CSE466 Introduction to Cryptology and NW Security, (2009 spr)

Instructor: Dr. M. Sakalli

            Room: Eng Building 325

            E-mail: CSE466MU.MSakalli at gmail com

            Office Hours: Friday: 2.00:3.00 pm.

            Class, Time: MB346, 2:30 – 5:30.

            Evaluation: %40 Exam + %20 * 1 Mid term + 2*%20 Final Project.

 
The focus: Cryptology and its web applications. At the end of the course you will be able to build your proprietary security schemes particularly with a minimum effort required.

 

Books:  Most of the materials will be addressed from internet sources.

A preliminary list of the books: The primary course book I will follow is “Cryptography and Network Security (3rd Ed): William Stallings, ISBN-10: 0130914290”, 4th edition is also available but I’ll make the differences up with additional materials along the way. 

 

Among many well known sources with online chapters: 

The Handbook of Applied Cryptography of A. J. Menezes, P. C. van Oorschot and S.A. Vanstone ISBN: 0-8493-8523-7, CRC press.

Notes of Dr L. Brown at the Australian Defence Force Academy. (From William Stallings’s Sites).

Classical Crypto by Lanaki.

Number Theory.

Basic Cryptology 1990

 

 

Online books may be available through library, which is what I am going to check..

Note: Please keep in mind that all materials and links provided here will frequently be updated.

 

Tentative Syllabus

Wk no

2009-2nd Semester

Activities (Subjects, assignments, exams.)

Lecture notes

Log book 

Remarks

1-3

19/Feb/09, 25/Feb/09,

12/Mar/09,

 

Introductory materials for cryptology and security, Shannon’s Perfect Security, Ciphers (Caesar, Substitution, Transposition, Vigenère, Hill Cipher, etc.),
Cryptanalysis, Statistics, Mathematical Foundations.

1- Introduction

2- Classical Cryptology. Updated.. Check again..

3- Finite math.

 

Index of coincidence keylength application,

Mono or Polyalphabetic decision chap2 of Lanaki’s notes,

chap15,

 

Extra notes From ACA ciphers,

 

4-6

19/Mar/09,

26/Mar/09

02/Apr/09

09/Apr/09

 

 

 

 

Following week Exam Midterm.

 

 

Apr/14th/09

 

 

 

May/08/09

 

 

 

 

 

 

 

May/14/09

Modern Block Ciphers (DES, AES), and attacks (differential cryptanalysis),

4-6 Updated DES notes you are responsible from the particular issues I emphasized, but your choice to delve inside if you would like to.

 

AES

AES Updated you must check.

Reminding a few corner- stones.

 

 

Stream Ciphers, RC4, PRNG and some notes on blockciphers of Blowfish, RC5.

 09/April, 7-AES and overview of all the materials

-Cache-timing attacks on AES.

-Cache attacks and countermeasures the case of AES

-Timing attacks

-Timing Attacks on Cryptosystems provided fr Prof.  Cetin Koc’s lab. In Oregon state.

 

 

 

HW. Question and cipher text.

Due by 6/April/09.

The answer of hill cipher question will be released after midterm with your programs linked here, if you provide command line information.

 

 

 

 

 

Midterm questions..

Midterm Answers.. prg you need

 

 

7-10

May/29/09

Public Key Cryptography (RSA)

 

 

CRT, Fermat’s little and Euler’s Totient, RSA

 

These slights updated covering next week..

Link for the “Explicit Number Theory” of William Stein is given below.

 

 10-13

June, 5th, 09, btw 5pm to 7pm

Subjects emphasized such as primitive roosts, discrete logs, DH Key exchange and El Gamal cryptography are updates within the slights of previous presentation.

More links provided, some of which are crucial for you to learn, and probably a question will be included in exam. 

 

 

Ping Ping of Death Ping Flood (-f ) Smurf Attack

DoS, DDoS, Cyberwarfare

 

GnuPG, anonymous email,

By using snmp port, similar one,

 

Buffer overflows, attack detection

Packet sniffers, password crackers,

Network scanning tool, nmap code download, basic nmap usage video by Adrian Crenshaw,

Aircrack info, forensics,

 

 

Wep cracking, DNS spoofing, kismac, nessus, replay without client, reset TCP, ssh tunneling, For your convenience, if you wish to download. and \\

 

 

Advanced topics (Secret Sharing, Zero-Knowledge Proofs, Quantum Cryptography)

 

 

The Ping of Death, Harmless Hacking Sources

Maximum Security (Hackers Guide)

Analysis Techniques for Detecting Coordinated Attacks and Probes

DoS Sources, Cryptanalysis

 

June, 16th

 

 

Crazy Linux Cryptography

Crazy Linux, Cryptographic Algos.

The art of war, Sun Tzu, Variation in Tactics,  11th phrase.

 

 

 

 

 

Anatomy of a web application: Security Considerations. By Steve Pettit, Sanctum Inc,  Preventing html Form Tempering, in pdf

 

 

 

 

 

Modern Buffer Overflow Prevention Techniques:

 

 

 

 

 

Cryptographic Toolkit of CSRC NIST

Cryptolab tutorials, An Introduction to the RSA Cryptosystem, by Marcus Griep

 

 

 

 

 

 

 

 

 

 

 

IP Security Protocol, IETF

 

 

 

 

 

Google’s Browser security handbook

 

Some More Reference Materials:

Hacking Lexicon

Crypto-mechanisms

Dictionary of Algorithms and Data Structures of NIST

Electronic Colloquium on Computational Complexity, lecture notes 

Network Security Library 

Programming Texts and Tutorials from Tamu.edu

 

From pbs.org: Te mind of codebreaker, crack the ciphers, and send a coded message

Double Playfair cipher, double transposition cipher,

The end of ordinary money 1, II, by Orlin Grabbe 

Brute force attack, answers com.

An fpga built codebreaker for DES,

The Galois Page from upenn

 

Links from other universities:

Prof Raij Jain,s Network Security

Cetin Koc Kaya Oregon, Hardware Security and Cryptographic Engineering, Advanced Security and Crypt, and ECE575,

Cryptology and stenography collections.

 

An Explicit Approach to Elementary number theory, by William Stein Harvard University Math 124 Fall 2001 lecture notes.