COMP3441/9441 Cryptography and Security 2004 Session 2

School of Computer Science and Engineering The University of New South Wales Sydney Australia

Subject Information

version 1.11

A signed version of this text document is available on the web as http://www.cse.unsw.edu.au/~cs3441/info.txt.
A non-signed html formtted version is available as http://www.cse.unsw.edu.au/~cs3441/info.html.
These will be updated from time to time, check regularly for the latest version.
The signed version is the official version.

Contents

This subject provides a broad introduction to computer security. We concentrate on two types of scenarios:

1. Protecting a trusted internal zone from an untrusted external world
2. Two parties communicating over on untrusted medium

To this end we cover intrusion prevention, detection and response (i.e. dealing with hackers and crackers), together with cryptography and cryptographic protocols.

A detailed list of topics is available in the subject schedule. This is likely to change somewhat from year to year to keep the coverage interesting and up-to-date. As you will see security is a constantly changing field.

Each week we'll cover a security topic and a cryptographic topic. You will learn both the theoretical foundations and direct practical application for each topic. My aim is to have a strong hands-on focus wherever possible to teach you practical skills you can start to apply immediately.

The field is too big to cover everything in one subject but by the end you will have an overview of the major topics in security, a good understanding of the current state of play, and have started to think like a security expert.

My intention is make this a highly enjoyable subject. The field is a great deal of fun with puzzles, cunning, cloak-and-dagger antics and a never ending supply of great stories. However it will not be an easy subject - I'll expect you to master the underlying theory *and* to be able to apply it to real world situations. That's a lot to learn. Furthermore you may find that my teaching style does not suit you. You should consider these factors carefully before deciding to take this subject (I've provided more information to help you assess these factors - follow this link).

For those who decide to proceed: hold onto your hats. You are in for a great ride!

[back to top]

I'll assume you know Java and the material from Data Organisation. You need to be able to program and to be familiar with programming concepts.

You need to know about operating systems and networks. I haven't made the subjects Operating Systems and Networks compulsory prerequisites however as you only need to know a fraction of the material covered in these subjects, and the networking material we do use involves much more detail than is covered in the general networking subject.

Doing Networking and Operating Systems in advance will help you in this subject so do them if you can. However I'll assume you haven't done them and will cover the material you need either in class, in optional lectures, or in additional reading for you to do in your own time if you think you need to do so.

We'll be working with a number of cryptographic techniques. So you'll need to know some simple abstract algebra or be willing to learn. Finite maths and discrete maths is sufficient background. Less background would be ok if you are keen and prepared to learn a few simple topics on your own.

For networking you'll need to know the basics of TCP/IP, or be willing to learn. I'll run some extra TCP/IP lectures in the first few weeks for those who haven't done networking or who are feeling a bit rusty.

You don't really need to have done Algorithms to have done this subject. We don't rely on anything you would learn in it, and indeed there may even be some repeated coverage since we will do the RSA algorithm again (if applies to you - sorry!) If you have done Algorithms however you will have a nice understanding of the limitations of brute force attacks.

[back to top]

After completing this subject, you should be able to:

• design and audit security policies,
• understand and use mathematical cryptographic techniques,
• be familiar with the major cryptographic protocols and know their strengths, weaknesses, and when it is appropriate to use them,
• be familiar with the major cryptosystems and cryptographic applications and know their strengths, weaknesses, and when it is appropriate to use them,
• have an understanding of the types of hackers/crackers, and of their motivations and behaviour,
• design and configure firewall systems,
• have an appreciation of the major elements of intrusion prevention and be able to assess the strengths and weaknessess of particular sites,
• have an understanding of intrusion detection measures and be able to implement a simple intrusion detection system using an application such as snort,
• understand various possible attacks using tcp/ip and countermeasures for each,
• understand the vulnerabilities of each level of the tcp/ip stack and security approaches to address these,
• understand the vulnerabilities of the major operating systems found on hosts: including windows, linux, and cisco os,
• be able to harden a host.

[back to top]

Important notices related to this course will be displayed on the StopPress section of the subject home page from time to time. It is your responsibility to check this page regularly. The URL is:

  http://www.cse.unsw.edu.au/~cs3441/

Sometimes urgent information may also be sent to you by email. Make sure you pay careful attention to any email you receive.

