CSE511 Cryptology and NW Security, (2010 spr)

Instructor: Dr. M. Sakalli

            Room: Eng Building 325

            E-mail: CSE466MU.MSakalli at gmail com

            Office Hours: Friday: 2.00:3.00 pm.

            Class Time: Thursdays, MB346, 2:30 – 5:30.

            Evaluation: Students will be given projects.

 
The focus: Cryptology and web applications. At the end of the course you will be able to build your proprietary security schemes particularly with a minimum effort required.

 

Books:  Internet is the best source.. but a list of the course books are as follows.

1* “Cryptography and Network Security (3rd Ed): William Stallings, ISBN-10: 0130914290”, 4th edition is also available but I’ll make the differences up with additional materials along the way. 

2* "Introduction to Cryptography with Coding Theory", Second Edition. Wade Trappe and Lawrence C. Washington.

Among many well known sources with online chapters: 

The Handbook of Applied Cryptography of A. J. Menezes, P. C. van Oorschot and S.A. Vanstone ISBN: 0-8493-8523-7, CRC press.

Notes of Dr L. Brown at the Australian Defence Force Academy. (From William Stallings’s Sites).

Classical Crypto by Lanaki.

Number Theory.

Basic Cryptology 1990

 

 

Tentative Syllabus

Wk no

2009-2nd Semester

Activities (Subjects, assignments, exams.)

Lecture notes

Log book 

Remarks

1-4

18/Feb/09, 25/Feb/09,

11/Mar/09,

19/Mar/09,

Introductory materials for cryptology and security, Shannon’s Perfect Security, Ciphers (Caesar, Substitution, Transposition, Vigenère, Hill Cipher, etc.),
Cryptanalysis, Statistics, Mathematical Foundations.

1- Introduction

2- Classical Cryptology.

3- Finite math.

To be updated..

 

Index of coincidence keylength application,

Mono or Polyalphabetic decision chap2 of Lanaki’s notes,

chap15,

 

Extra notes From ACA ciphers,

 

4-6

26/Mar/09

02/Apr/09

09/Apr/09

 

 

 

 

Following week Exam Midterm.

 

 

Apr/14th/09

 

 

 

May/08/09

 

 

 

 

 

 

 

May/14/09

Modern Block Ciphers (DES, AES), and attacks (differential cryptanalysis),

4-6 Updated DES notes you are responsible from the particular issues I emphasized, but your choice to delve inside if you would like to.

 

AES

AES Updated you must check.

Reminding a few corner- stones.

 

 

Stream Ciphers, RC4, PRNG and some notes on blockciphers of Blowfish, RC5.

 09/April, 7-AES and overview of all the materials

-Cache-timing attacks on AES.

-Cache attacks and countermeasures the case of AES

-Timing attacks

-Timing Attacks on Cryptosystems provided fr Prof.  Cetin Koc’s lab. In Oregon state.

 

 

 

HW. Question and cipher text.

Due by 6/April/09.

The answer of hill cipher question will be released after midterm with your programs linked here, if you provide command line information.

 

 

 

 

 

7-10

May/29/09

Public Key Cryptography (RSA)

 

 

CRT, Fermat’s little and Euler’s Totient, RSA

 

These slights updated covering next week..

Link for the “Explicit Number Theory” of William Stein is given below.

 

 10-13

June, 5th, 09, btw 5pm to 7pm

Subjects emphasized such as primitive roosts, discrete logs, DH Key exchange and El Gamal cryptography are updates within the slights of previous presentation.

More links provided, some of which are crucial for you to learn, and probably a question will be included in exam. 

 

 

Ping Ping of Death Ping Flood (-f ) Smurf Attack, from iseage.us/library

DoS, DDoS, Cyberwarfare

 

GnuPG, anonymous email,

By using snmp port, similar one,

 

Buffer overflows, attack detection

Packet sniffers, password crackers,

Network scanning tool, nmap code download, basic nmap usage video by Adrian Crenshaw,

Aircrack info, forensics,

 

 

Wep cracking, DNS spoofing, kismac, nessus, replay without client, reset TCP, ssh tunneling, For your convenience, if you wish to download. and \\

 

 

Advanced topics (Secret Sharing, Zero-Knowledge Proofs, Quantum Cryptography)

 

 

The Ping of Death, Harmless Hacking Sources

Maximum Security (Hackers Guide)

Analysis Techniques for Detecting Coordinated Attacks and Probes

DoS Sources, Cryptanalysis

 

June, 16th

 

 

Crazy Linux Cryptography

Crazy Linux, Cryptographic Algos.

The art of war, Sun Tzu, Variation in Tactics,  11th phrase.

 

 

 

 

 

Anatomy of a web application: Security Considerations. By Steve Pettit, Sanctum Inc,  Preventing html Form Tempering, in pdf

 

 

 

 

 

Modern Buffer Overflow Prevention Techniques:

 

 

 

 

 

Cryptographic Toolkit of CSRC NISTCryptolab tutorials, An Introduction to the RSA Cryptosystem, by Marcus Griep

 

 

 

 

 

 

 

 

 

 

IP Security Protocol, IETF

 

 

 

 

Google’s Browser security handbook

 

Some More Reference Materials:

Hacking Lexicon

Crypto-mechanisms

Dictionary of Algorithms and Data Structures of NIST

Electronic Colloquium on Computational Complexity, lecture notes

Network Security Library

Programming Texts and Tutorials from Tamu.edu

 

From pbs.org: Te mind of codebreaker, crack the ciphers, and send a coded message

Double Playfair cipher, double transposition cipher,

The end of ordinary money 1, II, by Orlin Grabbe 

Brute force attack, answers com.

An fpga built codebreaker for DES,

The Galois Page from upenn

 

Links from other universities:

Prof Raij Jain,s Network Security

Cetin Koc Kaya Oregon, Hardware Security and Cryptographic Engineering, Advanced Security and Crypt, and ECE575,

Cryptology and stenography collections.

An Explicit Approach to Elementary number theory, by William Stein Harvard University Math 124 Fall 2001 lecture notes.