COMP 232, Cybersecurity
Details
Full syllabus for COMP232 (TBA)
Lecturer:
Alexei Lisitsa
Demonstrators:
Emmanouil Pitsikalis
Seyed Vahidreza Rohani
Lectures
Tuesdays,11:00-13:00
Practical Sessions
Group 1: Mon 13.00, GHOLT-LAB5 & Fri, 09.00, online
Group 2: Wed 11.00 online & Fri, 16.00, GHOLT-LAB2
Textbooks
Richard R. Brooks, Introduction to Computer and Network Security, Navigating Shades of Grey, CRC Press, 2014 (and later editions)
William Stallings, Network Security Essentials: Applications and Standards, Prentice Hall, 2000 (and later editions )
Useful and Interesting Links related to Cybersecurity
Get Safe Online. Free Expert Advice.
Cyber Security Challenge UK
Schneier on Security. A blog covering security and security technology.
A blog about cryptography and security by David Wong, the author of Real World Cryptography Book
Krebs on Security. A blog on in-depth security news and investigation.
Steptoe Cyberblog.
The cryptopals Crypto Challenges.
Additional Books
A. Menezes, P. van Oorschot, and S. Vanstone, Handbook of Applied Cryptography, CRC Pres, 1996
Applied Advanced Crypto
Accessible and Scalable Secure Multi-Party Computations
Lecture notes (slides) PDF
Introduction
Identification and Authentication
Additional reading
RFID repeater used to steal a car
Vulnerabilities in Biometric Systems
Elements of cryptography. Symmetric encryption
Elements of cryptography. Symmetric encryption, 2
Public Key Encryption
RSA algorithm
Diffie-Hellman key exchange
Message authentication and hash functions
Additional reading:
Cryptographic Hash Function
SHA-1 is a Shambles
Computing over Encrypted Data: homomorphic encryption and CryptDB
Quantum Cryptography and Computations
Additional links/reading:
IBM Q Experience (online platform for quantum computing
Quantum Access Network
D-Wave. The Quantum Computing Company
Steganography
Additional reading:
Embedding Covert Channels into TCP/IP, by Steven J. Murdoch and Stephen Lewis
Security Protocols and their Analysis
Techniques for Anonymity
Monitoring and intrusion detection
Techniques for intrusion detection
Firewalls
Malicious software. Attacks and countermeasures
Additional reading:
Chapters 7 and 9 of Richard R. Brooks, Introduction to Computer and Network Security, Navigating Shades of Grey, CRC Press, 2014
DeterLab Session:
SQL injection Exercise
Advanced crypto: zero-knowledge proofs and multi-party secure computations
Additional links/reading:
A curated list of multi party computation resources and links
Accessible and Scalable Secure Multi-Party Computations
Interactive zero knowledge 3-colorability demonstration
Zero Knowledge Proofs Primer
Zero Knowledge Proofs and Secure Multi Party Computations
Revision Notes
Practical sessions
Lab 1: Practical attacks on passwords
Lab 2: Symmetric Encryption in Java
Lab 3: How fast is DES encryption?
Labs 4-5 Message Authentication and Digital Signatures
Labs 6-7 Diffie-Hellman Key Exchange
Lab 8 HMAC-SHA256: Message Authentication
Labs 9-10 Work on assignment 2
Lab 11: Formal Verification of Security Protocols. Introduction to ProVerif
ProVerif: Cryptographic protocol verifier in the formal model
User Manual for ProVerif
Online Demo for ProVerif
Examples from ProVerif User Manual:
hello.pv
hello_ext.pv
ex_handshake.pv
Practical assignments
Assignment 1
(Deadline for submission is 1st of March 2023, Wednesday, 17.00)
Assignment 2
(Deadline for submission is 24th of March 2023, Friday, 17.00)
Programming with JCA
JCA/JCE Reference manual
DES encryption in Java with JCA
DES encryption in ECB mode
DES encryption in CBC mode with an inline IV
DES encryption in CBC mode; IV generated by Cipher object
Password-based encryption
Utility class implementing array of bytes to hex strings conversion
AES encryption in Java with JCA
Password-based encryption only with AES (128 bits key size only)
Password-based encryption and decryption with AES (128 bits key size only)
Utility class implementing array of bytes to hex strings conversion
RSA encryption and message digest computing with JCA
RSA encryption/decryption with random keys
Message Digest Example with SHA-1
Diffie-Hellman Key Exchange with JCA
Diffie-Hellman Key Exchange between Two parties
Diffie-Hellman Key Exchange between Three parties
Message Authentication
HMAC-SHA256 Message Authentication
Last updated 09.05.2023