next up previous contents
Next: Computer Graphics and Image Up: Lent Term 1998: Part Previous: Numerical Analysis II

Introduction to Security

Lecturer: Dr R. Anderson (rja14@cl.cam.ac.uk)

No. of lectures: 4

Prerequisite courses: Operating System Foundations, Mathematics for Computation Theory  

Typical applications.
Cash machines, prepayment cards, book-keeping systems, multilevel secure systems, electronic warfare. Goals and definitions: security policy models.

Operating system security.
Access matrices, access control lists, capabilities. Unix security: password cracking, stack overflow and other common attacks. Firewalls: common attacks on TCP/IP.

Symmetric cryptosystems.
Stream and block ciphers. The Feistel construction: TEA and DES. Modes of operation. Examples of applications. Key exchange protocols.

Asymmetric cryptosystems.
Diffie-Hellman key exchange. ElGamal encryption and signature. Scnorr signatures; the US digital signature standard. Basic public key protocols and their problems, including Denning-Sacco, Needham-Schroder and oracle attacks.

Recommended books:

Schneier, B. (1995). Applied Cryptography: Protocols, Algorithms, and Source in C. Wiley (2nd ed.).

Garfinkel, S. & Spafford, G. (1996). Practical Unix and Internet Security. O'Reilly and Associates (2nd ed.).

Further reading:

Kahn, D. (1966). The Codebreakers: the Story of Secret Writing. Weidenfeld and Nicolson.

Cheswick, W.R. & Bellovin, S.M. (1994). Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley.

Biham, E. & Shamir, A. (1993). Differential Cryptanalysis of the Data Encryption Standard. Springer-Verlag.

Koblitz, N. (1994). A Course in Number Theory and Cryptography. Springer-Verlag (2nd ed.).

Neumann, P. (1994). Computer Related Risks. Addison-Wesley.

Leveson, N.G. (1995). Safeware: System Safety and Computers. Addison-Wesley.

Amoroso, E. (1994). Fundamentals of Computer Security Technology. Prentice-Hall.

Denning, D. (1982). Cryptography and Data Security. Addison-Wesley.

Davies, D.W. & Price, W.L. (1984). Security for Computer Networks. Wiley.

Beker, H. & Piper, F. (1982). Cipher Systems. Northwood.

Cohen, F.B. (1994). A Short Course on Computer Viruses. Wiley (2nd ed.).


Christine Northeast
Sat Sep 27 09:31:14 BST 1997