep

    AES Specification     27 Sep

    Message Digest - Auth, Integ, Encrypt     02 Oct

    Hash: input pair maps to same output     02 Oct

    SHA algorithms     04 Oct

        SHA Cracked     04 Oct

    Message Digest Java Code     02 Oct

    Karn Symmetric Key Algorithm     02 Oct

        KarnTestClient.java

        KarnTestServer.java

        Karn.java

    Public Key - Diffie Hellman Exchange     04 Oct

        DH.java - Simple use of BigInteger, pow, mod, modPow to implement DH

        DHKeyWriter.java - Construct a DH public key, save to file DHKey

        DiffieHellmanExchange.java - Construct sender/receiver public key from DHKey

        DH_Server.java - Receive client public key, make secret, send server public key

        DH_Client.java - Send public key to server, receive server public key, make secret

    Public Key - RSA     09 Oct

        rsa.cc

    Public Key - DSS     ?? Oct

    Interactive Zero-Knowldege Proofs and Authentication     09 Oct

    Man-in-the-Middle/Impersonation     ?? Oct

    Mathematics of Cryptography     16 Oct

       Mod inverse:  inverse.cc    bigint.cc    bigint.h     18 Oct

       Mod multiplication:  modulo.cc    bigint.cc    bigint.h     18 Oct

       Exponentiation:  primes.cc    bigint.cc    bigint.h    power.cc    power.h     18 Oct

                stacker.cc    stacker.h    Makefile     18 Oct

    Password Authentication and KDCs, and CAs     ?? Nov

    Authentication, Key Distribution Pitfalls     ?? Nov

    IPSec     ?? Nov

    PKI     ?? Nov

    Kerberos     Tutorial     User Guide     Unix How To     ?? Nov

    SSL     ?? Nov

    SSH     ?? Nov

    Email Security     ?? Nov

Additional Notes

    TCP/IP

    AIM Client      Server.java      host.html      HostIP.java      HostIP.class      OnlineHandler.class

    JPCap      (Packet Capture Classes in Java)      Package (tar file)

    IPSec: Overview

    The ESP CBC-Mode Cipher Algorithms, RFC 2451

    Security Architecture for the Internet Protocol, RFC 2401

    IP Authentication Header, RFC 2402

    The Use of HMAC-MD5-96 within ESP and AH, RFC 2403

    The Use of HMAC-SHA-1-96 within ESP and AH, RFC 2404

    The ESP DES-CBC Cipher Algorithm With Explicit IV, RFC 2405

    IP Encapsulating Security Payload (ESP), RFC 2406

    TheInternet IP Security Domain of Interpretation for ISAKMP, RFC 2407

    Internet Security Association and Key Management Protocol (ISAKMP), RFC 2408

    The Internet Key Exchange (IKE), RFC 2409

    The NULL Encryption Algorithm and Its Use With IPsec, RFC 2410

    IP Security Document Roadmap, RFC 2411

    SSL Specification

    X.509 Certificate Specification

    Timing attack on SSL (postscript)

    SSH Protocol Assigned Numbers (RFC 4250)

    SSH Protocol Architecture (RFC 4251)

    SSH Transport Layer Protocol (RFC 4253)

    SSH Authentication Protocol (RFC 4252)

    SSH Connection Protocol (RFC 4254)

    Generic Message Exchange Authentication for SSH (RFC 4256)

    SSH Session Channel Break Extension (RFC 4335)

    SSH Transport Layer Encryption Modes (RFC 4344)

Homework Assignments

    Homework Number 1 - Sniffing

             Preliminary Scores

             Reported Times

    Homework Number 2 - Communicating with a Monitor

             Handshake (login) protocol: ppt

             Standings

             Assistance in visualizing results (not yet working)

    Homework Number 3 - Adding Monitor Authentication and Encryption

             Difference between cookie and checksum

             Cipher.java (sample code)

             Test.java (illustrate use of sample code)

             DHKeyObject file (alternative to DHKey file)

    Homework Number 4 - Authentication via Zero-Knowledge proofs or RSA

Monitor Source Code

monitor.zip

Project

    Specification

    Parameters

    Tournament Identities so far (PS file)

    Potential Problem Avoidance:

        Monitor Public Key

        BigInteger Tests

        Radix 32 numbers

        When does encryption begin?

        How do you strip the padding on Karn encrypted strings?

