Introduction: computer security concepts , the osi security architecture, security attacks, security services, security mechanisms, a model for network security, Basic cryptography: historical background, transposition/substitution, caesar cipher, introduction to symmetric crypto primitives, asymmetric crypto primitives, and hash functions, block ciphers, message authentication, symmetric-key encryption, public-key encryption, digital signatures.
Secret key cryptography applications, data encryption standard (des), encrypting large messages (ecb, cbc, ofb, cfb, ctr), multiple encryption des (ede), Public key cryptography applications, theory: Euclidean algorithm, Euler theorem, Fermat theorem, multiplicative and additive inverse, RSA, selection of public and private keys. Authentication: security handshake pitfalls, online vs. Offline password guessing, reflection attacks, per-session keys and authentication tickets, key distribution centers and certificate authorities. Real-time communication security: introduction to tcp/ip protocol stack, implementation layers for security protocols and implications, Network security applications: key distribution and user authentication , symmetric key distribution using symmetric encryption, key distribution using asymmetric encryption, certificates, public-key infrastructure, federated identity management, transport-level security, web security considerations, secure socket layer and transport layer security, transport layer security, https, secure shell (ssh), wireless network security, ieee 802.11 wireless lan overview, ieee 802.11i wireless lan security, wireless application protocol overview, wireless transport layer security, wap end-to-end security, Electronic mail security: distribution lists, establishing keys, privacy, source authentication, message integrity, non-repudiation, proof of submission, proof of delivery, message flow confidentiality, anonymity, pretty good privacy (pgp), Firewalls and web security: packet filters, application level gateways, encrypted tunnels, cookies, web security problems. |