Course pages 2013–14
Subsections
Security I
Lecturer: Dr M.G. Kuhn
No. of lectures: 12
Suggested hours of supervisions: 3
Prerequisite courses: Discrete Mathematics II, Operating Systems
This course is a prerequisite for Security II.
Aims
This course covers some essential computer-security techniques, focussing mainly on private-key cryptography, discretionary access control and common software vulnerabilities.
Lectures
- Introduction. Malicious intent. Security policies, targets,
mechanisms. Aspects of confidentiality, integrity, availability,
privacy. Requirements across different applications.
- Cryptography. Overview, private vs. public-key ciphers,
MACs vs. signatures, certificates, application examples. Some
discrete-mathematics prerequisites: notation, finite rings and
fields, modular arithmetic, GF(2^n), probability,
birthday problem, random mappings.
- Classic ciphers. Attacks on substitution and transposition
ciphers, Vigenére, perfect secrecy, one-time pads, computational
security, stream ciphers, attacking linear-congruential RNGs and
LFSRs, CRCs, Kerckhoffs’ principle.
- Private-key encryption. Security definitions for
pseudo-random generators, functions and permutations. Advantage.
Oracle queries.
- Block ciphers. Feistel/Luby-Rackoff structure, DES, TDES,
AES.
- Chosen-plaintext attack security. Security with multiple
encryptions. Modes of operation: CBC, OFB, CNT. Malleability.
- Message authentication codes. Existential unforgeability,
CBC-MAC, ECBC-MAC, CMAC, birthday attacks.
- Authenticated encryption. Chosen-ciphertext attack
security, ciphertext integrity, encrypt-and-authenticate,
authenticate-then-encrypt, encrypt-then-authenticate, padding oracle
example, GCM.
- Entity authentication. Passwords, trusted path, phishing,
CAPTCHA. Authentication protocols: replay attacks, one-way and
challenge-response protocols, Needham-Schroeder, protocol failure
examples.
- Operating system security. Trusted computing base, domain
separation, reference mediation, residual information protection.
- Discretionary access control. Matrix model, DAC in POSIX
and Windows, elevated rights and setuid bits, capabilities,
Clark-Wilson integrity.
- Software security. Malicious software. Common
implementation vulnerabilities: buffer overflows, integer overflows,
meta characters, syntax incompatibilities, race conditions,
unchecked values, side channels, random-bit sources.
Objectives
By the end of the course students should
- be familiar with core security terms and concepts;
- understand security definitions of modern private-key
cryptographic primitives;
- understand the POSIX and Windows NTFS discretionary access
control system;
- understand the most common security pitfalls in software
development.
Recommended reading
* Paar, Ch. & Pelzl, J. (2010). Understanding cryptography. Springer.
Katz, J., Lindell, Y. (2008). Introduction to modern cryptography. Chapman & Hall/CRC.
Gollmann, D. (2010). Computer security. Wiley (3rd ed.).