Prerequisites: COMS W3139 (Data Structures) and COMS W4119 (Computer Networks) or equivalent (e.g., an OS course covering computer networks). Fluency in C and/or Java. Introduction to cryptography and its application to network and operating system security: security threats; applications of cryptography; secret key and public key cryptographic algorithms; hash functions; basic number theory; authentication; security for electronic mail and network scripting languages.
| Lecturer/Manager | Professor Henning Schulzrinne | ||||||||||
| |||||||||||
| Mailing list: | cs4180@cs.columbia.edu, subscribe, archive (similar to web board) | ||||||||||
| Web pages: | main, | ||||||||||
| Teaching assistants: | Sankaran Narayanan <sankaran@ober.cs.columbia.edu> | ||||||||||
| Teaching assistant office hours: | by arrangement | ||||||||||
| Rules: | The standard rules apply. | ||||||||||
| Day and time: | pre-taped. | ||||||||||
| Credits for course: | 3 | ||||||||||
| Prerequisites: | The course requires a background in computer networks (e.g., CS4118 or preferably CS4119) and programming experience (CS 3139 (Data Structures) or equivalent; C, C++ or Java; Unix/NT). | ||||||||||
| Description: | Instead of relying exclusively on physical security and separate networks, more and more applications are moving to shared networks like the Internet. These applications include the electronic banking and commerce, virtual private networks and the transfer of sensitive medical or personnel data. A combination of security measures, including cryptography and firewalls, need to be integrated into network architecture, protocols and implementations to offer reasonable assurance as to privacy and user identity. The course will provide the necessary foundations for network security, including encryption techniques, design of secure systems and protocols as well as enhancements for existing protocols like electronic mail, WWW and the Internet protocol. While the majority of the material will be drawn from the text, additional topical areas such as electronic cash, the WWW security protocol SSL and Java security issues will be covered. | ||||||||||
| Required text(s): | Charlie Kaufman, Radia Perlman and Mike Speciner, Network
Security - Private Communication in a Public World, Prentice Hall,
Englewood Cliffs, New Jersey, 1995. ISBN 0-13-061466-1
This book and the books below are available from most Internet book merchants. Links on the ISBN number lead to Amazon. You can find the best price from sites such as bestedeal.com, mysimon.com or smartshopper.com. | ||||||||||
| Reference text(s), not required: | Bruce Schneier, Applied Cryptography (2nd ed.), John Wiley,
1996. ISBN
0-471-11709-9.
James F. Kurose and Keith W. Ross, Computer Networking: A Top-Down Approach Featuring the Internet, Addison Wesley, 2000. ISBN 0-471-11709-9. Stephen Thomas, SSL and TLS Essentials, John Wiley, 2000. ISBN 0-471-38354-6 Naganand Doraswamy and Dan Harkins, IPSec - The New Security Standard for the Internet, Intranets and Virtual Private Networks, Prentice Hall, 1999. ISBN 0-13-011898-2 William R. Cheswick and Steven M. Bellovin, Firewalls and Internet Security, Addison Wesley, 1994. ISBN 0-201-63357-4 Also, class notes, copies of slides and reference documents will be available on Columbia machines at http://www.cs.columbia.edu/~hgs/teaching/security/slides. There is also a general list of Internet resources, including network security. | ||||||||||
| Assignments: | About 5 Homework assignments, each including questions and small programming problems. (Some assignments may be split into a written and programming part.) | ||||||||||
