CS W4180: Network Security

Fall 2001 (pre-taped Fall 2000)

Note: This course is intended for off-campus CVN students only. On-campus students should take the Fall 2001 edition of CS4180.

Course Abstract

Prerequisites: COMS W3139 (Data Structures) and COMS W4119 (Computer Networks) or equivalent (e.g., an OS course covering computer networks). Fluency in C and/or Java. Introduction to cryptography and its application to network and operating system security: security threats; applications of cryptography; secret key and public key cryptographic algorithms; hash functions; basic number theory; authentication; security for electronic mail and network scripting languages.

Course Benefits

Professor Schulzrinne

Applicable Degree Programs

Most courses 4000-level can be credited to all degree programs. All courses are subject to advisor approval.
Lecturer/Manager Professor Henning Schulzrinne
Class location: pre-taped Fall 2000
Office hours: Thursday, 5-7 pm
Office phone: +1 212 939 7042
CVN exam room phone: +1 (212) 854-8894
Email address: hgs@cs.columbia.edu
Mailing list: cs4180@cs.columbia.edu, subscribe, archive (similar to web board)
Web pages: main,
Teaching assistants: Sankaran Narayanan <sankaran@ober.cs.columbia.edu>
Teaching assistant office hours: by arrangement
Rules: The standard rules apply.
Day and time: pre-taped.
Credits for course: 3
Prerequisites: The course requires a background in computer networks (e.g., CS4118 or preferably CS4119) and programming experience (CS 3139 (Data Structures) or equivalent; C, C++ or Java; Unix/NT).
Description: Instead of relying exclusively on physical security and separate networks, more and more applications are moving to shared networks like the Internet. These applications include the electronic banking and commerce, virtual private networks and the transfer of sensitive medical or personnel data. A combination of security measures, including cryptography and firewalls, need to be integrated into network architecture, protocols and implementations to offer reasonable assurance as to privacy and user identity. The course will provide the necessary foundations for network security, including encryption techniques, design of secure systems and protocols as well as enhancements for existing protocols like electronic mail, WWW and the Internet protocol. While the majority of the material will be drawn from the text, additional topical areas such as electronic cash, the WWW security protocol SSL and Java security issues will be covered.
Required text(s): Charlie Kaufman, Radia Perlman and Mike Speciner, Network Security - Private Communication in a Public World, Prentice Hall, Englewood Cliffs, New Jersey, 1995. ISBN 0-13-061466-1

This book and the books below are available from most Internet book merchants. Links on the ISBN number lead to Amazon. You can find the best price from sites such as bestedeal.com, mysimon.com or smartshopper.com.

Reference text(s), not required: Bruce Schneier, Applied Cryptography (2nd ed.), John Wiley, 1996. ISBN 0-471-11709-9.

James F. Kurose and Keith W. Ross, Computer Networking: A Top-Down Approach Featuring the Internet, Addison Wesley, 2000. ISBN 0-471-11709-9.

Stephen Thomas, SSL and TLS Essentials, John Wiley, 2000. ISBN 0-471-38354-6

Naganand Doraswamy and Dan Harkins, IPSec - The New Security Standard for the Internet, Intranets and Virtual Private Networks, Prentice Hall, 1999. ISBN 0-13-011898-2

William R. Cheswick and Steven M. Bellovin, Firewalls and Internet Security, Addison Wesley, 1994. ISBN 0-201-63357-4

Also, class notes, copies of slides and reference documents will be available on Columbia machines at http://www.cs.columbia.edu/~hgs/teaching/security/slides. There is also a general list of Internet resources, including network security.

Assignments: About 5 Homework assignments, each including questions and small programming problems. (Some assignments may be split into a written and programming part.)

Students are expected to complete several mid-sized programming projects during the course of the semester as part of the assignment.

