General Information
Time   :   Fri 10:00am - 12:50am
Location : OHE 132
Instructor   :   Bill Cheng, Office Hours: TuTh 11:00am - 12:00pm in SAL 228, E-mail: <> or <>   (Please do not send HTML e-mails. They will not be read.)
TA   :   Ho Chung, E-mail: <>, Office Hours: Mon 10:00am - 12:00pm in SAL 339
Grader   :   Linus Aranha, E-mail: <>, (The grader will hold office hours the week after the announcement of each programming assignment's grades.)
Lab TA   :   Joseph Greenfield, E-mail: <>
Exam 1   :   in class, 10:00am - 11:20am, Fri, 3/9/2007 (firm)
Exam 2   :   in class, 10:00am - 12:00am, Fri, 4/27/2007 (firm)
Msg Archives   :   messages from Bill, messages from Ho, messages from Linus
Class Resources
Description   :   textbooks, topics covered, grading policies, additional resources, etc.
Papers   :   required technical papers.
Lab   :   information regarding the lab session.
Lectures   :   slides from lectures in HTML and PDF formats.
Homeworks   :   (3-4 homeworks will be assigned. Please also see important information about programming assignments below.)
Term Paper   :   one term paper to be turned in towards the end of the semester.
Moodle   :   social forum can be used for students-to-students discussions about assignments.
(in reversed chronological order)
  • 4/20/2007: Exam 2 is closed book, closed notes, and closed everything (and no "cheat sheet"). Also, no calculators, cell phones, or any electronic gadgets are allowed. a photo ID. Your ID will be collected at the beginning of the exam and will be returned to you when you turn in your exam. There will be assigned seating.

    Exam 2 is comprehensive (cover all the topics of the semester) with the exception of cryptographic protocols. If a particular problem appeared in exam 1, it will not appear in exam 2. Here is a quick summary of the topics covered, in addition to those mentioned for exam 1 (please note that not all topics covered are listed):

    • Key Management
      • group key management
        • GKMP
        • LHK
        • OFT
        • Diffie-Hellman group key
        • rekeying group keys using batched digital signatures
    • Authentication: know, have, about you
      • Unix passwords
      • Kerberos and Directory Servers
      • public key
      • single sign on
      • some applications and how they do it
      • weaknesses
      • Lamport's hash chains
      • trust models for certification
      • GSS-API
      • applications (unix login, telnet, rsh/rlogin, ssh, http/https, ftp, Windows login, e-mail, NFS, Radius)
      • stopping SPAM
      • digital stamps (quota enforcement for SPAM control)
      • Microsoft Passport
      • Liberty Alliance
    • Authorization
      • Access Matrix
      • capability
      • agent-based
      • policy models
        • discretionary policy
        • mandatory policy
        • Bell LaPadula
      • distributed mechanisms
        • proxies
        • GAA-API
    • Intrusion Detection
      • detection - what
        • misuse detection
        • anomaly detection
      • detection - where
        • network based
        • host based
        • application based
      • response
    • Wireless
      • the real difference
        • devices and connectivity
      • some of the benefits
        • redundancy of aommunication paths
        • autonomy
      • WEP vulnerabilities
      • Bluetooth vulnerabilities
      • need for end-to-end security
    • Upload
      • real-time timestamp
      • low-latency commit
      • timely data transfer
      • security protocol
        • use of SHA1
        • use of digital signature
        • use of public key and secret key encryption
    • Privacy
      • transparent society vs. big brother
      • the role or technologist
      • consent
      • authenticity-bit
      • "a possible implementation of authenticity-bit" is excluded
    • Homeworks

  • 3/16/2007: I think I have mentioned that Exam 2 will not be comprehensive. I'm sorry but I just realized that I have made a mistake. Exam 2 will be comprehensive. But, if a problem appeared in Exam 1, it will not appear in Exam 2.

  • 3/1/2007: Exam 1 will be closed book, closed notes, and closed everything (and no "cheat sheet"). Also, no calculators, cell phones, or any electronic gadgets are allowed. Please bring a photo ID. Your ID will be collected at the beginning of the exam and will be returned to you when you turn in your exam. There will be assigned seating.

    Exam 1 will cover everything from the beginning of the semester till what was covered by the end of lecture 7. Here is a quick summary of the topics (not all topics covered are listed):

    • Cryptography
      • basic building blocks
        • transposition/permutation
        • substitution
        • monoalphabetic substitution cipher
        • one-time pad
        • stream vs. block
      • conventional/symmetric/secret key
        • DES (and 3DES)
          • components (Fiestel Network, S-boxes, P-boxes)
          • modes of operation (ECB, CBC, CFB, OFB)
          • HW2
        • AES/Rijndael, others (UNIX password)
      • public key/asymmetric
        • RSA
          • private/public key
          • encryption/decryption
        • ElGamal, Elliptic curve cryptosystems
      • digital signatures
      • Diffie-Hellman key exchange
      • hash functions
        • one-time signature (signature using only hashes)
          • Lamport's one-time signature
          • Merkle's one-time signature and tree-based scheme
        • SHA-1 broken
        • message authentication code
      • visual cryptography
        • black and white bitmaps
        • color bitmaps or grey scale pictures
    • Cryptographic Protocols
      • Basic Protocols
        • Authentication using 1-way function (SKEY)
        • Authentication using PKC (NSPK)
          • Breaking NSPK
          • Fixing NSPK
        • Multiple-Key PKC
        • Secret Splitting
        • Secret Sharing with (k,n) threshold scheme
      • Intermediate Protocols
        • Timestamping services
        • Various protocols that involves some form of digital signatures
          • Subliminal channel
          • Undeniable digital signatures
          • Designated confirmer signatures
          • Proxy signatures
          • Group signatures
          • Fail-Stop digital signatures
        • Computing with encrypted data
        • Bit commitment
          • Using symmetric encryption
          • Using one-way functions
          • Using pseudo-random generators
        • Fair coin flips
          • Using one-way functions
          • Using PKC
        • Key escrow
      • Advanced Protocols
        • Zero Knowledge Proofs
        • Blind Signatures
        • ID-based PKC
        • Oblivious Transfer
        • Simultaneous Contract Signing
      • Esoteric Protocols
        • Secure Multi-Party Computation
        • Secure Elections
        • Digital Cash
        • Anonymous Message Broadcast
    • Key Management
      • pairwise key management
      • conventional key management
        • KDC, Needham-Schroeder, Kerberos
      • public key management
        • certification authority

  • 1/2/2007: Watch this area for important announcements.
Important Information about Programming Assignments
Some homework assignments will require you to write some code. You must write your code in C/C++. No other programming language will be accepted and your program must compile and run with a Makefile on (Sorry, no Java.) You must be familiar with the UNIX development environment (vi/pico/emacs, cc/gcc or g++/CC, make, etc.)

If a student signs up late for this class or could not be present at the beginning of the semester, he/she is still required to turn in all assignments on time or he/she will receive a score of 0 for these assignments. No exceptions!


   [Please see copyright regarding copying.]