##
Prof. P. Honeyman

MF 9-10:30 (Section 7: Lecture)

W 9-10 (Section 8: Discussion)

1005 Dow

This course introduces the principles and practices of cryptography,
network security, and secure software.

The first half of the lecture content covers basic cryptographic
methods, key distribution, and protocols for authenticated and
confidential communications. Topics include block and stream
ciphers, transposition, substitution, Feistel networks, DES, 3DES,
IDEA, Blowfish, CAST-128, Rijndael, feedback and chaining modes,
confidentiality, traffic analysis, key distribution, random number
generation, public key cryptography, RSA, public key certificates,
key distribution, Needham-Schroeder protocol, Diffie-Hellman key
exchange, one-way hash functions, message authentication codes,
weak and strong collision resistance, birthday attack, MD4, MD5,
SHA-1, HMAC, digital signatures, mutual authentication, and replay
attacks.

The latter half of the lecture content addresses the practice of
network security. Topics include Kerberos, PGP, public key
infrastructures, SSL, and IP security.

The discussion sections focus on secure software. Topics include
risk management, open source vs. closed source, software auditing,
buffer overflow, and race conditions.

This course is intended for advanced undergraduate or first-year
graduate students. There will be weekly homework assignments,
occasional programming assignments, and a midterm and final exams.

## Required textbooks (available at online bookstores)

*Cryptography and Network Security: Principles and Practice, Third Edition*
William Stallings

ISBN 0130914290

Please take care to purchase the Third Edition.

*Building Secure Software: How to Avoid Security Problems the Right Way*
John Viega and Gary McGraw

ISBN 020172152X

## Supplementary textbooks (on reserve and available at online bookstores)

*Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition*
Bruce Schneier

ISBN 0471117099

*Cryptography: Theory and Practice, Second Edition*
Douglas Stinson

ISBN 1584882069

*Handbook of Applied Cryptography*
Alfred J. Menezes, Paul C. Van Oorschot, Scott A. Vanstone (Editor)

ISBN 0849385237 (free download available online)

*Network Security: Private Communication in a Public World, Second Edition*
Charlie Kaufman, Radia Perlman, Mike Speciner

ISBN 0130460192