All official email will be sent to your cse email address. If you prefer to read your mail at some other address you will need to redirect your mail using mlalias. Ask your tutor if you need help doing this.

Additional information will be provided in the subject Forum/FAQ and elsewhere on the 3441 site as the session progresses. Lecture notes and supporting material will be made available via the subject wiki.

You should regularly explore the subject web site, read the stopPress, wiki, forums, and this page regularly for updates.

[back to top]

There may also be some visiting guest speakers.

[back to top]

If you need help email or speak to your tutor in the first instance.

If your tutor can't help you with an admin matter contact Mei Cheng (email cs3441@cse.unsw.edu.au, or meet her face to face at an admin consult). Admin matters include requests for extensions and special considerations.

If you need help with the subject material attend a teaching consult or ask Richard at the lecture. Richard will stay back as late as needed after lectures to answer questions.

To contact Richard use the subject forum. Please do not email Richard at his personal email address, he does not read email reliably. Richard, the other subject staff, and your fellow students all monitor the forum regularly and questions there usually get a prompt response.

For urgent issues email Mei Cheng and she will deal with it or pass it on to Richard as appropriate.

[back to top]

Lectures are Tuesday 5-8pm in Mathews Theatre B Rex Vowels Theatre. These are followed immediately by a seminar from 8-9pm in the same room. That's a long time. We'll have a number of short breaks and one long one for dinner. Bring food and drink (to be consumed *outside* the lecture theatre of course).

Some weeks we might arrange to have the seminar earlier in the evening by swapping the seminar with an hour of lectures.

In this subject the purpose of lectures is to introduce you to the concepts covered, show where they fit in the overall scheme of things and provide motivating examples to help you understand them. They will not be comprehensive. You will need to do additional work outside of lecture time to master the subject.

Lecture notes on the web will only be in point form and will not contain any detail. They are there to provide a framework for your note taking. As they only provide a sketchy outline of the material we cover, they are not a replacement for attending lectures or for making your own notes. You will need to attend lectures and make your own detailed lecture notes to do this subject effectively.

I want those last points to be very clear. You will need to attend lectures, take notes, and do additional study in order to master this subject. You will NOT be able to skip lectures and print out the lecture slides during stuvac and be able to pass the subject.

Notes will be available via the subject wiki. You are free to add your own notes to the wiki to expand on interesting or cryptic points.

Sometimes I'll ammend the notes on the web *after* the lecture to clarify or elaborate on something that I feel wasn't expained well in the lecture. I'll usually do this via the wiki.

[back to top]

The assessable components of the subject for COMP3441 students are:

• 50 marks - Final exam
• 20 marks - Seminar
• 10 marks - Assignment
• 10 marks - Labs
• 10 marks - Tutorial = Attendance (5) + Presentation (5)

COMP9441 students are not required to attend tutorials or labs. Their tutorial and lab marks are taken to be the average mark of the other assessable componants.

However COMP9441 students may elect to attend tutorials and/or labs if they wish, contact Mei Cheng to arrange this. In such cases their tute and lab marks will be awarded the greater of the marks calculated on the COMP3441 basis and the marks calculated on the COMP9441 basis.

Where your non-exam marks are significantly higher than your exam mark, your non-exam marks will be reduced and you may be required to attend an interview to explain the difference.

Exam marks and final marks will be scaled to ensure that the subject Pass/Fail boundary and the Distinction/High Distinction boundary reflect a consistent standard from session to session.

[back to top]

Lectures will introduce you to the foundation content of this subject. The advanced content will be covered in weekly seminars (starting week 4).

Seminars are prepared and presented by groups of about ten students. Each student will be allocated to a seminar group in week 2.

The seminar group also produces supporting material for the seminar such as notes and web resources, and is responsible for producing the corresponding lab. The details about what each seminar group is required to do are given on the seminar information page.

The area covered by each seminar is listed on the subject schedule. Groups are expected to carefully research their area and give a clear and detailed explanation of it to the remainder of the class.

The seminar is to last 50 minutes, including some time at the end for questions and answers.

