SUNY at Buffalo  CSE565 Computer Security
Fall 2017 
 
Prof. Shambhu Upadhyaya 
 
 
CSE 565  

Home   
Course Description   
Instructor &TAs  
Lectures  
Handouts
Homeworks
Labs and Projects 
Student Database   

 
 

Handouts

Handouts

General:

  • Here is an opportunity for you to participate in a cyber security competition. This is the CSAW'17 being hosted by NYU/Poly.
  • Here is a new opportunity for you to participate in a cyber security competition. This is the NSA Code Breaker Challenge. When you enroll, be sure to use our university name correctly: State University of New York at Buffalo.
  • Pricing of digital certificates from Symantec which acquired Verisign in 2010.

Useful Handouts:

  • Material on Math Basics needed for Public Key Infrastructure lectures. Make a copy of it and go over the material.
  • A full DES example Worked Out.
  • Some notes on Finite Field Arithmetic needed for understanding AES. Make a copy of it and go over the material. More details can be found in Chapter 5 of the textbook. (There was an error in my notes that was recognized by a student. It has now been corrected with a thank-you to the student.)
  • Handout of the DSA Algorithm Sketch.
  • Handout on the Kerberos Simplified.
  • Handout on the Common Remote Authentication Protocols in Use.
  • Handout on the Birthday Paradox and Security of Cryptographic Hash Functions.
  • This material on IKE would be useful to understand the safe (authenticated) D-H Key exchange and the set up of SA in the context of IPSec. As described in this document, the full SA set up is a two-phase process. The first phase is the key exchange and the second step is the actual SA set up. In phase 1, authentication is done using pre-shared keys or Kerberos so that the D-H exchange is protected against MIM attack. The cookie exchange version of the protocol (discussed in class) achieves the same goals but uses a slightly different approach. Here, the cookies are used for mutual authentication (phase 1) using a challenge-response method. This protocol also uses a secret and in addition, initiator-responder unique information to generate the cookies. The actual protocol is quite involved and you are not required to know all the details for the purpose of this course.
  • Handout on Lattice Model . This is the foundation for OS Security models.

Homeworks and Projects:

  • Click here to view Homework 1. You can submit hand written or typed versions. But it must be a hardcopy submission in class.
    Warning: Some questions are repeated from previous year homeworks. But reproducing answers as is from previous year solution keys will constitute academic dishonesty and will be dealt with penalty. So, be cautious. The best approach and to stay out of trouble is to do the problems yourselves. Do not share your solution with anyone because homeworks must be done individually.
    I have uploaded some of the tables that will be useful for this homework. This way, you don't need to search for them in the Appendix of the book. DES IP and inverse IP tables. DES S-Boxes. DES Key Schedule tables.
  • Quiz 1 has been graded (by Zihao Shan). Collect your papers from any of the TAs. A solution sketch has been made available on UBlearns.
  • Click here to view Project 1.
    Click here to view Perl Code for Project 1.
  • Click here to view Homework 2. Solution sketch for HW #2 has been posted on UBlearns.
    Library for computations in GF(2^n). Courtesy: author J. Plank. You may find it useful for Homework 2.
  • Quiz 2 has been graded (by Weihao Qu). Collect your papers from any of the TAs. A solution sketch has been made available on UBlearns.
  • Click here to view Homework 3.
  • Click here to view Project 2.
  • Click here to view Needed files for Project 2.
  • Click here to view Homework 4.
  • Click here to view Homework 5.
  • Click here to view Project 3.
  • Click here to view Homework 6.

Last Updated: 11/24/17