- Crypto Courses Elsewhere:
- UIUC, MIT, GA Tech, NYU, UMD, Coursera (needs registration).
- N/w Security Courses Elsewhere:
- Stanford, Boston U, MIT.

- Reference Books:
- Katz-Lindell
- Boneh-Shoup (draft)
- Rosulek (draft)
- MPC and Secret-Sharing
- Handbook of Applied Cryptography
- Stinson
- Joux (cryptanalysis)
- Goldreich (foundations) (Also A Primer)

- Notes: Bellare-Rogaway, Goldwasser-Bellare, Waters, Pass-Shelat.
- Basics: Probability

CS 649: Network Security

Spring 2017

- 2:00 PM - 3:25 PM Monday/Thursday

SIC 201 (2nd Floor, KReSIT)

Online Forum: Piazza

This course is intended to provide a theoretically sound foundation in cryptography as used in network security. We shall learn about basic cryptographic tool like encryption and message authentication, in the "private-key" and "public-key" settings, with a focus on mathematical definitions of security, "provably secure" constructions based on fundamental cryptographic primitives, and how they are used in higher-level network security protocols. The course will also offer an opportunity to explore the current practice and challenges in network security via a course project.

__Course contents.__ The first (and main) part of the course will focus on
understanding several cryptographic tools: Secret-sharing, Pseudorandom
generators (PRG), Symmetric Key Encryption (SKE), Message Authentication
Codes (MAC), Public Key Encryption (PKE), Digital Signatures and
Collision-Resistant Hash Functions (CRHF). Also, lower-level abstract cryptographic
primitives like one-way functions, hardcore predicates and trapdoor one-way
permutations, as well as some algebraic and number-theoretic functions which
are used to instantiate these primitives will be covered. A good
reference would be the Katz-Lindell textbook
or the Boneh-Shoup textbook.

In the second part of the course we will overview some major examples of how these cryptographic tools are employed in network security protocols: IPsec, TLS and DNSSEC.

The course project will give you a chance to implement cryptographic schemes, dig deeper into network security protocols and known vulnerabilities, or study advanced cryptographic tools not covered in the lectures.

__Graded Work.__ The graded work involves two quizzes (60%), a few
homework assignments (15%), a team project (20%) and attendance (5%). The
projects will be evaluated based on a report or demo (depending on the nature
of the project), and meeting(s) with the instructor prior to that. Some sample
topics for the project will be provided later on. The quiz schedule will be
announced later.

If you are auditing the course, you should have an attendance of over 80% and score over 50% in the homework assignments.

__Background.__ This course will have a theoretical flavour: you will
need to be comfortable with mathematical definitions and proofs ("mathematical
maturity"). Specific mathematical topics that will be encountered are
elementary probability, elementary algebra and elementary number theory. For
the second part, it may help to be familiar with computer networks but this is
not a pre-requisite.

__Teaching Assistants.__

- Neha Garg (nehagarg@cse)
- Amit Khandelwal (153050012@iitb)
- Ravi Shankar Mishra (ravimsr@cse)
- Pradyot Prakash (pradyot@cse)

__Office hours.__ The instructor and TAs will hold weekly office hours:

Who | When | Where | |
---|---|---|---|

Ravi | Mon | 11:00 AM - 12:00 PM | New CSE 203 |

Amit | Tue | 02:00 PM - 03:00 PM | KReSIT 313 |

Pradyot | Wed | 11:00 AM - 12:00 PM | KReSIT Library |

Neha | Wed | 03:00 PM - 04:00 PM | KReSIT 212 |

Manoj | Fri | 03:00 PM - 04:00 PM | New CSE 214 |

Please do come for the office hours, if you found anything mysterious (or missed anything) in the lectures or assignments. You are also welcome to drop by and chat about the content/structure of the course during the office hours. Feel free to e-mail anytime if you have any questions or comments.

- Lecture 00: (Jan 2): Introduction [ html|pdf|print ]
- Lecture 01: (Jan 5): Secret-Sharing [ html|pdf|print ]
- Lecture 02: (Jan 9): Defining Encryption (part 1: One-Time security) [html|pdf|print]
- No Lecture on Jan 12. Tutorial
- Lecture 03: (Jan 16): Defining Encryption (part 2: CPA security) [html|pdf|print]
- Lecture 04: (Jan 19): Indistinguishability, PRG, Stream Cipher [html|pdf|print]
- Lecture 05: (Jan 23): PRF, Block Ciphers [html|pdf|print]
- Assignment 1 (released Monday Jan 23; due Monday Feb 6)
- Lecture 06: (Jan 30) One-Way Functions, Hardcore Predicates. Building a PRG. [html|pdf|print]
- Lecture 07: (Feb 2) CCA-secure SKE. MAC. [html|pdf|print]
- Lecture 08: (Feb 6) MAC (ctd). SKE in Practice [html|pdf|print] (Symmetric-key cryptanalysis reference)
- Lecture 09: (Feb 9): Public-Key Encryption: DDH [html|pdf|print]
- Lecture 10: (Feb 13): Public-Key Encryption: Trapdoor OWP, Chinese Remainder Theorem [html|pdf|print]
- Lecture 11: (Feb 16): Trapdoor OWP Candidates: RSA and Rabin [html|pdf|print]
- Lecture 12: (Feb 27): Public-Key Encryption: CCA security [html|pdf|print]
- Quiz 1: Feb 28, 8:30 - 10:30 PM. Room 103 (New Building)
- Lecture 13: (Mar 2): Public-Key Encryption: CCA security (ctd.) [html|pdf|print]
- Lecture 14: (Mar 6): Hash functions: Flavors of collision resistance [html|pdf|print]
- Assignment 2 (released Monday Mar 6; due Monday Mar 20)
- Lecture 15: (Mar 9): Hash function constructions [html|pdf|print]
- Lecture 16: (Mar 16): Hashes for MAC. Digital Signatures. [html|pdf|print]
- Lecture 17: (Mar 20): Randomness Extractors. Secure Communication in Practice. [html|pdf|print]
- Lecture 18: (Mar 23): IPsec, BGPsec, DNSSEC, and a bit of Zero-Knowledge Proofs [html|pdf|print]
- No Lectures on Mar 27 & 30 due to MPC school/workshop.
- Assignment 3 (released Monday Apr 3; due Monday Apr 17)
- No Lecture on April 3
- Guest Lecture: (Apr 6): Network Security Basics, DNS Attacks [By Prof. Kameswari Chebrolu: pdf, pdf]
- Lecture 19: (Apr 10): Password-Based Crypto [html|pdf|print]
- Lecture 20: (Apr 13): Miscellany [html|pdf|print]
- Quiz 2: Apr 13, 8:30 - 10:30 PM. Room 103 (New Building)
- Project Presentations: April 27/28