The seminar is assessed as groupswork and all group members are awarded the same mark. Seminars will be partly peer assessed.

[back to top]

The assignment is your chance to specialise in an area you are interested in.

We regard the assignment as an essential part of the subject. Any plagiarism in assignments will result in an automatic Fail for the whole subject. Read the plagiarism warning below for more detail.

The assignment is to produce a report on a topic following on from one of the seminars. You select which seminar and which of the topics you do.

An initial set of proposed topics will be provided at the end of of each seminar by that seminar group.

You can also suggest an additional assignment topic for a seminar if you don't like the assignment topics initially proposed. To do this use the appropriate forum after the corresponding seminar, and before the list of topics is finalised. Assignment topics become finalised about 24 hours after the seminar to which it relates. We may or may not include any of the suggested topics in the finalised list of topics entirely at our discretion.

The finalised list of assignment topics will be available via a link from the subject homepage.

Unless overridden by further details posted with a specific assignment topic the following submission criteria apply:

1. Two printed copies of the report are to be submitted at the school office by 4pm on the Friday 10 days after the seminar to which it relates. Attach the ID page containing your name to the rear of the report so the marker cannot see your name when they start marking. An electronic copy of the assignment is to be submitted via give by 5pm on the same day.
2. Postal submission of the printed copies is also accepted provided the assignment is Express-Posted on Friday, and the give submission is on time.
3. A late penalty of a 15% per day reduction to the maximum possible mark applies for the first two days. If the school office is not open at the time of your late submission the late penalty is determined by the time of the give submission provided that the printed report is then submitted by hand within 60 minutes of the next time the office opens or it arrives in the next postal delivery. Submissions after this time will be awarded zero marks. No extensions will be given.
4. No proprietry formats (word, pdf, flash, etc). Reports to be in html only with no browser specific tags.
5. Embedded javascript and applets are ok if they serve a genuine purpose. All source code must be provided.
6. You may include source files, logs, output captures, statistics, helpful graphics, and anything else you wish which makes your report clearer.
7. You should include a bibliography, and explicitly reference any material which is not original.
8. Source code must be well documented and have good style. Code must be easy to read and understand. Unclear code will lose marks.
9. All inline objects (graphics etc) must be submitted with the report. Reports must be able to be viewed and marked offline, so do not include remotely referenced images etc from elsewhere on the web.
10. All needed file(s) to be zipped into a single archive called Report.zip. When marked this will be placed in a new directory and unzipped. Make sure the URLs for locally accessed files all use relative references. Include the supplied stub files "report.html" and ID.html with all your details (name, student id etc) completed. report.hmtl is the file the marker looks at to access your report - any submitted files which can't be reached from this file won't ever be seen by the marker, or marked.
11. You must not identify yourself other than by student number in your report (except as required in ID.html). If you wish to include your name in the header of any submitted source code encode it first with Rot-13.
12. Markers are instructed to spend exactly one hour marking each report. After one hour they must stop marking and move onto the next report. So it is in your interest to make the report very clear and easy to read, and easy to understand in its entirety within an hour. If your report is too long to digest in this time you will obviously miss out on marks.

Aim your report at fellow students - that is, at an intellegent reader who has attended the 3441 lectures and seminars but has no further specialist knowledge in your topic.

You may submit assigments late but the maximum available mark is reduced by 15% if it is one day late, and by 30% if it is 2 days late. Assignments that are more than 2 days late will be awarded zero marks. So if your assignment is worth 75% and you submit it one day late you still get 75%, but if you submit it two days late you get 70%.

You may select your topic from any seminar other than your own seminar. However we will not be able to mark a large number of reports at the very end of session. If there are too many students who haven't yet submitted an assignment at any stage after the midsession break we will randomly allocate all remaining students to one of the remaining weeks. So there is a chance you might lose your ability to choose your report topic if you leave it until after the midession break.

We will not be able to return assignments submitted in the final week of session. You will still be able to see the mark awarded however. We strongly suggest you choose an early assignment if you are unsure about your ability to perform well in the subject. This will allow you to get feedback on your progress before the university deadline for withdrawing.

By now you should know that computing assignments can take much longer to complete than you at first estimate, so make sure you start it promptly and allow plenty of time.