| Project(s): | Students are expected to complete several mid-sized programming projects during the course of the semester as part of the assignment. Programming projects include:
| ||||||||||
| Midterm exam: | 90 min. during class hours, closed book | ||||||||||
| Final exam: | Two hours, closed book | ||||||||||
| Grading: | Assignments 30%, midterm 30%, final 35%, class participation 5% | ||||||||||
| Computer hardware and software requirements: | Computer Science CLIC computer account (not ACIS). Access to a Linux or Solaris machine is assumed, either on-campus/local or via dial-in. Programming projects can be done in C, C++ or Java. Familiarity with basic system Unix programming concepts is assumed. | ||||||||||
| Homework submission: | For off-campus students and programming assignments, by electronic mail to the teaching assistant. On-campus students submit written assignments to the TA on paper at beginning of class. |
| Original date | # | Summer date | Topics/chapters covered | Assigned | Due |
|---|---|---|---|---|---|
| Tu, Sept. 5, 2000 | 1 | Tu, Sept 11, 2001 | Course mechanics; Introduction: issues of network security (ch. 1) | ||
| Th, Sept. 7, 2000 | 2 | Th, Sept. 14, 2001 | Review of networks (ch. 1); denial of service attacks | 1 | |
| We, Sept. 13, 2000 | 3 | Tu, Sept. 18, 2001 | Review of networks (ch. 1); firewalls | ||
| Th, Sept. 14, 2000 | 4 | Th, Sept. 20, 2001 | orange book; patent issues; introduction to cryptography (ch. 2) | ||
| Tu, Sept. 19, 2000 | 5 | Tu, Sept. 25, 2001 | Secret key cryptography (ch. 3) | 2 | |
| Th, Sept. 21, 2000 | 6 | Th, Sept. 27, 2001 | 1 | ||
| Tu, Sept. 26, 2000 | 7 | Tu, Oct. 2, 2001 | Cryptography | 2 | |
| Th, Sept. 28, 2000 | 8 | Th, Oct. 4, 2001 | Secret key cryptography (ch. 3); DES | ||
| Tu, Oct. 3, 2000 | 9 | Tu, Oct. 9, 2001 | Secret key cryptography (ch. 3); IDEA; CBC/OFB | 3 | |
| Th, Oct. 5, 2000 | 10 | Th, Oct. 11, 2001 | Hashes and message digests (ch. 4) | ||
| Tu, Oct. 10, 2000 | 11 | Tu, Oct. 16, 2001 | MD2/4/5; public key algorithms (ch. 5) | ||
| Mo, Oct. 16, 2000, 5.40 - 6.35 pm, Room 1127, | 12 | Th, Oct. 18, 2001 | public key algorithms (RSA, prime number generation) | ||
| Tu, Oct. 17, 2000 | 13 | Tu, Oct. 23, 2001 | Number theory (ch. 6) | 3 | |
| Th, Oct. 19, 2000 | (14) | Th, Oct. 25, 2001 | Midterm (during class time, closed book, closed notes) | ||
| Tu, Oct. 24, 2000 | 15 | Tu, Oct. 30, 2001 | Authentication systems (ch. 7) | ||
| Th, Oct. 26, 2000 | 16 | Tu, Nov. 1, 2001 | Authentication systems | 4 | |
| Tu, Oct. 31, 2000 | 17 | Th, Nov. 6, 2001 | Intrusion detection | ||
| Th, Nov. 2, 2000 | 18 | Th, Nov. 8, 2001 | Authentication of People | ||
| Tu, Nov. 9, 2000 | 19 | Tu, Nov. 13, 2001 | Security handshake pitfalls (ch. 9) | 5 | 4 |
| Tu, Nov. 14, 2000 | 20 | Th, Nov. 15, 2001 | Security handshake pitfalls (ch. 9) | ||
| Th, Nov. 16, 200 | 21 | Tu, Nov. 20, 2001 | Kerberos V4 (ch. 10) | ||
| Tu, Nov. 21, 2000 | 22 | Th, Nov. 22, 2001 | Kerberos 4, 5 (ch. 11) | 5 | |
| Tu, Nov. 28, 2000 | 23 | Tu, Nov. 27, 2001 | Kerberos 5, operating system vulnerabilities | 6 | |
| Th, Nov. 30, 2000 | 24 | Th, Nov. 29, 2001 | Operating system vulnerabilities; IP security | ||
| Tu, Dec. 5, 2000 | 25 | Tu, Dec. 4, 2001 | Email security; PGP (Pretty Good Privacy) (ch. 14), OpenPGP | ||
| Th, Dec. 7, 2000 | 26 | Th, Dec. 6, 2001 | Web security and SSL/TLS | 6 | |
| Th, Dec. 21, 2000, 1.10 to 4 pm | Th, Dec. 11, 2001, 1.10 to 4 pm | Final Exam |
Last updated by Henning Schulzrinne