Network Security

Goal of the Network Security course is threefold: 1) provide the students with a basic understanding of Internet security in terms of security threats and main protection or mitigation techniques and primitives; a review of basic cryptography and cryptographic protocols is part of the course as well; 2) provide an in-depth understanding of how network security protocols are designed, and why; primarily using TLS and IPsec as “running” examples to (on the positive side) motivate good design choices and (on the negative side) highlight design issues and vulnerabilities; the analysis and discussion of other network protocols (PPP authentication, 3G authentication, RADIUS and DIAMETER, WLAN security, etc) is also part of this goal; 3) Introduce the student to modern/advanced data protection and secure computation techniques, further highlighting their exploitation in network protocols and applications.

The 9 CFU-course is organized in the following main areas: 1) basic cryptography and network security: attacks, countermeasures, security services, basic cryptographic constructions (stream ciphers, block ciphers and modes, hash functions, Merkle-Damgard Construction, NMAC and HMAC, pseudo random functions, key management, public key algorithms, digital signatures, etc); 2) authentication and network protocol support: basics, PPP PAP and CHAP and relevant extensions, one time passwords, EAP, authentication in 3G, RADIUS and relevant vulnerabilities; DIAMETER, Public Key Infrastructure; 3) in-depth analysis of TLS and IPsec: basics, handshake, key management with RSA, anonymous/fixed/ephemeral Diffie-Hellman and integration in TLS; TLS record; MAC and encryption composition (and vulnerabilities);
attacks to TLS with CBC (BEAST); attacks to TLS messaging (padding oracle, side channel attacks); attacks to TLS compression (CRIME), attacks to TLS session integrity (truncation attack), attacks to TLS handshake (renegotiation attack); key derivation hierarchy and PRFs, KDFs; comparative analysis with IPsec, VPN with IPsec, IKE. 4) advanced cryptographic approaches: trivial secret sharing, Shamir’ secret sharing, commitments and verificable secret sharing (Feldman, Pedersen); Secure Multiparty Computation based on secret sharing; Pedersen’s distributed key generation; linear secret sharing and access control matrices; threshold cryptography; threshold signatures and issues with threshold RSA (why Shoup’s construction); basics of elliptic curve cryptography; ECDH; ECDSA; bilinear maps (pairing based cryptography) and example constructions (Joux 3-way DH, Boneh/Franklin Identity Based Encryption, brief hints to Attribute Based Encryption). 5) miscellaneous topics: TESLA, Merkel Trees and their applications, further topics may be optionally addressed in dedicated talks by invited experts, depending on the year (touching selected aspects of system security, intrusion detection and network protection, security certification, etc).

The 6 CFU-course is organized in the following main areas:
1) basic cryptography and network security: attacks, countermeasures, security services, basic cryptographic constructions (stream ciphers, block ciphers and modes, hash functions, Merkle-Damgard Construction, NMAC and HMAC, pseudo random functions, key management, public key algorithms, digital signatures, etc);
2) authentication and network protocol support: basics, PPP PAP and CHAP and relevant extensions, one time passwords, EAP, authentication in 3G, RADIUS and relevant vulnerabilities; DIAMETER, Public Key Infrastructure;
3) in-depth analysis of TLS and IPsec: basics, handshake, key management with RSA, anonymous/fixed/ephemeral Diffie-Hellman and integration in TLS; TLS record; MAC and encryption composition (and vulnerabilities); attacks to TLS with CBC (BEAST); attacks to TLS messaging (padding oracle, side channel attacks); attacks to TLS compression (CRIME), attacks to TLS session integrity (truncation attack), attacks to TLS handshake (renegotiation attack); key derivation hierarchy and PRFs, KDFs; comparative analysis with IPsec, VPN with IPsec, IKE.

Giuseppe Bianchi