Computer Security: 2011-2012
Information
|
Lecturer |
|
|
Practical Coordinator |
|
|
Degrees |
Schedule B2 — Honour School of Computer Science Schedule B2 — Honour School of Mathematics and Computer Science |
|
Term |
Michaelmas Term 2011 (16 lectures) |
Overview
Computer security pervades every aspect of the modern online experience, now reaching into mobile phones and games consoles as well as conventional computers. This course covers some of the fundamental principles of computer security.After identifying some different aspects of security, a number of practical challenges will be presented. For each one, the aim is to specify the requirements of a solution, explain an appropriate (mathematics-based) tool, and then discuss pitfalls, attacks, and countermeasures. Topics covered include will one-way functions, symmetric and asymmetric block ciphers, stream ciphers, keyed hashes, and simple key exchange protocols
Learning outcomes
An understanding of the differences between various forms of computer security, where they arise, and appropriate tools to achieve them; an appreciation of some common security pitfalls; knowledge of appropriate ways to quantify security.
This is a course for computer scientists, not system administrators. Don't expect to learn how to build "secure" websites, nor how to install firewalls.
Prerequisites
- Basic modular arithmetic (as amply covered by the Discrete Mathematics course).
- Elementary discrete probability (as amply covered by the first-year Probability course).
- Java for the practicals. No advanced structures or techniques will be required.
Synopsis
Introduction [1 lecture]. Motivating example, definitions of security aspects.
Access control [1 lecture]. Models of security and the example of Unix permissions.
Symmetric key ciphers [3 lectures]. Block ciphers, Kerckhoffs' Principle, attack models, examples of attacks (including meet-in-the-middle). Perfect security, Shannon's conditions, Vernam cipher and the one-time pad. Feistel networks, DES, state-of-art encryption. Block modes, stream ciphers.
Cryptographic hash functions [2-3 lectures]. One-way and cryptographic hash functions, relationships with other security properties; attacks on iterative algorithms. Hashes for password storage and key generation: offline attacks, strengthening by salting and stretching, examples in practice. Hashes for message integrity, collision resistance. The Merkle-Damgard construction, padding, MD4 and its successors.
Asymmetric key ciphers [2-3 lectures]. The RSA cryptosystem: proof of correctness, discussion of efficiency. The RSA security assumption, relationship with integer factorization and discrete log. Discussion of appropriate key size. Homomorphic property, number theoretic attacks, PKCS v1.5 padding. Brief survey of alternative public key ciphers.
Message authentication & digital signatures [2-3 lectures]. The Dolev-Yao model. Message authentication codes, HMAC. Digital signatures, attack models. RSA signatures, textbook weaknesses, and PKCS v1.5 padding. Combining signatures and encryption. Brief survey of alternative signature schemes.
Protocols [3 lectures]. Entity-entity authentication protocols given shared secret or public keys, weaknesses and attacks. Key distribution and certification, chains of trust, PKI. Mediated authentication protocols, weaknesses and attacks. The SSL/TLS application layer protocol.
- There will be two practicals, with preparatory reading in weeks 2-3 and labs in weeks 4-8.
Syllabus
Aspects of security, security models. Tools for achieving particular security goals, attacks, and countermeasures: one-way functions, symmetric and asymmetric block ciphers including key generation and block modes, stream ciphers, keyed hashes, simple key exchange protocols. Applications in practice.
Reading list
Primary Text
- Charlie Kaufman, Radia Perlman, & Mike Speciner. Network Security: Private Communication in a Public World, second edition. Prentice-Hall, 2002. Covers nearly everything in the course in a very readable style. Good detail, but sometimes lacks formality.
- Andrew Ker. Computer Security Lecture Notes. 2011. Available as handouts in lectures.
Further Reading
- Dieter Gollmann. Computer Security, third edition (any edition is fine). Wiley, 2010. Has more material on computer security concepts, and models of security, than any of the other books, and less on ciphers and hashes. A good complement.
- Niels Ferguson, Bruce Schneier, & Tadayoshi Kohno. Cryptography Engineering - Design Principles and Practical Applications. Wiley, 2010. Alternates between chatty prose and detailed implementations of security primitives, but good on the common pitfalls. Cheap.
- Alfred Menezes, Paul van Oorschot, & Scott Vanstone. Handbook of Applied Cryptography. CRC Press, 1996. Comprehensive, contains the state of the art as of 1996 and thus sometimes out of date. Freely downloadable.