CS 585

Course Title: Computer Security

Credits: 3

Instructor: Mukesh Singhal, Professor and Endowed Chair.

Class Time/Place: 9-9:50am MWF, Room FPAT 255.

Course Description

The following topics will be covered in roughly the given order.

1.Introduction: what is the problem?
2.Encryption (types of attacks, uses of secret-key and public-key cryptography, uses of hash algorithms)
3.Algorithms (secret key: DES, IDEA, Rijndael, CBC, CFB, OFB, CFB; hashing: MD5, SHS; public-key: RSA, DSS)
4.Authentication (key distribution, passwords, addresses, cryptographic, certificates, nonces, Kerberos)
5.Pitfalls (security handshake attacks, performance problems)
6.Electronic mail (establishing keys, privacy, source authentication, message integrity, non-repudiation, PEM, PGP, X.400)
7. Public-key infrastructure (PKI)
8. Exploits (file permissions, buffer overflow, active data, floods, port scans, IP spoofing)
9. Malware (viruses, worms, Trojan horses, service attacks, distributed denial-of-service, rootshell, repositories)
10.Security software (file scanners, integrity checkers, general monitoring, wrappers, access control, port scan monitors, intrusion detection)
11.Legal, social and ethical issues (key escrow, export rules)

A course in operating systems, some understanding of networks, some mathematical sophistication or the consent of instructor.

Examinations

There will be one in-class, midterm examination during the semester and a two-hour final examination. The date of the mid-term is October 31, 2005 (Monday).

Grading

A student's grade will be determined by a weighted average of homework assignments, mid-term examination, and the final examination.

Homework (or programming assignments): 30%
Midterm: 35%
Final Examination: 35%

Letter Grades: top 40% will get As, next 50% will get Bs, and the rest 10% will get Cs and Ds.

Textbook

William Stallings
Cryptography and Network Security: Principles and Practice
Prentice-Hall, 3rd edition.

Papers from the literature