Programming projects include:

  • Network client/server
  • implementation of parts of DES
  • implementation of public key cryptography
  • secure login
Midterm exam: 90 min. during class hours, closed book
Final exam: Two hours, closed book
Grading: Assignments 30%, midterm 30%, final 35%, class participation 5%
Computer hardware and software requirements: Computer Science CLIC computer account (not ACIS). Access to a Linux or Solaris machine is assumed, either on-campus/local or via dial-in. Programming projects can be done in C, C++ or Java. Familiarity with basic system Unix programming concepts is assumed.
Homework submission: For off-campus students and programming assignments, by electronic mail to the teaching assistant. On-campus students submit written assignments to the TA on paper at beginning of class.

Course Outline

Schedule subject to change.
Original date # Summer date Topics/chapters covered Assigned Due
Tu, Sept. 5, 2000 1 Tu, Sept 11, 2001 Course mechanics; Introduction: issues of network security (ch. 1)    
Th, Sept. 7, 2000 2 Th, Sept. 14, 2001 Review of networks (ch. 1); denial of service attacks 1  
We, Sept. 13, 2000 3 Tu, Sept. 18, 2001 Review of networks (ch. 1); firewalls    
Th, Sept. 14, 2000 4 Th, Sept. 20, 2001 orange book; patent issues; introduction to cryptography (ch. 2)    
Tu, Sept. 19, 2000 5 Tu, Sept. 25, 2001 Secret key cryptography (ch. 3) 2  
Th, Sept. 21, 2000 6 Th, Sept. 27, 2001   1
Tu, Sept. 26, 2000 7 Tu, Oct. 2, 2001 Cryptography   2
Th, Sept. 28, 2000 8 Th, Oct. 4, 2001 Secret key cryptography (ch. 3); DES    
Tu, Oct. 3, 2000 9 Tu, Oct. 9, 2001 Secret key cryptography (ch. 3); IDEA; CBC/OFB 3  
Th, Oct. 5, 2000 10 Th, Oct. 11, 2001 Hashes and message digests (ch. 4)    
Tu, Oct. 10, 2000 11 Tu, Oct. 16, 2001 MD2/4/5; public key algorithms (ch. 5)    
Mo, Oct. 16, 2000, 5.40 - 6.35 pm, Room 1127, 12 Th, Oct. 18, 2001 public key algorithms (RSA, prime number generation)    
Tu, Oct. 17, 2000 13 Tu, Oct. 23, 2001 Number theory (ch. 6)   3
Th, Oct. 19, 2000 (14) Th, Oct. 25, 2001 Midterm (during class time, closed book, closed notes)    
Tu, Oct. 24, 2000 15 Tu, Oct. 30, 2001 Authentication systems (ch. 7)    
Th, Oct. 26, 2000 16 Tu, Nov. 1, 2001 Authentication systems 4  
Tu, Oct. 31, 2000 17 Th, Nov. 6, 2001 Intrusion detection    
Th, Nov. 2, 2000 18 Th, Nov. 8, 2001 Authentication of People    
Tu, Nov. 9, 2000 19 Tu, Nov. 13, 2001 Security handshake pitfalls (ch. 9) 5 4
Tu, Nov. 14, 2000 20 Th, Nov. 15, 2001 Security handshake pitfalls (ch. 9)    
Th, Nov. 16, 200 21 Tu, Nov. 20, 2001 Kerberos V4 (ch. 10)    
Tu, Nov. 21, 2000 22 Th, Nov. 22, 2001 Kerberos 4, 5 (ch. 11)   5
Tu, Nov. 28, 2000 23 Tu, Nov. 27, 2001 Kerberos 5, operating system vulnerabilities 6  
Th, Nov. 30, 2000 24 Th, Nov. 29, 2001 Operating system vulnerabilities; IP security    
Tu, Dec. 5, 2000 25 Tu, Dec. 4, 2001 Email security; PGP (Pretty Good Privacy) (ch. 14), OpenPGP    
Th, Dec. 7, 2000 26 Th, Dec. 6, 2001 Web security and SSL/TLS   6
Th, Dec. 21, 2000, 1.10 to 4 pm   Th, Dec. 11, 2001, 1.10 to 4 pm Final Exam    

Last updated by Henning Schulzrinne