ECE 628 - Winter 2014

ECE 628 - Computer Network Security

Instructor

G.B. Agnew, E5 4016 X33041, gbagnew@uwaterloo.ca

References

  • ECE 628 Course Notes - Available on UW-LEARN
  • Selected Papers

Lectures

Thursday 11:30pm – 2:20pm in room MC 4040

Description

This course will deal with many aspects of Cryptography, Cryptanalysis, Data and Communications Security.

Topics will include

  • Introduction to cryptography, secrecy, authentication and digital signatures
  • The theory of secure communications
  • Study of conventional and public key cryptographic systems
  • Cryptanalysis of cryptographic systems
  • Protocol development and analysis
  • Implementations of secure systems
  • Timing and Power Attacks
  • Wireless System Security
  • Applications such as Electronic Commerce

Grading

Grading will consist of three quizzes (based on assigned readings) and a final exam.

  • Quiz – 30%
  • Final - 70%

Background Requirements

Students attending this course should have a good working knowledge of probability theory and computer networks.

Course Outline

  1. Introduction to Cryptology
    • cryptography, cryptanalysis
    • security, authentication, digital signatures
    • wiretapping, active and passive
    • secure system requirements
    • classification of cryptosystems
  2. Theory of Secure Communications
    • Shannon theory for secure systems
    • entropy
    • equivocation
    • redundancy
    • random cipher model
    • unicity distance
    • complexity theory
    • cryptographic classifications of security
  3. Networks and Systems
    • applications of cryptography
    • points of attack
    • security issues
    • link/end-to-end encryption
  4. Conventional Cryptographic Systems
    • principles of confusion and diffusion
    • Block Ciphers/Stream Ciphers
    • simple transposition ciphers
    • substitution ciphers
    • homophonic substitution
    • Beale Ciphers
    • polyalphabetic substitution
    • Vigenere cipher
    • Beaufort cipher
    • index of coincidence
    • Kasiski method
    • running key ciphers
    • Rotor machines
    • product ciphers
    • Strict Avalanche Condition
    • Lucifer cipher
    • Feistel Ciphers
    • DES
    • IDEA
    • AES
    • cryptanalysis
    • MD5
    • SHA -1, SHA-2, SHA-3
    • Key Management
  5. Finite Field Arithmetic
    • modular arithmetic
    • Euclid's GCD
    • Primality
    • finite fields and extension fields
    • CRT
    • Factoring
    • Logarithms
    • Number Representations
  6. Public Key Systems
    • RSA
    • D-H
    • Elliptic Curves
    • Zero Knowledge systems
  7. Protocols and Applications
    • PKI
    • Threshold Schemes
    • Suite B Algorithms
    • Standards (P1363, FIPS 140)
    • Internet Security (IPSec, SSL, TLS, S/MIME)
    • Firewalls
    • Wireless Systems and security (WiFi, Bluetooth, etc.)
  8. Implementations and Applications
    • Smart Cards – characteristics and attacks
    • Power Attacks and Timing Attacks
    • Copyright protection and Electronic Watermarks
    • Digital Rights Management