News

• (May 22) NEW  Exam 2 scores and course grades posted.
• (May 12b) For more problems on PKI, IPsec, SSL, Kerberos, etc., see the links in Mar30b entry here.
• (May 12a) Homework 4 scores posted. Contact TA for grading. Pick them up from my office during office hours today. After today, contact the TA to pick it up.
• (May 11c) Exam 2 will have the same structure as practice exam 2, but the problems can differ significantly. In particular, the last three threee problems can come from any of the listed topics.
• (May 11b) Practice exam 2 solution. May have typos.
• (May 11a) Exam 2 topics
• (May 9) Practice exam 2. May have typos.
• (May 9) Hw 4-s11 solution.
• IKEv2 RFC
• (Apr 19) "Internet context" slides. The next few classes will be on SSH and IPsec.
• (Apr 13) Read this before asking me about hw 4. Re-emphasizing the requirements for hw 4 solution.
• (Apr 12) ALL CS ugrads are invited to hear about research opps AND Eat Pizza. Wed April 20, 5:00PM, Room CSI 3117.
• (Apr 7b) Project 3 available on submit server.
• (Apr 7a) Hw 4-s11. Probably has typos and will be updated. Due Tue April 26. This is more like a take-home exam; I expect to move some of exam 1's weight to this homework.
• (Apr 4) Kerberos (NS chapters 13 and 14) will be covered over three or four classes.
• (Apr 4)
  • Exam 1 scores and "current" course grade posted.
  • Exam 1 solution and current course grade info .
• (Mar 30c) As mentioned below, tomorrow's exam is close to the practice exam. So the problems are based on chapters 9, 11, 12. No questions on crypto itself (chapters 2-8).
• (Mar 30b) Typos in practice exam solution:
  • Problem 2, step 2: "g^xA" should be "g^xB".
  • Problem 2, dictionary attack, same typo: "cKeyDH = cTA^xA" should be "cKeyDH = cTA^xB".
• (Mar 30a) Reminder: exam 1 tomorrow.
• (Mar 29a)
  • Practice exam 1 solution. May have typos.
  • Do the practice exam under exam conditions (time limit, closed book, closed notes, etc.) before looking at the solution. Past experience tells me that many of you don't do this and wish you had after you get your exam score.
  • The real exam will be very much like the practice exam.
• (Mar 25b) Practice exam 1. May have typos.
• (Mar 25a) Hw 3 solution. May have typos.
• (Mar 16) My solution to hw 2 problem 2 is wrong. I mistakenly assumed the attacker can read and write the channel (or equivalently, send and receive messages as B), but the program obviously does not allow this.
  • Assertion INV A_4 actually holds. Updated hw 2 solution.
  • Give back your graded hw 2 to have the grade corrected.
• (Mar 14) Network security talks (Mar 16, 18).
• (Mar 12b) Hw 2 solution.
• (Mar 12a) Hw 1 solution.
• (Mar 11) Typo in "Note on modeling and analyzing authentication protocols":
  • Page 1, program Client: nB, used in computing S, should be set to msg[3] before it is used.
• (Mar 9) Project 2 available.
• (Mar 7c) Exam 1 fixed for Thu March 31.
• (Mar 7b) Hw 3-s11. Due Tue Mar 15.
• (Mar 7a) Updated Note on modeling and analyzing authentication protocols.
  • Page 3, expression tree of "enc(K,[a,c])". Fixed a typo: "[a,b]" to [a,c]".
  • Page 3, "What the attacker cannot compute": Added clarification in box.
• (Mar 6) You should have already read chapter 9. This week we will do chapter 11, focussing on the Needham-Schroeder protocol.
• (Mar 1b) Hw 2-s11. Due Thu Mar 10. Note on modeling and analyzing authentication protocols. (Probably still has typos.)
• (Feb 23) Exam 1 date probably March 29 or 31.
• Today's class canceled. Hand in hw1 on thursday. I'll post notes on what we'll do for the next few classes by this evening or tomorrow.
• (Feb 2b) As mentioned on the project page, please direct all project questions to the TA.
• (Feb 2b) Project 1 available. Submit at the CS submit server.
• (Feb 2a) Hw 1-f10. Due Tue Feb 22.
• Course topics lists the topics to be covered roughly in order. The next four classes will cover chapters 2-6 (crypto slides).

Overview

This course is an introduction to the broad field of computer network security, examining algorithms and protocols for confidentiality, authentication, non-repudiation, anonymity, etc., and applications involving them (secure email, secure web transactions, etc.).

NEW MATERIAL  Protocols will be defined by distributed programs (aka multi-threaded programs), instead of handshake diagrams. Correctness properties will be expressed by assertions. Proofs can informal or formal (along the lines of loop invariants). This material is not in the text; it will be covered in detail in class.

Previous 414 clases. Links to the previous classes are available at the CS class web page. The new material was not done prior to Fall 2010. My Fall 2010 class did a preliminary version of this new material. Still, these previous class pages give some idea of how the course will develop.

Required text:

Network Security: Private Communication in a Public World, 2nd edition by Kaufman, Perlman, and Speciner. ISBN 0-13-046019-2.

The first edition of this book (much cheaper) is fine for most of the course. There are only a few chapters (IPsec, SSL) that we cover which are not present in the first edition. So if you can access this material, the first edition should suffice.

Course topics, roughly in the order to be covered.

Class notes:

• crypto (DES, MD4, RSA) slides -- NEW VERSION. Here is the (OLD VERSION)
• authentication (KDC, CA) (OLD VERSION)
• standards (Kerberos, SSL, IPsec) (OLD VERSION)
• "Internet context" slides.

Programming projects

Done in Java. Involves understanding a few hundred lines of code and writing tens of lines of code. Submitted and tested on the CS cluster.

Practice exams

Practice exams, primarily based on homeworks, will be posted. Exams of previous semesters are publicly available on the websites. Although they do not cover the "distributed program" material, they do give insight into how I make up problems and how I grade them (the scoring guidelines are also included in the exam solution).

Homeworks

Homeworks will primarily focus on authentication protocols (defined by programs) and their analyses. A few homeworks will be from previous classes; these will have a very small weight in the final grade because their solutions are publicly available on the previous class web pages.

Homeworks are due in class. Late homework submitted within one day of deadline will be graded out of 80%. No submissions accepted after one day of deadline. Submissions that are not neat and easily legible may get zero marks.

Regrade requests

Any regrade request (for exams, homeworks, projects) must be submitted within a week of the grade being posted.

Grading

• Midterm -------- approx 25%     (Date: Thu Mar 31)
• Final ------------ approx 25%     (Date: Tue May 17 1:30 pm - 3:30 pm)
• Homeworks ---- approx  25%    
• Projects --------- approx  25%    

Academic Integrity

Homeworks and projects are to be done individually. You may consult outside references when doing the homework, as long as these sources are properly referenced, you write up the solution yourself, and you understand the answer. For example, if you look at other source code, you may not copy the code directly in your program, but you may model your program after it. And you must reference it!

Academic dishonesty.

This page and all problem sets, lecture notes, and exams linked to it are copyrighted. Use of these pages for the class CMSC414 at the University of Maryland is permitted. Any other use requires permission of the author (Udaya Shankar, shankar@cs.umd.edu).