COSC 4P14 – Project Guidelines
Project due date: 2 pm, March 27, 2007
No late date
Project presentations starting from March 27, 2007
This is a research project in the area of computer network security. The project is to be done
preferably by a team of two students contributing equally to the project. In exceptional cases it may be done
by an individual student and then may involve proportionally less work.
I expect that working in a team will allow you to tackle more substantial research issues. If you have
trouble finding a project partner, I can help you get matched up with someone else by maintaining a list of
people seeking teammates.
It is important that you investigate a variety of literature in the area you have chosen. You do not need to
do an exhaustive literature search. You should, however, find at least 5 related references for your report.
Eventually, you may need to use our library's interlibrary loan facility.
Write first an introduction to the topic, discuss its significance, and present an overview of what is
currently known about it. Report then on some recent research or development activity related to your
topic. Discuss this new development, explaining its significance and comparing it with previous work.
The output of the project should be a report of 10 pages long (12 pt font, 1.5 line spacing, reasonable
margins). The report should be written using a word processor. Submit a hard copy to the instructor in the
class on the due date and e-mail its electronic version to c4p14a@cosc.brocku.ca.
A set of suggested project topics is included below.
You should specify composition of your team and research topic by February 13th by sending me an
e-mail.
In case of your own proposal, clearly describe on one page the topic to be undertaken and submit your
proposal to me by e-mail at least a week in advance of the above deadline.
Evaluation: The primary criterion is that your report clearly discusses the topic and evaluate the reviewed
literature in your own words. You are expected to give some ideas of your own as well. Do not cut and
paste text you find from the web or other sources into your paper! I am interested in what you have to say,
and not what others have said. It is considered plagiarism if you include text which isn't attributed to its
source. You will have to submit your paper to a plagiarism-checking site on the web before it will be
marked.
Some of the topics can be used for COSC 3P99 projects.
Project presentation
Prepare, using PowerPoint, a 10 minutes/student (20 minutes/team) presentation of your project. Send the
PowerPoint file as an attachment to c4p14a@cosc.brocku.ca by due date of the project.
Print it out with 6 slides per page and submit it together with the project report in an envelope with
appropriate cover page. Be ready for class presentation on March 27th
List of possible research topics:










Cyber Terrorism and Information Warfare
Fault Based Cryptanalysis
Steganography
Computer architectures to support security
Digital watermarks and related issues .
Micropayment schemes
Assessment of a networked computer system vulnerability
Cryptographic protocols
Biometrics for user identification
Formal models of secure systems







New approaches to developing secure operating systems
Formal verification of security
Security in multilevel databases
Quantum cryptography
Security aspects of routing protocols
Cable modem security
Security aspects of smart cards
Exemplary research topics proposals ( can be taken)
An Evaluation of SDSI: A Simple Distributed Security Infrastructure
SDSI is a proposal for a public-key security infrastructure designed to provide an efficient and secure
means of defining group membership and certification of such groups that is being developed by Ronald
Rivest of MIT and Butler Lampson of Microsoft.
Some of the design goals of the SDSI proposal are:
• To design a public-key infrastructure that is simpler than existing proposals (such as X.509-based
schemes) by not requiring global certificate hierarchies.
• To borrow from and expand upon similar design efforts (such as that of the IETF SPKI: Simple
Public-Key Infrastructure working group)
• To provide ideas and techniques that facilitate the construction of secure systems by providing
simple clear data structures and emphasizing clarity and readability at the expense of economical
encodings, although efficient representations of its data structures are provided.
For this project
• Provide a functional description of SDSI.
• Identify issues with the way it handles group-membership and certification.
• Identify its strengths and weaknesses with respect to it actually being placed into general use (e.g.,
complexity and performance issues).
http://theory.lcs.mit.edu/~cis/sdsi.html
The Security of Diffie-Hellman Algorithm.
The security of Diffie-Hellman relies on the difficulty of the discrete logarithm problem. This project
describes attempts to determine what size primes are required for security. In particular, evaluate the secure
identification option of the Sun Network File System, which uses Diffie-Hellman algorithm with a prime p
of 192 bits.
Objectives:
•
•
•
•
To describe the different steps necessary to solve the discrete logarithm problem (DLP).
To discuss the state-of-the-art results obtained for the solution of DLP.
Present the SUN NFS cryptosystem, and discuss some of its deficiencies.
Recommendations in order to have a secure size for the prime number p used in the Diffie-Hellman
algorithm.