Introduces students to security services and cryptographic protocols used for information and system security, in areas such as wireless networks, e-commerce and the Internet. Provides an understanding of security protocol design techniques and formal methods for evaluation of the reliability of security protocols.

[Wireless Standards and Technologies] IEEE 802.11, WEP, Bluetooth, BlackBerry [Review Internet security] IPSec, SSL. [Role of security services in countering network attacks] confidentiality, data origin authentication, entity authentication, data-integrity, non-repudiation, access control, availability. [Cryptographic components] Review of the cryptographic components required in security protocols such as: ciphers & keys, hashing functions, random number generators, message authentication codes and digital signatures. [Public key infrastructures] X.509, SDSI, TLS. [Protocols] Key management, peer-to-peer distribution protocols, group distribution and identification protocols. Modern cryptographic protocols for: wireless communications (mobile, radio-link, secure mobile ad-hoc networks), e-commerce (e-payment, non-repudiation), Certified e-mail, E-voting. [Smart cards and protocols] for ATMs, passport identification and digital cash. [Security protocol design] Study of protocol design techniques [Use of formal methods] for evaluation of correctness of security of protocols.

Understand the operation of protocols in communication systems and security services Explain the use of security services in countering network attacks Identify suitable security protocols for services such as key distribution, authentication and non-repudiation Able to design custom security protocols to satisfy given security goals Apply formal methods to evaluate the correctness of security protocols Explain the differences between formal analysis tools based on modal logics and model checking

None

None

Lectures/Labs