University of Cincinnati Logo
 

20-CS-6053 - Network Security
Electrical Engineering & Computer Science

Instructor

John Franco

Registration Data

Credit Level: Graduate. Credit Hrs: 3.00.
Prerequisites - any one of the following is sufficient:
    1.   Data Structures and Discrete Math plus proficiency in object oriented programming;
    2.   an undergraduate degree in computer science, computer engineering, or electrical engineering;
    3.   permission of the instructor.

Logistics

Course Description

This course treats current concerns, trends, and techniques to insure security and safety of data on computers and over networks. Tools and systems to ensure confidentiality, authentication, and message integrity are of primary interest. There are three parts to this course:

  1. Basic tools and how to put them together. Basic tools include Secret Key and Public Key block ciphers such as DES, 3DES, AES, RSA, Diffie-Hellman Key Exchange, zero-knowledge authentication, and Elliptic Curve Cryptography; hash algorithms such as SHA variants; stream ciphers such as RC4 variants; message integrity and authentication algorithms such as HMAC. Output Feedback Mode, One-time Pads, Cipher Block Chaining are discussed as the means to put many of these algorithms to practical use.
  2. Well-known systems that use these tools. This includes Kerberos (authentication), IPSec (VPN), Internet Key Exchange, SSL, PGP, Email Security, among others. Certification authorities, certificates, and key distribution centers to support these systems are discussed. Vulnerabilites in protocols specified for these systems and ways they can be fixed are discussed.
  3. Well known attacks and how to prevent them. This includes denial of service, side-channel, attacks that exploit existing network IP and TCP protocols, offline and online password attacks, stateless cookies.

Students will form teams of three to produce systems written in Java that will compete in a contest spanning four days just before finals week (this quarter long project will replace a final exam). The contest will be supervised and judged by software called a monitor. The monitor will periodically distribute "wealth" to student systems that connect to them. Even more "wealth" may be obtained through trades. Student systems must be able to collect wealth and protect it from theft. This entails the employment of encryption algorithms to hide sensitive account information, and authentication algorithms and certificates to verify the monitor and trading partners. Thus, all major aspects of the course will be part of the final project.

Keywords

Confidentiality, Message Integrity, Authentication, Public Key Encryption, Secret Key Encrption, Block Cipher, Stream Cipher, Signature Algorithms, Zero Knowledge Authentication, Message Digest, Hash Algorithms, Diffie-Hellman Key Exchange, RSA, DSS, Elliptic Curve Cryptography, Karn Symmetric Key Encryption, One-time Pad, CBC, Password Authentication, Lamport's Algorithm, DES, 3DES, IDEA, AES, Key Distribution Center, Certification Authority, Kerberos, Mathematics of Security, IPSec, HMAC, IKE, SSL, Email Security, Side-Channel Attacks.

Addendum

ERC
MainStreet
Paul Erdos
NIT
Ladies on Campus
Oscar Robinson