Presentation is loading. Please wait.

Presentation is loading. Please wait.

Exam Review for First Half of C430 2 May 2007 5pm in Huxley 308 Michael Huth 2 May 2007 5pm in Huxley 308 Michael Huth.

Published byDwain Simpson Modified over 9 years ago

Similar presentations

Presentation on theme: "Exam Review for First Half of C430 2 May 2007 5pm in Huxley 308 Michael Huth 2 May 2007 5pm in Huxley 308 Michael Huth."— Presentation transcript:

1 Exam Review for First Half of C430 2 May 2007 5pm in Huxley 308 Michael Huth 2 May 2007 5pm in Huxley 308 Michael Huth

2 Administration 1.Statements made in this review apply only to the first half of C430; nothing should be inferred about the 2nd half of that course and its exam questions. 2.But Dr Lupu says that “everything is examinable”. 1.Statements made in this review apply only to the first half of C430; nothing should be inferred about the 2nd half of that course and its exam questions. 2.But Dr Lupu says that “everything is examinable”.

3 3.Each course half will have two exam questions. You will have to answer three out of these four questions. 4.Except for the links on my C430 web page for “optional material”, all course material is examinable, including BAN logic. 3.Each course half will have two exam questions. You will have to answer three out of these four questions. 4.Except for the links on my C430 web page for “optional material”, all course material is examinable, including BAN logic.

4 My Availability  I will be at an Identity Assurance Workshop at the DTI all day of tomorrow, 3 May 2007.  So I will be unable to see students or reply to email prior to the C430 exam.  I will be at an Identity Assurance Workshop at the DTI all day of tomorrow, 3 May 2007.  So I will be unable to see students or reply to email prior to the C430 exam.

5 Lecture 1 Introduction  Make sure you understand key terms (confidentiality, authentication, integrity, non- repudiation, availability, and access control) in the context of network security.  Make sure you can “map” these key terms onto components or data of a security protocol where applicable.  Make sure you understand key terms (confidentiality, authentication, integrity, non- repudiation, availability, and access control) in the context of network security.  Make sure you can “map” these key terms onto components or data of a security protocol where applicable.

6 Introduction cont’d  Recall the principle kinds of assets and corresponding threats in IT systems.  Be able to measure the risk of threats to a particular asset.  HINT: “The Internet Worm”; no need to retain technical details of how that attack worked.  Recall the principle kinds of assets and corresponding threats in IT systems.  Be able to measure the risk of threats to a particular asset.  HINT: “The Internet Worm”; no need to retain technical details of how that attack worked.

7 Lecture 2 Cryptography  Ability to motivate the use of cryptography. What can/can’t it do?  Thorough understanding of the one-time pad.  Basic understanding of symmetric vs. asymmetric (public) key-based crypto.  Ability to motivate the use of cryptography. What can/can’t it do?  Thorough understanding of the one-time pad.  Basic understanding of symmetric vs. asymmetric (public) key-based crypto.

8 Crypto Cont’d  Familiarity with different kinds of attacks of crypto algorithms.  HINT: No need to retain technical details of Quantum Crypto, Quantum Money or the Bennett & Brassard Protocol.  Familiarity with different kinds of attacks of crypto algorithms.  HINT: No need to retain technical details of Quantum Crypto, Quantum Money or the Bennett & Brassard Protocol.

9 Lecture 3 Symmetric Key Cryptography  Mostly concerned with DES and AES.

10 DES  Good appreciation of its structure.  Ability to describe a round of DES encryption (decryption).  Ability to locate confusion, diffusion, and non-linearity in DES.  Ability to explain one non-basic mode of operation.  Familiarity with DES security.  Good appreciation of its structure.  Ability to describe a round of DES encryption (decryption).  Ability to locate confusion, diffusion, and non-linearity in DES.  Ability to explain one non-basic mode of operation.  Familiarity with DES security.

11 AES  Ability to explain the structure of AES.  Ability to explain how AES relies on algebraic operations over GF(2^8) and over 32-bit words.  HINT: last year’s C430 exam question on DES/AES won’t be revamped and reused as such.  Ability to explain the structure of AES.  Ability to explain how AES relies on algebraic operations over GF(2^8) and over 32-bit words.  HINT: last year’s C430 exam question on DES/AES won’t be revamped and reused as such.

12 Lecture 4 Public Key Crypto  Detailed knowledge of Diffie- Hellman key exchange protocol.  Detailed knowledge of RSA parameter generation, encryption, and decryption operations.  Understand implicit or explicit assumptions for RSA’s security.  Detailed knowledge of Diffie- Hellman key exchange protocol.  Detailed knowledge of RSA parameter generation, encryption, and decryption operations.  Understand implicit or explicit assumptions for RSA’s security.

13 Public Crypto Cont’d  Ability to design (or recall) a digital signature scheme using RSA and some hash function.  Ability to explain the working and “correctness” of signature generation and verification for that scheme.  HINT: Chaffing & Winnowing, Merkle’s Puzzle, and Elliptic Curve Crypto: no need to appreciate technical details but ability to retain main idea or attraction of such approaches.  Ability to design (or recall) a digital signature scheme using RSA and some hash function.  Ability to explain the working and “correctness” of signature generation and verification for that scheme.  HINT: Chaffing & Winnowing, Merkle’s Puzzle, and Elliptic Curve Crypto: no need to appreciate technical details but ability to retain main idea or attraction of such approaches.

14 Lecture 5 Mutual Authentication  Ability to specify (or recall) at least one mutual authentication protocol, and to explain how it works (and why it may be correct or incorrect).  Ability to state and explain at least one successful attack on a mutual authentication protocol.  Ability to specify (or recall) at least one mutual authentication protocol, and to explain how it works (and why it may be correct or incorrect).  Ability to state and explain at least one successful attack on a mutual authentication protocol.

15 Mutual Authentication Cont’d  HINT: Think about security protocols in which k > 1 many agents need to supply shares of a secure key to be used for symmetric encryption of broadcasts to these k agents; where the encryption and decryption of such broadcast is based on the consent of all k agents.

16 Good luck!

Download ppt "Exam Review for First Half of C430 2 May 2007 5pm in Huxley 308 Michael Huth 2 May 2007 5pm in Huxley 308 Michael Huth."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Technical Presentation AIAC 2010-2011 Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital.

Technical Presentation AIAC Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital.
1 MSc EEM118 Research Dissertation CITE, UEL Cryptography and Network Security Dr David Xiao

1 MSc EEM118 Research Dissertation CITE, UEL Cryptography and Network Security Dr David Xiao
Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.

Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.
Course summary COS 433: Crptography -Spring 2010 Boaz Barak.

Course summary COS 433: Crptography -Spring 2010 Boaz Barak.
Conventional Encryption: Algorithms

Conventional Encryption: Algorithms
Copyright © 2005 David M. Wheeler, All Rights Reserved Desert Code Camp: Introduction to Cryptography David M. Wheeler May 6 th 2006 Phoenix, Arizona.

Copyright © 2005 David M. Wheeler, All Rights Reserved Desert Code Camp: Introduction to Cryptography David M. Wheeler May 6 th 2006 Phoenix, Arizona.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Chapter 11: Cryptography

Chapter 11: Cryptography
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.

Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
Cryptography Introduction Last Updated: Aug 20, 2013.

Cryptography Introduction Last Updated: Aug 20, 2013.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Similar presentations

Ads by Google