ECE 471

Fundamentals of Information and Network Security

Usually offered: Spring

Required course: No

Course Level

Undergraduate

Units

3

Instructor(s)

Ming Li, Associate Professor

Prerequisite(s)

ECE 201 and ECE 310.

Course Texts

Required:

  • Cryptography and Network Security: Principles and Practice, 7th Edition, W. Stallings, Pearson, 2016. (can get the digital version via UA bookstore’s Inclusive Access program: shop.arizona.edu/textbooks/Inclusive.asp)

Recommended (and reference):

  • Cryptography: Theory and Practice, Douglas Stinson, 4th Edition, Prentice Hall, 2005.b(more suitable for graduate students)
  • Network Security (private communication in a public world), C. Kaufman, R. Perlman, M. Speciner, Prentice Hall, 2002. (more suitable for undergraduate students)
  • Introduction to modern cryptography, 2nd Edition, Chapman and Hall, Jonathan Katz, Yehuda Lindell, 2014. (more suitable for graduate students)
  • Computer & Internet Security: A Hands-on Approach, Second Edition, May 2019, by Wenliang (Kevin) Du, ISBN: 978-1733003926 (hardcover) and 978-1733003933 (paperback).

Schedule

Three 50-minute lectures per week, MWF 11:00 AM - 11:50 AM.

Course Description

Specific Course Information:
2021-2022 Catalog Data:  Shannon's approach to cryptography. Symmetric key cryptography, cryptographic hash functions, and public key cryptosystems. Authentication, key management and key distribution. Wireless and network security.

Learning Outcomes

Specific Goals for the Course:
Outcomes of Instruction: By the end of this course the student will be able to:

  1. Identify the basic notions of information and network security.
  2. Grasp the basic concept and approaches of cryptanalysis.
  3. Describe and apply a) cryptographic primitives for achieving confidentiality in both private key and public key settings and b) cryptographic mechanisms for achieving info. integrity.
  4. Evaluate the security/computation/communication tradeoffs between a public key and private key cryptography.
  5. Describe methods and cryptographic primitives for achieving user authentication.
  6. Apply private key or public key cryptographic primitives for building mutual authentication protocols, and be able to identify and avoid common pitfalls in protocol design.
  7. Outline key agreement and key distribution protocols and analyze their overhead.
  8. Explain the application of cryptographic primitives and protocols in the context of wireless and network security.

Course Topics

Brief list of topics to be covered:

Introduction to Information Security (~1 week)

  • Information security objectives; Schematic of a secure communication system
  • Formal definition of a cryptosystem and adversary models

Classical Encryption Techniques (~1.5 weeks)

  • Number theory basics; Early cryptosystems: substitution and transposition
  • Cryptanalysis of early cryptosystems

Measures of Security and Ideal Cryptosystems (~1 week)

  • Measures of security; Perfect secrecy, Entropy and secrecy Ideal cryptosystems & one-time pad

Symmetric Key Cryptography (~2 weeks)

  • The notions of symmetric key cryptography, and computational security
  • Block cipher, product cipher, and substitution-permutation networks
  • The Data Encryption Standard (DES); The Advanced Encryption Standard (AES)
  • Modes of operation; Pseudorandom numbers and stream ciphers

Public Key Cryptography (~1.5 weeks)

  • Principles of Public-key Cryptography (PKC); More number theory basics; Common public key cryptosystems: RSA; Diffie-Hellman key exchange and ElGamal

Message Integrity and Authentication (~1.5 weeks)

  • Hash functions and security properties and examples: MD series, and Secure Hash Algorithm (SHA); Message Authentication Codes (MAC), HMAC; More hash applications, including commitment protocols; Digital signatures schemes: RSA, ElGamal, Schnorr, and DSA

Key Management and Distribution (~1 week)

  • Symmetric key distribution schemes, Key Distribution Centers (KDC), session keys
  • Public key distribution and Certificate Authorities (CA)Public Key Infrastructure (PKI)

User Authentication (~1.5 weeks)

  • User authentication principles, Password authentication protocols
  • Challenge-response protocols and common pitfalls, Kerberos

Network Security (~2 weeks): TCP/IP Threats; IP security: the IPSec protocol; Transport-level security: SSL and TLS protocols; Electronic mail security, S/MIME, PGP

System Security (~1 week): Malware, Worms, DDoS attacks, SBGP; Firewalls and Virtual Private Networks (VPNs) Intrusion detection

Relationship to Student Outcomes

ECE 462 contributes directly to the following specific electrical and computer engineering student outcomes of the ECE department:

1 An ability to identify, formulate, and solve complex engineering problems by applying principles of engineering, science, and mathematics.
4. An ability to recognize ethical and professional responsibilities in engineering situations and make informed judgments, which must consider the impact of engineering solutions in global, economic, environmental, and societal contexts.
5. An ability to function effectively on a team whose members together provide leadership, create a collaborative and inclusive environment, establish goals, plan tasks, and meet objectives.
6. An ability to develop and conduct appropriate experimentation, analyze and interpret data, and use engineering judgment to draw conclusions.
7. An ability to acquire and apply new knowledge as needed, using appropriate learning strategies.

Syllabus Prepared By

Syllabus updated on 3/29/2022

Contact Undergraduate Advisor: undergradadvisor@ece.arizona.edu

Contact Us
Contact Us
Loading...