3
The Hebrew University
-- Institute of
Computer Science
E-mail: daniel51@cs.huji.ac.il
Course E-mail: security@cs.huji.ac.il
Reception hour: Sunday,
Monday,
Exercise hour, Monday,
Wednesday,
Understanding the goals, issues, technologies, algorithms, protocols, systems, and design criteria used in cryptography and data security. Developing basic system analysis and solution synthesis skills.
Textbooks:
1.
Douglas R.
Stinson, Cryptography: Theory and Practice, Second Edition, Chapman
& Hall/CRC, 2002.
2.
Alfred Menezes, Paul van Oorschot, and
Scott Vanstone, Handbook of Applied
Cryptography, CRC Press, 1997.
3.
Bruce Schneier, Applied
Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition,
John Wiley & Sons, 1996.
4.
William Stallings,
Cryptography and Network Security:
Principles and Practice, Third Edition, Prentice Hall, 2003.
5.
Charlie
Kaufman, Radia Perlman, and
Mike Speciner,
Network Security: Private Communication in a Public World, Second Edition,
Prentice Hall, 2002.
6.
7.
Naganand Doraswamy and Dan Harkins, IPSec: The New Security Standard for the Internet,
Intranets, and Virtual Private Networks, Prentice Hall, 1999.
8.
Eric Rescorla, SSL and TLS: Designing and Building Secure
Systems, Addison-Wesley, 2001.
9.
Bruce Schneier, E-Mail
Security: How to Keep Your Electronic Messages Private, John Wiley &
Sons, 1995.
10. Simon Garfinkel,
PGP: Pretty Good Privacy, OReilly
& Associates, 1995.
Course Information PDF
Lecture 1 -- Introduction to Security -
Lecture 2 -- Security Engineering -
Lecture 3 -- Classical Cryptography I -
Lecture 4 -- Classical Cryptography II -
Lecture 5 -- Modern Cryptography -
Lecture 6 -- Symmetric Cryptography I -
Lecture 7 -- Symmetric Cryptography II -
Lecture 8 -- Symmetric Cryptography III -
Lecture 9 -- Authentication and Integrity -
Lecture 10 -- Hash Functions -
Lecture 11 -- Algebra and Number Theory -
Lecture 12 -- Public Key Cryptography I -
Lecture 13 - Public Key Cryptography II -
Lecture 14 -- Public Key Cryptography III -
Lecture 15 - People Authentication I -
Lecture 16 -- People Authentication II -
Lecture 17 - Authentication Protocols I -
Lecture 18 -- Authentication Protocols II -
Lecture 19 -- Symmetric Key Distribution -
Lecture 20 -- Kerberos -
Lecture 21 -- Public Key Systems -
Lecture 22 -- Public Key Infrastructure
Lecture 23 -- Network Layer Security I
Problem Sets:
There will be seven problem sets in the course one problem set every two weeks. Four of the problem sets will be theoretical, each involving solving 4 questions on paper. The theoretical problem sets should be submitted based on individual work (that is no collaboration is allowed on the theoretical problem sets). The other three problem sets will be practical and will involve some programming. The practical problems sets can be worked on in pairs (pair = 2 people). All the problem sets are mandatory. Students should submit all the problem sets. The problem sets should be submitted on time. Late submissions will be accepted only up to one week (7 days) and will incur substantial penalties. The problem sets should be submitted in print (Hebrew or English). The problem sets will be worth about 50% of the final grade.
Final Exam:
There will be a final exam. The final exam may contain some open-ended questions and some multiple-choice questions. The final exam will be worth about 50% of the final grade.
Newsgroups
The course has two
newsgroups:
local.course.security.ta . This is a moderated news group - your posting will not
appear in the newsgroup until the course stuff answers them. Use this
news
group for asking questions about exercises etc. You should regularly read messages published in the moderated news group. Any message that is posted in this news group will be considered known by all, and will not be repeated elsewhere. To stress this point, in case when, e.g., a clear guideline concerning the exercise implementation is published in the news group, anyone who would not comply with it will loose points.
local.course.security.stud
This is a newsgroup for students discussion, Please do not share answers or
source code there.
All students
taking this course for credit are required to register to the system. In order
that we have your Email for announcements, etc., please register as soon as
possible. You also need to register in order to submit exercises. The
registration and submission links are below:
Targil 1 October 17. Introduction. Beale cipher. PDF
Targil 2 October 24. Classic Crypto. Vigenere Cipher. vigenere.pdf mono.pdf
Targil 3 October 31. Vigenere Cipher - Cont.
Targil 4 November 8. Solved PS1. Answered PS2 questions.
Targil 5 November 15. Explained PS3. ECB/CBC/OFB modes, examples and attacks
Targil 6 November 22. Number theory. Notes from last year
Targil 7
November 29. Fast CRT. Pollard rho algorithm (Cormen chapter 35). Ex. 4
Pollard tho tutorial
Efficient Computations.Chapter 14 of Menzes' book
For the exercise, you should implement algorithms 14.76, 14.79 and (14.82 or 14.85) from this
chapter.
Targil 8 Decemeber 6. Solved ex. 3. Notes from last year
Targil 9 December 13. Login protocols. Given ex. 5.
Targil 10 December 20. The insecurity of the WEP protocol. ppt
You have 2 weeks from the date at which the exercise has been returned to appeal.
In order to appeal, please summarize your concerns in a clear handwriting or in print on a piece of paper, staple it with your original checked exercise and put it into the course submitted exercise box at Ross -2 (not into the returned exercise closet!!!)
Take
into account that every appealed exercise will be rechecked. As a result your
grade might either get better or get worse.
Future exercises links are broken in purpose.
Ex1. PDF
Ex2. PDF
Ex3. PDF
Ex4. PDF
Ex5. PDF
Ex6. PDF
Ex7. PDF