CSC524-T: Networks and Computer Security
Prof. B. Rosenberg
Fall Semester, 2002-3 (031)
TR 5:00-6:15
Memorial Building, Room 206
The Class Syllabus
Lectures
- Basic concepts
- Networking Stack
- packet versus connection networks
- Overview of TCP/IP over Ethernet.
- Physical and Link, the first two layers
- DIX, 802.2, 803.2-SNAP: Ethernet
- 802.11: WiFi
- Network Layer, the third layer
- IP Addresses
- Subnetting, broadcast
- Fragmentation
- Layer 3 management: ICMP
- Layer 3-2 glue: ARP
- Transport Layer, the fourth layer
- UDP
- TCP
- Sequence numbers, TCP SYN-ACK establishment, network states,
small packets: Nagel's algorithm, large packets: slow start;
window announcements.
- Application layer
- Layer 2 Connectivity: Repeaters, Hubs, Bridges and Switches
- Flow Control part I: CSMA-CD, CSMA-CA, full-duplex
- Flow Control part II:
backpressure (half-duplex); flow control (full-duplex)
- STP: Spanning Tree Protocol
- Class notes on spanning tree
algorithm, PDF
- Layer 3 Connectivity: Routers and Firewalls
- Distance Vector and state-link protocols
- RIP, IS-IS, OSPF.
- Packet filter firewalls:
Ex: cisco router configuration
- Nat and Pat
- Security Issues in TCP/IP
- Subject Authentication
- Authentication:
A Primer, Burton Rosenberg
- A logic of
authentication, Burrows, Abadi and Needham
- CIFS/SMB
- Unix cyrpt:
In FreeBSD crypt runs in several modes, depending on format
of salt, see man 3 crypt. Sources: look at
/usr/src/lib/libpam/modules/pam_unix/pam_unix.c for the
PAM interface,
/usr/src/lib/libcrypt/crypt.c and crypt-md4.c for the crypt
function and the md4 implementation, and
/usr/src/secure/lib/libcrypt/crypt-des.c for (the several
versions) of standard unix crypt.
- Message Authentication
- Digital signatures, DSA and generic identification transformations.
- blind, undeniable and fail-stop signatures.
- MAC's.
- HMAC
- Keying Hash Functions for Message Authentication, Bellare, Canetti
and Krawczyk, Crypto 96, LNCS Vol. 1109, 1996.
- Message Authentication using Hash Functions - The HMAC
Construction, Bellare, Canetti, Krawczyk. RSA Lab CryptoBytes,
Vol. 2, No. 1, Spring 1996.
- Encryption
- Multiple encryption
- A known-plaintext attack on two-key triple encryption, van Oorshot
and Wierner, EuroCrypt '90.
- How to Protect DES Against Exhaustive Key Serach, J. Killian and P.
Rogaway. Crypto '96.
- Presentation: Chosen plaintext attacks on two-key 3DES and DESX.
- Multiple modes of operation
- Cryptanalysis of Multiple Modes of Operation, Eli Biham.
J. Cryptology (1998) 11: 45-58.
- Cryptanalysis of Triple Modes of Operation, Eli Biham,
J. Cryptology (1999) 12: 161-184.
- Presentation: a collision attack on 2-key CBC,CBC_inv,CBC,
(mode recommended in Network Security: Private Communication in
a Public World.)
Homework
- Install and run Ethereal. Experiment with your network.
- Write a TFTP client and server in C.
- First learn socket programming. See Beej's
Guide to Socket Programming
- Next, use netcat to experiement with a tftp client, or
tcpdump to see an entire tftp session.
- You may want to work in a Unix environment. See Cygwin.
RFC's
Suggested Reading
- TCP/IP Illustrated, Vols 1 and 2, Wright and Stevens.
- Interconnections, R. Perlman
- Firewalls and Internet Security, Cheswick and Bellovin
- The Design and Implementation of the 4.4 BSD Operating System,
McKusick, Bostic, Karels and Quarterman
- 802.11 Wireles Networks, Matthew Gast
- Network Security: private communication in a public world,
Charlie Kaufman, Radia Perlman, Mike Speciner.
- Authentication: from passwords to public keys, Richard E. Smith
- Computer Security, Dieter Gollmann
Resources
- ethereal network capture utility.
(windows requires winpcap; unix requires libpcap)
- nmap, network scan utility.
- netcat, networking Swiss Army knife.
- www.Cygwin.com, a unix environment
for Windows (free).
- Beej's Guide to Socket Programming
- Test.c a sample problem for certain C techniques.
Notes for future versions of this course