## Learning objectives

The course aims to provide the student with the knowledge of the main security mechanisms and protocols used for securing communications and for protecting computer networks; in particular the knowledge and understanding of:

- applied cryptography;

- main algorithms and protocols for authentication and for securing data exchanges;

- main communication security protocols;

- possible network vulnerabilities and main network protection mechanisms.

The abilities in applying the above-mentioned knowledge are in particular in the:

- analysis of authentication and data protection schemes based on symmetric and/or asymmetric cryptography;

- design of mechanisms for authentication and secure data exchange;

- configuration and use of standard security protocols and algorithms (e.g. IPSec and TLS protocols; AES, DES, 3DES, RSA cryptography algorithms; digital signature and certificates X.509 and PGP; etc.)

- use of tools for network monitoring and vulnerabilities scanning;

- configuration of systems (e.g. firewalls) for network protection.

## Prerequisites

Familiarity with TCP/IP stack and networking.

## Course unit content

1) Basics of cryptography and authentication mechanisms

- Basics of symmetric (classic) cryptography and examples of algorithms (DES, 3DES, AES)

- Basics of asymmetric cryptography and examples of algorithms(RSA, Diffie-Hellman, DSA); advantages and disadvantages

- Hash and MAC functions (MD5, SHA, HMAC)

- Authentication algorithms, based on both symmetric and asymmetric cryptography

- Key exchange, agreement, and distribution

- Digital signature, digital certificates, certification authority, Public Key Infrastructure, standard X.509, PGP (Pretty Good Privacy)

2) Security protocols

- Protocols for authentication and key exchange (Kerberos, AAA, RADIUS)

- Protocols for secure communications at IP layer (IPSec/AH/ESP), and virtual private networks (VPNs)

- Protocols for secure communications at transport (SSL/TLS) and application layer

3) Network vulnerabilities and countermeasures

- Vulnerabilities of TCP/IP protocols, attacks and countermeasures (sniffing, network and port scanning, spoofing, flooding, buffer overflow, etc.)

- Firewall (packet filtering, ALG, NAT, DMZ), examples of network configurations

- Protocols for FW and NAT traversal (STUN e TURN)

- Intrusion Detection System (IDS)

- Anonymity networks

## Full programme

Syllabus (every class = 2 hours)

Class 1: course organization, objectives, textbooks, exam details; preview of the course; security services; attacks; security tools; symmetric cryptography: introduction; cryptography and cryptanalysis; cipher example (Caesar cipher)

Class 2: symmetric cryptography: types of attacks; side channel attack; computational security; example of cryptanalysis; substitution cipher; polyalphabetic substitution cipher; one time pad (OTP) cipher; transposition; steganography

Class 3: product cipher; block and stream ciphers; block ciphers: block size; substitution and permutation; Feistel cipher; DES; double DES; TDEA

Class 4: AES; encryption of long messages; padding; ECB; examples of attacks to ECB; CBC; examples of attacks to CBC; OFB; CFB; CTR

Class 5: hash functions; brute force attack; birthday paradox; MD5; SHA

Class 6: password hashing; encryption using hash functions; message authentication; MAC and HMAC functions

Class 7: number theory: modular arithmetic, relative prime, Euclid's algorithm, multiplicative inverse

Class 8: number theory: extended Euclid's algorithm, examples; Fermat's theorem; totient function

Class 9: Euler's theorem with demonstration; RSA; RSA example; simple mod pow computation

Class 10: RSA security, primarity test, discrete logarithm, DH, digital signature, RSA signature, signature and encryption, DSA

Class 11: peer entity authentication, zero-knowledge, passwd management, one-time password, challenge-response authentication

Class 12: challenge-response authnetication thorugh symmetric cipher/ MAC/hash/asymmetric algorithms, zero-knowledge, Fiat-Shamir

Class 13: exercises

Class 14: key establishment, symmetric-cryptography-based key establishment, server-based key establishment (KDC)

Class 15: public-key based key establishment; DH and MITM attack to DH, authenticated DH, STS, SIGMA

Class 16: group key management; LKH, group DH, public key distribution, digital certificates, cert chain, trust path

Class 17: certification authority (CA); public key infrastructure (PKI); X.509 certificates; PKCS; certification revocation list (CRL); PGP

Class 18: AAA; HTTP authentication; RADIUS, Diameter; Kerberos; IPSec, ESP, IKE; TLS, TLS handshake

Class 19: anonymity, high-latency anonimity systems; low-latency anonimity systems, onion routing, TOR

Class 20: network vulnerabilities; sniffers; eavesdropping; MITM; spoofing; ARP spoofing; TCP spoofing

Class 21: ICMP attack, DDoS, routing attacks, net scanning, DHCP attack, DNS poisoning, network scanning

Class 22: firewall, packet filter (PF), ALG/Proxy, FW configurations

Class 23: PF exercises; NAT; intrusion detection system (IDS)

Class 24: exercises

## Bibliography

[1] L. Veltri, "Network Security", Slides of the course

[2] W. Stallings, "Cryptography and Network Security: Principles and Practice", Book

## Teaching methods

Classroom teaching (40h), and in class exercises (8h) carried out by the teacher with students, and laboratory acitvities.

## Assessment methods and criteria

The exam can be succeeded as:

1) divided into two written examinations, at the middle and the end of the course, together with a project assignment carried out during the course; or

2) written exam and project assignment, during regular scheduled examinations.

The written exam is composed of questions and exercises.

Examples of exercises are shown and solved during the course.

## Other information

- - -