Master Course Description for EE-418 (ABET sheet)

Title: Network Security and Cryptography

Credits: 3

UW Course Catalog Description

Coordinator: Radha Poovendran, Professor, Electrical and Computer Engineering

Goals: To develop an understanding of the fundamental principles of cryptography and its application to network and communication security. This course will serve as an introduction to the fundamental tools in cryptography and the protocols that enable its application to network and communication security. This course is an introduction to the basic theory and practice of cryptographic techniques used in computer security. We will cover topics such as encryption (secret-key and public-key), digital signatures, secure authentication, key management, cryptographic hashing, and ethics associated with the use of computer security.

Learning Objectives: At the end of this course, students will be able to:

  1. Describe the basic cryptographic primitives, authentication protocols and why they work, what are the common design errors.
  2. Design and analyze some of simpler algorithms in MATLAB (or other languages such as Python, Mathematica).
  3. Analyze the given cipher text using standard cryptanalysis tools to be presented in class.
  4. Describe and analyze authentication protocols for two party communications.
  5. Design algorithms using block ciphers.
  6. Describe the ethical issues related to the misuse of computer security.

Textbook: D. Stinson, Cryptography Theory and Practice, 3rd edition, Chapman & Hall/CRC, 2006.

Reference Texts:

  1. C. Kaufman, R. Perlman, M. Speciner, Network Security (Private Communication in a Public World), Prentice Hall, 2002.
  2. W. Stallings, Cryptography and Network Security, 4th edition, Prentice Hall, 2005.
  3. B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, John Wiley & Sons, 2007.
  4. A. Menezes, P. Van Oorschot, S. Vanstone, Handbook of Applied Cryptography, CRC Press, 2001.

Prerequisites by Topic:

  1. Math 308
  2. Either Math 390, Stat 390 or Industrial Engineering 315
  3. Familiarity with MATLAB is essential.

Topics:

  1. Introduction to classical cryptography and cryptanalysis (Stinson Chapter 1) [1 week]
  2. Introduction to hash functions (Stinson Chapter 4) [1.5 weeks]
  3. Public key encryption (RSA, El-Gamal) (Stinson Chapters 5 and 6) [2 weeks]
  4. Digital signatures (RSA, El-Gamal, DSA) (Stinson Chapter 7) [1.5 weeks]
  5. Authentication and key exchange (Stinson Chapter 10) [2 weeks]
  6. Trust establishment and propagation in wireless and social networks [1 week]
  7. Public key infrastructure and IEEE code of ethics [1 week]

Course Structure: The class meets for two lectures a week, each consisting of 1 hour and 20 minutes. There is (bi-)weekly homework due that includes small computer projects in MATLAB. Two team oriented projects are planned in this course either with MATLAB or other programming language like Python. Course includes one midterm and one final exam. In-class activities include quizzes and 5-minute presentation of a selected security topic.

Computer Resources: The course uses MATLAB/Python for homework exercises and course projects. Students are expected to use their personal laptops, but they may use the ECE department computers as needed.

Grading: 20% Homework, 30% projects, 20% midterm, 25% final exam, 5% in-class activity.

ABET Student Outcome Coverage: This course addresses the following outcomes:

H = high relevance, M = medium relevance, L = low relevance to course.

(1) An ability to identify, formulate, and solve complex engineering problems by applying principles of engineering, science, and mathematics. (H) The course uses mathematical tools. Students must identify and design suitable algorithms. Engineering judgment is developed through the understanding the limitations and advantages of a given cryptographic algorithm or network security protocol. Throughout the course we emphasize the need to use sound design principles instead of relying on mathematics only. Towards this direction, security protocols that were mathematically correct but had design flaws are discussed. Assignments require students to analyze other protocols with weaknesses. The homework involves solving engineering problems identified by the assignments and exemplified by class discussion. The exams and projects challenge the students to identify the issues and formulate their individual solutions. The students develop an implementation for stream cipher based encryption of speech.

(2) An ability to apply engineering design to produce solutions that meet specified needs with consideration of public health, safety, and welfare, as well as global, cultural, social, environmental, and economic factors. (M) The project challenges the students to develop, design and implement different cryptographic algorithms. In most cases, this is implemented in MATLAB.

(3) An ability to communicate effectively with a range of audiences. (M) Students are required to write up their simulations in an engineering format. The ability to communicate effectively in writing is a portion of the grade received on homework and projects. Students are required to give a short presentation on a selected security topic to the class (depending on the instructor).

(4) An ability to recognize ethical and professional responsibilities in engineering situations and make informed judgments, which must consider the impact of engineering solutions in global, economic, environmental, and societal contexts. (H) The course covers security vulnerabilities in systems and their societal implications, enabling the students to recognize the ethical dilemmas that they may face in their professions. Impact of good network security protocols is emphasized. We discuss the impact of design and implementation of insecure protocols and the way they can be exploited. Main focus here will be to show how to design protocols that are resilient to common security threats such as user collusion.

(5) An ability to function effectively on a team whose members together provide leadership, create a collaborative and inclusive environment, establish goals, plan tasks, and meet objectives. (H) The course projects are conducted in teams of up to 3 members and constitute about 30% of their grade (depending on the instructor).

(7) An ability to acquire and apply new knowledge as needed, using appropriate learning strategies. (H) The course emphasizes the need for evolving current secure system designs as new threats emerge and security assumptions are weakened. Further, pointers to security websites and articles are provided in order to enhance personal knowledge in this developing area.

Prepared By: Radha Poovendran

Last revised: 1/31/19