ICOM 5018 – Network Security and Cryptography Spring 2010 Purpose: This course introduces and provides practical experience in network security issues and cryptographic techniques. Cryptographic algorithms and protocols are introduced and their use in secure protocols such as secure shell (SSH) and secure mail (Pretty Good Privacy/PGP) are studied. Objectives: After completing this course you should be able to: Understand the basic concepts and protocols used in cryptographic applications Be able to use these concepts in analyzing real-world applications involving cryptography Have some understanding of current attacks on system security. Know and have experience with information sources related to security weaknesses. Laboratory: The laboratory work will be done in the UNIX laboratory (122 Stefani), normally in the Linux and MSWindows environments. The lab work will include short exercises using system capabilities and a longer project. Accounts will be established on the various systems if you do not already have one. The Networking and Operating systems laboratory is now in use for other courses. For both laboratories and projects requiring root access and kernel modification other arrangements must be made, most ICOM students now have their own laptops and Microsoft subscriptions. Every effort will be made to assist in this process. Based on the amount of credit given for the laboratory and the entire course, the projects will be designed to take about 30 hours (2 hours/week) to complete. Course Information: Grading basis: Partial exams (3 @ 100 points) Final exam Programs and/or problem sets (2 @ 50 points) Project Total Note: The programs and/or problem sets must be completed in order to pass the course Professor: Thomas L. Noack, 405 Stefani, extension 3652, noack@urayoan.uprm.edu Office hours: Tuesday, Thursday 7:30 am – 9:00 am, 12:30 pm – 2:00 pm – in S-405 (Office) Also I am often available in the universal hour Tuesday and Thursday 10:30 am – 12:30 pm. Text: [1] Stallings, William, Cryptography and Network Security, 4th. Ed., Prentice-Hall, 2006. References: [1] Schneier, Bruce, Applied Cryptography, 3rd. Ed.,Wiley, 2003 [2] Simson Garfinkel, PGP: Pretty Good Privacy, O’Reilly, 1994 [3] McClure, Stuart, et. al.,Hacking Exposed, 3d Edition, Osborne/McGraw-Hill, 2001 [4] Comments: Most information, including this outline, will be distributed through my web page 300 150 100 100 650 http://ece.uprm.edu/˜noack are responsible for checking this page at least once per week, and when changes are announced in class Examinations will be held during the class period on the dates shown Note: The course will be conducted in accordance with University regulations. These are promulgated by the administration and, since they are subject to change, will not be duplicated here. ICOM 5018 – Network Security and Cryptography Spring 2010 Text – William Stallings, Cryptography and Network Security: Principles and Practice, 4/e Date Reading 14-Jan 19-Jan 26-Jan 28-Jan 2-Feb 4-Feb 9-Feb 11-Feb 16-Feb 18-Feb 23-Feb 25-Feb 2-Mar 4-Mar 9-Mar 11-Mar 16-Mar 18-Mar 23-Mar 25-Mar 6-Apr 8-Apr 15-Apr 20-Apr 22-Apr 27-Apr 29-Apr 4-May 6-May 11-May Stallings, Ch.1 Stallings, Ch.2 Stallings, Ch.3 Stallings, Ch.4 Stallings, Ch.5 Stallings, Ch.6 Stallings, Ch.7 Stallings, Ch.8 Stallings, Ch.9 Stallings, Ch.10 Stallings, Ch.11 Stallings, Ch.12 Stallings, Ch.13 Stallings, Ch.14 Stallings, Ch.15 Stallings, Ch.16 Stallings, Ch.17 Stallings, Ch.18 Stallings, Ch.19 Schneier Schneier, Web Topic Overview Conventional Encryption: Classical Techniques Conventional Encryption: Modern Techniques Introduction to Finite Fields Conventional Encryption: AES Contemporary Symmetric Ciphers Confidentiality Using Conventional Encryption Introduction to Number Theory Exam I (continued) Public-Key Cryptography Preliminary project presentations Key Management Message Authentication and Hash Functions Hash and Mac Algorithms Exam II Digital Signatures and Authentication Protocols Authentication Applications Electronic Mail Security IP Security (Continued) Web Security Intruders, Viruses, and Worms (Continued) Exam III Firewalls Cryptanalysis Methods Legal and Social Issues - Current Legislation Report Presentations