Title: Network Security and Cryptography
Coordinator: Radha Poovendran, Professor, Electrical and Computer Engineering
Goals: To develop an understanding of the fundamental principles of cryptography and its application to network and communication security. This course will serve as an introduction to the fundamental tools in cryptography and the protocols that enable its application to network and communication security. This course is an introduction to the basic theory and practice of cryptographic techniques used in computer security. We will cover topics such as encryption (secret-key and public-key), digital signatures, secure authentication, key management, cryptographic hashing, and ethics associated with the use of computer security.
Learning Objectives: At the end of this course, students will be able to:
Textbook: D. Stinson, Cryptography Theory and Practice, 3rd edition, Chapman & Hall/CRC, 2006.
Prerequisites by Topic:
Course Structure: The class meets for two lectures a week, each consisting of 1 hour and 20 minutes. There is (bi-)weekly homework due that includes small computer projects in MATLAB. Two team oriented projects are planned in this course either with MATLAB or other programming language like Python. Course includes one midterm and one final exam. In-class activities include quizzes and 5-minute presentation of a selected security topic.
Computer Resources: The course uses MATLAB/Python for homework exercises and course projects. Students are expected to use their personal laptops, but they may use the ECE department computers as needed.
Grading: 20% Homework, 30% projects, 20% midterm, 25% final exam, 5% in-class activity.
ABET Student Outcome Coverage: This course addresses the following outcomes:
H = high relevance, M = medium relevance, L = low relevance to course.
(1) An ability to identify, formulate, and solve complex engineering problems by applying principles of engineering, science, and mathematics. (H) The course uses mathematical tools. Students must identify and design suitable algorithms. Engineering judgment is developed through the understanding the limitations and advantages of a given cryptographic algorithm or network security protocol. Throughout the course we emphasize the need to use sound design principles instead of relying on mathematics only. Towards this direction, security protocols that were mathematically correct but had design flaws are discussed. Assignments require students to analyze other protocols with weaknesses. The homework involves solving engineering problems identified by the assignments and exemplified by class discussion. The exams and projects challenge the students to identify the issues and formulate their individual solutions. The students develop an implementation for stream cipher based encryption of speech.
(2) An ability to apply engineering design to produce solutions that meet specified needs with consideration of public health, safety, and welfare, as well as global, cultural, social, environmental, and economic factors. (M) The project challenges the students to develop, design and implement different cryptographic algorithms. In most cases, this is implemented in MATLAB.
(3) An ability to communicate effectively with a range of audiences. (M) Students are required to write up their simulations in an engineering format. The ability to communicate effectively in writing is a portion of the grade received on homework and projects. Students are required to give a short presentation on a selected security topic to the class (depending on the instructor).
(4) An ability to recognize ethical and professional responsibilities in engineering situations and make informed judgments, which must consider the impact of engineering solutions in global, economic, environmental, and societal contexts. (H) The course covers security vulnerabilities in systems and their societal implications, enabling the students to recognize the ethical dilemmas that they may face in their professions. Impact of good network security protocols is emphasized. We discuss the impact of design and implementation of insecure protocols and the way they can be exploited. Main focus here will be to show how to design protocols that are resilient to common security threats such as user collusion.
(5) An ability to function effectively on a team whose members together provide leadership, create a collaborative and inclusive environment, establish goals, plan tasks, and meet objectives. (H) The course projects are conducted in teams of up to 3 members and constitute about 30% of their grade (depending on the instructor).
(7) An ability to acquire and apply new knowledge as needed, using appropriate learning strategies. (H) The course emphasizes the need for evolving current secure system designs as new threats emerge and security assumptions are weakened. Further, pointers to security websites and articles are provided in order to enhance personal knowledge in this developing area.
Prepared By: Radha Poovendran
Last revised: 1/31/19