Network Security [NetSec]

Summer 2013

Contents

This course introduces various aspects of network security. Starting with a discussion of threats and possible attacks, requirements for the design of secure networks will be introduced. We study basic cryptographic algorithms and protocols and, most importantly, their use and integration into state-of-the-art network protocols and architectures. Furthermore, attacks and possible countermeasures will be discussed.

The basic introduction to cryptography and cryptographic protocols follows the recommendations of the Mustercurriculum Kryptologie of the "Fachgruppe für Angewandte Kryptologie der Gesellschaft für Informatik".

    • Cryptography
      Basics, symmetric cryptography, asymmetric cryptography
    • Cryptographic Techniques
      Modification check values, random number generation
    • Security Protocols
      Cryptographic protocols, integrating security services into communication architectures
    • Security of Communication Protocols
      Medium access (PPP, 802.1x, WLAN), network layer (IPSec), transport/session layer (SSL, TLS)
    • Security in Mobile Networks
      Location privacy, pseudonyms, mix networks
    • Attack Detection and Countermeasures
      Attack detection and prevention, IP traceback

Learning Outcome

The learning objective is to unserstand the fundamental concepts of network security. Students understand these concepts and are able to apply this knowledge.

General Information / Methods

This master course will be held in English and all the course material is available in English. Oral exams can be organized in English as well as in German.

  • Lecture, 2 SWS, 4 ECTS
  • Proseminar, 3 SWS, 6 ECTS

Instructors

Schedule

  • Lecture (LV 703646)
    Thursday, 12:15pm - 1:45pm, SR Container 1
  • Proseminar (LV 703647)
    Thursday, 2:15pm - 5:00pm, RR 20 (starting March 21, 2013)

Exams

There will be oral exams for the lecture. We will provide more information at the end of the summer term. The grading of proseminar will be based on the assignments and the discussion of the home work.

Oral examination is by appointment.

Evaluation

Many thanks for the critical and helpful evaluation!

Literature

  • Günter Schäfer, Netzsicherheit: Algorithmische Grundlagen und Protokolle, Heidelberg, dpunkt.verlag, 2003. [BibTeX, Details...]
  • William Stallings, Cryptography and Network Security: Principles and Practice, ed. old edition, Upper Saddle River, Pearson Prentice Hall, 2005. [BibTeX, Details...]

Lecture

  • Course Organization - PDF (Version 1, 16.2.2013, 487kB)
  • Introduction - PDF (Version 1, 25.2.2013, 471kB)
  • Basics of Cryptography - PDF (Version 1, 25.2.2013, 221kB)
  • Symmetric Cryptography - PDF (Version 1, 10.3.2013, 473kB)
  • Asymmetric Cryptography - PDF (Version 1, 10.3.2013, 318kB)
  • Modification Check Values - PDF (Version 1, 10.3.2013, 353kB)
  • Random Numbers - PDF (Version 1, 10.3.2013, 196kB)
  • Cryptographic Protocols - PDF (Version 1, 15.4.2013, 622kB)
  • Integrating Security Services - PDF (Version 1, 23.4.2013, 447kB)
  • Medium Access - PDF (Version 1, 23.4.2013, 377kB)
  • Security of Wireless LAN - PDF (Version 1, 5.5.2013, 280kB)
  • IPSec Security Architecture - PDF (Version 1, 5.5.2013, 659kB)
  • Transport Layer Security - PDF (Version 1, 23.5.2013, 297kB)
  • Location Privacy - PDF (Version 1, 12.6.2013, 262kB)
  • Denial of Service - PDF (Version 1, 12.6.2013, 982kB)
  • Attack Detection - PDF (Version 1, 1.7.2013, 982kB)
  • Attack Mitigation and Countermeasures - PDF (Version 1, 1.7.2013, 733kB)

Proseminar

  • Exercise #1 (21.03.2013) - Introduction, Enigma (PDF)
    assignment00 - Hello World (PDF, Template)
    assignment01 - Enigma (PDF, Template)
  • Exercise #2 (11.04.2013) - RSA (PDF)
    assignment02 - RSA (PDF, Template)
  • Exercise #3 (18.04.2013) - Operation Modes (PDF)
    assignment03 - Operation Modes (PDF, Template)
  • Exercise #4 (25.04.2013) - Birthday Attacks (PDF)
    assignment04 - Birthday Attacks (PDF, Template)
  • Exercise #5 (02.05.2013) - Crypto Challenge (PDF)
    assignment05 - Crypto Challenge (PDF, Template)
  • Exercise #6 (16.05.2013) - Wireless Security
    WEP cracking (PDF)
  • Exercise #7 (23.05.2012) - TLS (PDF)
    assignment07 - TLS (PDF, Template)
  • Exercise #8 (06.06.2013) - Mix Networks (PDF) and IPsec (PDF)
    assignment08 - Mix Networks (PDF, Template)
  • Exercise #9 (13.06.2012) - Web Security (PDF)
    assignment09 - Weak SSH Keys (PDF, Template)
  • Exercise #10 (20.06.2012) - Netfilter (PDF)
    Bonus Points - Hacking Challenge (PDF)