It is in your best interests to make regular backup copies of your work and (because of machine loads on deadline days, for example) to complete assignments well before their deadlines.

[back to top]

There are seven sets of practical lab exercises, one for each of the lab-based seminars. There are marked in the week after the seminar one-on-one with a marker in a cse lab. Email submission is not accepted.

In the first lecture we'll tell you how to book the timeslot to have your labs marked. If you are late or do not attend the booked timeslot you will get 0 for that lab.

Labs are worth 1.5 marks each. The total lab mark is truncated at a maximum of 10 marks.

[back to top]

All 3441 students attend a weekly tutorial. 9441 students do not expected to attend tutorials - however they may contact Mei Cheng and arrange to do so if they wish.

Tutorials start Thursday Week 1. Book your tutorial time online using NSS. Check times shortly before the subject starts even if you selected a time at the start of the year since available times may have subsequently changed.

There are 5 marks for tutorial attendance and 5 marks for a presentation. You must attend 10 tutorials to get 5/5 for attendance.

Tutorial presentations are explained on the tutorial presentation information page. Your tutor will allocate you a presentation partner and presentation day in the first tutorial. Presentations are assessed on a pass/fail basis.

[back to top]

All work submitted for assessment must be entirely your own work. We regard unacknowledged copying of material, in whole or part, as an extremely serious offence.

In this subject submission of any work derived from another person, or soley or jointly written by and or with someone else, without clear and explicit acknowledgement, will at the very least result in automatic failure for the subject and a mark of zero for the subject. Note this includes including unreferenced work from books, the internet, etc.

Do not provide or show your assignment work to any other person. Allowing another student to copy from you will, at the very least, result in zero for your assignment. If you knowingly provide or show your assignment work to another person for any reason, and work derived from it is submitted for the same assignment you will be penalized, even if the work was submitted without your knowledge or consent. This will apply even if your work is submitted by a third party unknown to you. You should keep your work private until submissions have closed.

If you are unsure about whether certain activities would constitute plagiarism ask us before engaging in them.

Copying without consent, severe, or second offences will result in automatic failure, exclusion from the university, and possibly other academic discipline.

These are no idle threats, we search the internet and use plagiarism detection software and a range of search engines to hunt for non-original work.

See also the 2004 Unix Primer and the Yellow Form and the faculty and university plagiarism policies for additional information. If the penalties set out on this page, the Unix Primer, the Yellow Form, the school, faculty, or university plagiarism policies differ for any situation, the more severe penalty applies.

Note that we have experienced cases of plagiarism where the code has been copied from printouts or floppy disks/CDs/USB sticks that have been lost in the lab or stolen from the computer or printer. Generally, it is your responsibility to prevent other students from accessing your files, but if you loose a printout or floppy disk/CD/USB stick, email Mei Cheng immediately.

[back to top]

In this subject assignments are marked anonymously. You must not identify yourself other than by student number in your report (except in the ID page).

The marker will not see at the ID page until after marks have been awarded.

Subjectively assessed work is awarded grades as follows:

Grade	Awarded for work which is...	worth (/10)
AF	Not seriously attempted	0
F	Unsatisfactory but non trivial	2.5
PC	Borderline	5
P	A clear pass	6
C	Satisfactory with one or two outstanding elements	7.5
D	Satisfactory with several outstanding elements	9
HD	Outstanding in all respects	10

[back to top]

Copyright of any material you submit will belong to us. Submitting means you accept this condition. We give you a non exclusive licence granting you in every way possible the rights you had before submitting the material.

One of the reasons we require this is so we can share your work with students in this and future sessions. We may also use it to demonstrate poor style and/or common mistakes.

We usually try to keep student material anonymous unless we are praising it. However if you would like to be identified as the author of a work even if we are not praising it, then include the following line as a comment at the start of the file:

   Please identify me as the author whenever referring to this.

We may distribute and share the assignment, seminar, and presentation material you submit, including the seminar video. All copyright and intellectual property arising from this belongs to us.

Submitting material includes submission via give, posting material on the subject forum or wiki, sending email to the teaching staff or subject account, etc.

