Computer and Network Security
CS494/594      Fall '06

Administrative (sections 494/4 594/9 ) UTK Computer Science

Where: 206 Claxton      When: Tuesday evening 5:05 to 7:45

Instructor: Tom Dunigan

Office hours: Claxton 222 (by appointment)

Teaching assistant: A. J. Wright (ajw at utk dot edu)

Text: Stallings (4th edition) Cryptography and Network Security

Objective

Understand computing security vulnerabilities and the techniques and tools for developing secure applications and practicing safe computing

Course work

Lectures, readings, exercises, PGP/ssh/openssl usage, developing small secure applications in C, midterm, and final exam. Grad level (594) will write a paper as well.

Prerequisites

Familiarity with UNIX and C/make, CS 360 desirable

Syllabus

The course will cover three areas: security risks and countermeasures, principles of computer cryptography, and applied cryptography.

• Overview, vulnerabilities, risk assessment, incidents, forensics.
• UNIX vulnerabilities and safeguards
• Hash functions (MD5, SHA, RIPEM,Whirlpool)
• Authentication and authorization
• Network security (BSDisms, sniffers, wrappers, vpns, firewalls, intrusion detection)
• Kerberos, trusted systems, secure OS
• Cryptography, steganography, number theory, random numbers
• Secret key encryption (DES, IDEA, RC5, CAST, AES(Rijndael))
• Public key encryption (Diffie-Hellman, RSA, ECC, DSA)
• key management, PKIs
• OpenSSL and crypto API's, writing secure software
• secure applications: PGP, S/MIME, ssh, netscape/SSL, IPsec
• Issues: legal/political/ethical