Homework Hints

    Homework Number One
    Homework Number Two
    Homework Number Three
    Homework Number Four

News:
	5 Sep 07: Welcome to Network Security

	28 Sep 07: Homework 1 - Please check

	19 Oct 07: Difference between cookie and checksum

Useful Pages	Unix Tutorials	Sample Unix (bash) Init Files
2007 Syllabus	System Commands	bashrc
Webpedia Wikipedia	Emacs (text editor)	bash_profile
java 1.5 API j2se_1.5.0

	Network basics and Firewalls		20 Sep
	Secret & Public Key/Merkle-Hellman		25 Sep
	Merkle-Hellman Demonstration		25 Sep
	Sending Sequence of Encrypted Blocks		25 Sep
	DES, IDEA, AES		27 Sep
	AES Specification		27 Sep
	Message Digest - Auth, Integ, Encrypt		02 Oct
	Hash: input pair maps to same output		02 Oct
	SHA algorithms		04 Oct
	SHA Cracked		04 Oct
	Message Digest Java Code		02 Oct
	Karn Symmetric Key Algorithm		02 Oct
	KarnTestClient.java
	KarnTestServer.java
	Karn.java
	Public Key - Diffie Hellman Exchange		04 Oct
	DH.java - Simple use of BigInteger, pow, mod, modPow to implement DH
	DHKeyWriter.java - Construct a DH public key, save to file DHKey
	DiffieHellmanExchange.java - Construct sender/receiver public key from DHKey
	DH_Server.java - Receive client public key, make secret, send server public key
	DH_Client.java - Send public key to server, receive server public key, make secret
	Public Key - RSA		09 Oct
	rsa.cc
	Public Key - DSS		?? Oct
	Interactive Zero-Knowldege Proofs and Authentication		09 Oct
	Man-in-the-Middle/Impersonation		?? Oct
	Mathematics of Cryptography		16 Oct
	Mod inverse: inverse.cc bigint.cc bigint.h		18 Oct
	Mod multiplication: modulo.cc bigint.cc bigint.h		18 Oct
	Exponentiation: primes.cc bigint.cc bigint.h power.cc power.h		18 Oct
	stacker.cc stacker.h Makefile		18 Oct
	Password Authentication and KDCs, and CAs		?? Nov
	Authentication, Key Distribution Pitfalls		?? Nov
	IPSec		?? Nov
	PKI		?? Nov
	Kerberos Tutorial User Guide Unix How To		?? Nov
	SSL		?? Nov
	SSH		?? Nov
	Email Security		?? Nov

	TCP/IP
	AIM Client Server.java host.html HostIP.java HostIP.class OnlineHandler.class
	JPCap (Packet Capture Classes in Java) Package (tar file)
	IPSec: Overview
	The ESP CBC-Mode Cipher Algorithms, RFC 2451
	Security Architecture for the Internet Protocol, RFC 2401
	IP Authentication Header, RFC 2402
	The Use of HMAC-MD5-96 within ESP and AH, RFC 2403
	The Use of HMAC-SHA-1-96 within ESP and AH, RFC 2404
	The ESP DES-CBC Cipher Algorithm With Explicit IV, RFC 2405
	IP Encapsulating Security Payload (ESP), RFC 2406
	TheInternet IP Security Domain of Interpretation for ISAKMP, RFC 2407
	Internet Security Association and Key Management Protocol (ISAKMP), RFC 2408
	The Internet Key Exchange (IKE), RFC 2409
	The NULL Encryption Algorithm and Its Use With IPsec, RFC 2410
	IP Security Document Roadmap, RFC 2411
	SSL Specification
	X.509 Certificate Specification
	Timing attack on SSL (postscript)
	SSH Protocol Assigned Numbers (RFC 4250)
	SSH Protocol Architecture (RFC 4251)
	SSH Transport Layer Protocol (RFC 4253)
	SSH Authentication Protocol (RFC 4252)
	SSH Connection Protocol (RFC 4254)
	Generic Message Exchange Authentication for SSH (RFC 4256)
	SSH Session Channel Break Extension (RFC 4335)
	SSH Transport Layer Encryption Modes (RFC 4344)

	Homework Number 1 - Sniffing
	Preliminary Scores
	Reported Times
	Homework Number 2 - Communicating with a Monitor
	Handshake (login) protocol: ppt
	Standings
	Assistance in visualizing results (not yet working)
	Homework Number 3 - Adding Monitor Authentication and Encryption
	Difference between cookie and checksum
	Cipher.java (sample code)
	Test.java (illustrate use of sample code)
	DHKeyObject file (alternative to DHKey file)
	Homework Number 4 - Authentication via Zero-Knowledge proofs or RSA

	Specification
	Parameters
	Tournament Identities so far (PS file)
	Potential Problem Avoidance:
	Monitor Public Key
	BigInteger Tests
	Radix 32 numbers
	When does encryption begin?
	How do you strip the padding on Karn encrypted strings?

	Homework Number One
	Homework Number Two
	Homework Number Three
	Homework Number Four