Cameras are not permitted in the theatre. Video recordings of lectures are not permitted to be made. Sound recordings are not permitted to be made without express written permission from the subject administrator and in all cases must must only be for single personal use and not distributed or made publically available.

[back to top]

The final examination in this subject will be held during the November examination period; it may examine any material covered in lectures, seminars, assignments, tutorial exercises, lab exercises, and any reading you have been given.

Supplementary examinations will be held soon after the results have been released. If you think that you may be eligible for a Supplementary Examination, make sure you are available around that time. Be careful not to plan any overseas travel at that time. If you can't attend the sup exam you will not be offered a second chance.

It is your responsibility to check your email, the CSE website, and to contact the CSE school office for details of Supplementary Examinations. If you think there is any chance you might be eligible for a Supplementary Exam then you should prepare for it. Requests such as "I didn't find out until the day before the sup exam that I could sit the sup exam, so I need more time to study" or "I have to go overseas at that time and i have already purchased the tickets" will not be granted.

[back to top]

Students whose exam performance is affected by serious and un-foreseeable events outside their control can apply at the student centre for special consideration. Special considerations will only be given when each and every other component of the course (eg assignments, tutes, labs, presentation, seminar) has been attempted and satisfactorily completed.

[back to top]

You can inspect the current state of your mark record by using the command

classrun -sturec

All marks must be finalised by the end of week 15. If you think there is a problem with any of your marks (tutorial attendance, labs, seminar, presentation, assignments) then you need to advise us by emailing cs3441@cse.unsw.edu.au within two weeks of the mark being released, and, in all cases before the end of week 15. No marks will be changed after the end of week 15.

[back to top]

The university has a number of rules and policies which affect you (see the university calandar and the university home page), additionally the school of CSE has a number of rules and policies (eg see the "Yellow form"), and this subject has a number of rules and policies (see this page). Where there is a conflict between these sets of rules and policies the most strict shall apply. Where there is ambiguity in the interpretation of any rule of policy the most strict interpretation shall apply. If you are in any doubt as to the meaning, interpretation, or effect of any rule or policy please ask the subject administrator or the lecturer in charge. Some of the policies which apply to you can be accessed from the subject home page. Be aware that this list may not be definitive or up-to-date.

[back to top]

This subject has a "Good Faith Policy". This means we expect you to act in good faith at all times. We expect you to be a good citizen. To not invade alter or damage the property of others including the university, invade the privacy of others, break any laws or regulations, annoy other people, deprive other of access to resources, breach or weaken the security of any system, or do or omit to do anything else which you know or suspect we would not be happy about. Furthermore you are not to do anything which appears OK by a loophole or a strict interpretation of "the letter of the law" but which is not consistent with the spirit. You must not act in any way so as to bring disrepute to the reputation of the teachng staff, fellow students, the subject, the school, the university, or the profession.

For example you must restrict all hacking activities such as sniffing or hacking to the black and white labs, and you must not attempt to interfere with the lab or setup of any other seminar group.

If you are unsure, ask!

If, in our sole descretion, we feel you have violated the Good Faith Policy you will be awarded 0 Fail for the subject. Further penalties may apply also depending on the nature and severity of the violation. Students who have violated the Good Faith Policy will not be permitted to re-enroll in future offerings of the subject.

Students who are or have been found guilty of academic or computer related misconduct or any other activity which casts doubt on their ability or willingness to comply with the Good Faith Policy will be disenrolled and not permitted to re-enroll in future offerings of the subject.

[back to top]

See the list and comments on the subject readings page

We'll discuss textbooks and recommended reading in the first lecture and I'll bring copies of some books from the list in for you to browse.

All the books on the list would be a sensible addition to your professional library. They are the primary sources I have used in setting this subject.

No single book covers the entire subject well. You will need to refer to some of the other books in this list to fill any gaps in the textbook(s) you have purchased. Many are available in the UNSW Library. If you have already missed the GST discount deadline I suggest you hold back a while to find out which topics you enjoy, and which you need help with.

[back to top]

text version produced by one of the following:
  links -dump info.html > info-[ver].txt
  html2text -nobs -width 70 -style pretty info-[ver].html > info.txt

[back to top]