NETWORK SECURITY
cod. 1007093

Academic year 2024/25
1° year of course - Second semester
Professor
Luca VELTRI
Academic discipline
Sistemi di elaborazione delle informazioni (ING-INF/05)
Field
Attività formative affini o integrative
Type of training activity
Related/supplementary
48 hours
of face-to-face activities
6 credits
hub: PARMA
course unit
in ENGLISH

Learning objectives

The course aims to provide the student with the knowledge of the main mechanisms used for securing networked systems and for protecting computer networks; in particular the knowledge and understanding of applied cryptography for data authentication, integrity protection and confidentiality; knowledge of the main security protocols, possible software and network vulnerabilities and protection mechanisms.

Prerequisites

Familiarity with TCP/IP protocols.

Course unit content

Cryptography basics and algorithms;

Authentication mechanisms and digital signature; identification and key exchange; anonymity;

Protocols for secure communications;

Main software and network vulnerabilities, attacks, and countermeasures.

Laboratory activities.

Full programme

Syllabus (every class or laboratory = 2 hours)

Class 1: course organization, objectives, textbooks, exam details; preview of the course; security services; symmetric cryptography, attacks, computational security

Class 2: substitution ciphers, polyalphabetic substitution ciphers, one time pad (OTP) cipher, transposition, product cipher; stream and block ciphers

Class 3: AES; encryption of long messages; padding; ECB; examples of attacks to ECB; CBC

Class 4: examples of attacks to CBC; exercises with Openssl

Class 5: OFB, CFB, CTR; hash functions, brute force attack, birthday paradox, Merkle-Damgard structure, length extension attack

Class 6: SHA1, SHA2, sponge function, SHA3; password hashing; encryption using hash functions

Class 7: number theory: modular arithmetic, prime, relatively prime, GCD, Euclid's algorithm, multiplicative inverse

Class 8: laboratory exercises with symmetric cipher and hash programming

Class 9: multiplicative inverse existence, extended Euclid's algorithm, example, totient function, Euler's theorem; RSA overview

Class 10: demonstration of Euler's theorem and corollary, primitive root, discrete logarithm, primarity test; RSA, example

Class 11: textbook RSA, RSA security, using RSA

Class 12: DH; message authentication (authenticity), MAC functions, HMAC, authenticated encryption

Class 13: digital signature, RSA signature, DSA; identification, challenge-response authentication, symmetric-key based authentication schemes

Class 14: symmetric-key based authentication schemes, mutual authentication, public-key based authentication schemes, One-Time Password, Lamport's scheme, example: HTTP authentication; secret key establishment, long and short-term keys

Class 15: key establishment properties, session key exchange through symmetric cryptography, session key exchange through asymmetric cryptography, authenticated DH; KDC; public key distribution, digital certificates

Class 16: digital certificates, cert chain, trust path; CA, PKI, X.509 certificates, PKCS, CRL

Class 17: laboratory exercises on asymmetric cryptography and X.509, using openssl

Class 18: IPSec, IKE, Transport Layer Security (TLS), example with Wireshark

Class 19: TLS handshake, DTLS; anonymity, high-latency anonymity systems; low-latency anonymity systems, onion routing, TOR

Class 20: vulnerabilities; network vulnerabilities

Class 21: software vulnerabilities, buffer overflow, SQL injection, web vulnerabilities

Class 22: vulnerability scanning; firewalls; Intrusion Detection Systems (IDSs)

Class 23: laboratory exercises on vulnerability scanning and firewalls

Class 24: exercises

Bibliography

[1] L. Veltri, "Cybersecurity", slides of the course, available on the course web site
[2] W. Stallings, "Cryptography and Network Security: Principles and Practice", 8th Edition, Pearson, 2020
[3] W. Stallings, "Computer Security: Principles and Practice", 4th Edition, Pearson, 2017

Teaching methods

Class lessons (40h), and in class and laboratory exercises (8h).

Assessment methods and criteria

The exam consists in a written test formed by questions and exercises.
Examples of exercises are shown and solved during the course.

Other information

- - -

2030 agenda goals for sustainable development

- - -