Security and authentication (Graduate)

2016 Spring

Lecturer: Sugwon Hong, Professor
Department of Computer Engineering
office: 5723
email: swhong@mju.ac.kr
tel: 6777

Hour and Classroom

- course hour: Thur 6:00PM
- classroom: 5407

Goals

The title of this course is somewhat misleading, since this course will not deal with only special topics of computer/network security. The goal of this course is to provide "comprehensive" understanding of computer security to the students who already have basic knowledge of networking technologies and protocols, and/or may have taken the undergraduate-level computer security course. The depth of the course will be a little deeper than the undergraduate course, but the width of this course will be wider than the one you might have taken previously.

Contents

This course will cover the following four major themes, and other special topics.

  1. Crypto basics
  2. Authentication
  3. Security protocols
  4. Network security
  5. Other current security topics

We will follow these topics using mainly the materials I will provide. And we will also select and use some other resourses to study the other topics.

Prerequisites

Basic knowledge of networking is highly recommended.

Testbook and lecture notes

I will prepare and post lecture notes on the home page. Sometimes I will use the powerpoints which are given by varisous authors as an aid to preparing lecture notes, and add some stuff if necessary. The following books are most frequently used for this lecture.

Information Security: Principles and Practice, 2nd ed., Mark Stamp, Wiley

Homeworks

Finishing each chapter some homework problems will be given for helping you to review, exercise, and understand further the contents which we cover in the class. .

Presentation

During the course each student will given a chance to study and present a topic in the class. The topics and papers will be notified during the course. The students will be given at least two weeks to prepare for the presentation and will deliver the contents for about 20 minutes.

Band

Along with this home page this course will use the Naver Band for sharing information about the course. So, all notices will be delivered on the band. Every students should enroll the band of this course using the following link.

invited URL: http://band.us/n/a3a8p1b3Q4W0m

Course Outline

The following schedle is tentative, and will be subject to change if necessary.

week
textbook topics
lecture notes
homeworks
special topics
1

Intro
Crypto Basics

[crypto basics-1.ppt]

   
2

Crypto Basics
Symmetric key crypto

 

   
3

Public key crypto

[public key crypto.pdf]

Homework1

ECC-supsupplement1
supplement

 

4

digital signature
PKI

[digital signature.pdf]

   
5

crypto hash
Integrity & Authentication(MAC)

[hash function, MAC]  

 

6

authentication encryption

[auth encry.pdf] Homework2

 

7
key establishment

[key est.pdf]

HW1 sol

Hw2 sol

 

8

Midterm exam

exam.pdf  
9

AES key wrap, Random number generatoin

crypto others

secure DNP

   
10
no class(어린이 날)

 

 

 

11

Network security

     
12

invited speaker:

Web application security

[OWASP top 10 risks]

 

 

13

Real-world security protocols (SSL/TLS)

[SSL/TLS]

[wireshark.exe]

[wireshark_intro]

   
14

authentication protocol

[entity authentication] problem set  
15

Real-world security protocols

   

 

16
Final exam      

 

Grading

  1. homeworks 30%
  2. midterm exam 25%
  3. final exam 25%
  4. presentation 20%