# Computer Security:  2019-2020

 Lecturers Degrees Term Michaelmas Term 2019  (16 lectures)

## Overview

Computer security pervades every aspect of the modern online experience, now reaching into mobile phones and games consoles as well as conventional computers. This course covers some of the fundamental principles of computer security.

After identifying some different aspects of security, a number of practical challenges will be presented. For each one, the aim is to specify the requirements of a solution, explain an appropriate (mathematics-based) tool, and then discuss pitfalls, attacks, and countermeasures. Topics covered include will one-way functions, symmetric and asymmetric block ciphers, keyed hashes, digital signatures, and simple key exchange protocols.

## Learning outcomes

An understanding of the differences between various forms of computer security, where they arise, and appropriate tools to achieve them; an appreciation of some common security pitfalls; knowledge of appropriate ways to quantify security.

This is a course for computer scientists, not system administrators. Don't expect to learn how to build "secure" websites, nor how to install firewalls.

## Prerequisites

• Basic modular arithmetic (as amply covered by the Discrete Mathematics course).
• Elementary discrete probability (as amply covered by the first-year Probability course).
• Java for the practicals. No advanced structures or techniques will be required.

## Practicals

There will be two practicals, with preparatory reading in weeks 2 and labs in weeks 3-8.

## MSc Assessment

There will be a take-home exam, similar to problem sheets but with a smaller number of longer questions, to be completed during the Christmas vacation.

## Synopsis

Introduction [1 lecture]. Key concepts and definitions.

Access control [1 lecture]. Models of security and the example of Unix permissions.

Attacks [1 lecture]. Overview of common forms of cyberattacks and models for understanding them.

Symmetric key ciphers [3 lectures]. Block ciphers, Kerckhoffs' Principle, attack models, examples of attacks (including meet-in-the-middle). Perfect security, Shannon's conditions, Vernam cipher and the one-time pad. Feistel networks, DES, state-of-art encryption. Block modes, stream ciphers.

Security architectures and standards [2 lectures]. Aspects of security architectures, context for information security and crypto techniques. Issues for security operations. Key standards and views on most essential security controls.

Cryptographic hash functions [1−2 lectures]. One-way and cryptographic hash functions, relationships with other security properties; attacks on iterative algorithms. Hashes for password storage and key generation: offline attacks, strengthening by salting and stretching, examples in practice. Hashes for message integrity, collision resistance. The Merkle-Damgard construction, padding, MD4 and its successors.

Asymmetric key ciphers [1−2 lectures]. The RSA cryptosystem: proof of correctness, discussion of efficiency. The RSA security assumption, relationship with integer factorization. Discussion of appropriate key size. Homomorphic property, number theoretic attacks, PKCS v1.5 padding. Brief survey of alternative public key ciphers.

Message authentication & digital signatures [1−2 lectures]. The Dolev-Yao model. Message authentication codes, HMAC. Digital signatures, attack models. RSA signatures, textbook weaknesses, and PKCS v1.5 padding. Combining signatures and encryption. Brief survey of alternative signature schemes.

Protocols [3−4 lectures]. Entity-entity authentication protocols given shared secret or public keys, weaknesses and attacks. Key distribution and certification, chains of trust, PKI. Mediated authentication protocols, weaknesses and attacks. The SSL/TLS application layer protocol.

## Syllabus

Aspects of securitysecurity models. Tools for achieving particular security goals, attacks, and countermeasures: one-way functions, symmetric and asymmetric block ciphers including key generation and block modes, keyed hashes, digital signatures, simple key exchange protocols. Applications in practice.

We do not follow a specific text but the following are good choices for further reading:

• Dieter Gollmann. Computer Security, third edition (any edition is fine)Wiley, 2010. Has more material on computer security concepts, and models of security, than any of the other books, and less on ciphers and hashes. A good complement.

• Charlie Kaufman, Radia Perlman & Mike Speciner. Network Security: Private Communication in a Public World, second edition. Prentice-Hall, 2002. Covers nearly everything in the course in a very readable style. Good detail, but sometimes lacks formality.

• Andrew Ker. Computer Security Lecture Notes. 2013 (or 2014, as linked from the Course Materials page).

• Niels Ferguson, Bruce Schneier & Tadayoshi Kohno. Cryptography Engineering - Design Principles and Practical Applications. Wiley, 2010.  Alternates between chatty prose and detailed implementations of security primitives, but good on the common pitfalls.

• Martín Abadi & Roger Needham, Prudent Engineering Practice for Cryptographic Protocols, IEEE Transactions on Software Engineering, 22(1), 1996; PDF

## Related research

 Themes Security