Information and Network Security

A tantárgy neve magyarul / Name of the subject in Hungarian: Information and Network Security

Last updated: 2019. június 25.

Budapest University of Technology and Economics
Faculty of Electrical Engineering and Informatics

Electrical Engineering

Free Elective Subject
Course ID Semester Assessment Credit Tantárgyfélév
VITMAV52   4/0/0/f 4  
3. Course coordinator and department Dr. Fehér Gábor,
Web page of the course http://www.tmit.bme.hu/vitmav52
4. Instructors

Name:Profession:Institute:
Dr. Gábor Fehér, PhDAssociate professorBME-TMIT
László ZömbikResearch fellowBME-TMIT

5. Required knowledge none
6. Pre-requisites
Kötelező:
(Training.code=("5NAA7")
VAGY
Training.code=("5NAA8")
VAGY
Training.code=("5NAM7")
VAGY
Training.code=("5NAM8") )

ÉS

NEM ( TárgyEredmény( "BMEVIHIAV14" , "jegy" , _ ) >= 2
VAGY
TárgyEredmény("BMEVIHIAV14", "FELVETEL", AktualisFelev()) > 0)

A fenti forma a Neptun sajátja, ezen technikai okokból nem változtattunk.

A kötelező előtanulmányi rend az adott szak honlapján és képzési programjában található.

Ajánlott:
none
7. Objectives, learning outcomes and obtained knowledge The objective of the course is to provide theoretical and practical knowledge from today's information and network security topics. The course introduces the theory and practice of those equipment, methods and algorithms that support secure information sharing over computer networks.
8. Synopsis
Introduction
Objectives of the information and network security. Threats and attacks. History of cryptography and cryptanalysis. Monoalphabetic and polyalphabetic ciphers. Statistical tests in cryptanalysis: Index of coincidence method. Practice and examples.
Cryptography
Symmetric key encryption. Well known block ciphers: Data Encryption Standard (DES), 3DES, Advanced Encryption Standard (AES). Product cipher, Feistel cipher architecture, Substitution-permutation network. Meet in the middle attack. Block chaining. Modes of operation.
Stream ciphers. One Time Pad, the perfect cipher. Binary additive stream ciphers. Synchronous stream ciphers, asynchronous stream ciphers. Converting ciphers. Hardware realized ciphers. Linear Feedback Shift Register based ciphers. Software stream ciphers: RC4. Comparison of symmetric key ciphers.
Asymmetric key encryption, public key encryption. RSA algorithm and key generation. Enhancement on the RSA algorithm. Blinding. Digital Signature Algorithm (DSA). Signing and verification, Digital signature.
Hash functions. Cryptographic hashing. Size of the hash output. Iterative hash functions. Block cipher based hash functions. Well known hash functions: Message Digest 5 (MD5), Secure Hash Algorithm (SHA1). Keyed hash functions, HMAC.
Keymanagement
Keymanagement protocols. Basics: key agreement, -transport, -authentication, confirmation. Keymanagement protocol characteristics. Perfect Forward Secrecy. Key transport protocols: Point-to-point key update, Authenticated Key Exchange Protocol 2,  Shamir’s no key protocol, Wide Mouth Frog, Needham-Schroeder, Otway-Rees protocols. Using public key cryptography in key management. Diffie-Hellman key exchange (DH), multi user DH. Station-to-station protocol. Secret sharing.
Secure network communication
Attacks on network security. Layer 2 and Layer 3 network security. Attacks on routing. TCP session hijacking. Secure communication protocols: IPSec (AH, ESP), Transport Layer Security: TLS/SSL. Virtual Private Networks (VPN)
Firewalls, Intrusion Detection Systems
Network Address Translation (NAT). Firewall functions. Packet filters and Proxy firewalls. Examples for packet filter firewall configurations. Dynamic packet filtering. Firewall architectures. Demilitarized Zone (DMZ). Firewall’s future. Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). Rule based and anomaly based detection. Network IDS and Host IDS. Honeypots.
Vulnerability analysis
Security of Wireless Networks
WiFi networks. WiFi protection: Wired Equivalent Privacy (WEP), WiFi Protected Access (WPA) and IEEE 802.11i protocols. WPA Temporal Key Integrity Protocol (TKIP) and Counter Mode CBC-MAC Protocol. IEEE 802.1X. Extensible Authentication Protocol (EAP).


9. Method of instruction 4 lectures and practice per week. Practice during the theoretical class.
10. Assessment
In the class period there are two in-class tests (ZH) around the 7th and 13th weeks.
Both in-class tests should be scored above 40%. The final grade score is based on the average of the two test scores. 
11. Recaps In the delayed completion period there is a possibility to rewrite the in-class tests (ZH) once.
12. Consultations Consultation with the lecturers of the subject is possible at pre-arranged time.
13. References, textbooks and resources
Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, “Handbook of Applied Cryptography”, CRC Press, ISBN: 0-8493-8523-7
Bruce Schneier, Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C, John Wiley & Sons, Inc., ISBN: 0471128457

14. Required learning hours and assignment
Kontakt óra56
Preparation for lessons28
Preparation for tests36
Homework0
Learning of prepared matters0
Preparation for exam0
Total120
15. Syllabus prepared by
Name:Profession:Institute:
Dr. Gábor Fehér, PhDAssociate professorBME-TMIT