Labs and Projects
Here is an opportunity for you to participate in a cyber security competition.
This is the CSAW'17 being hosted by NYU/Poly.
Here is a new opportunity for you to participate in a cyber security competition. This is the NSA Code Breaker Challenge. When you enroll, be sure to use our university name correctly: State University of New York at Buffalo.
Pricing of digital certificates from
Symantec which acquired Verisign in 2010.
Material on Math Basics needed
for Public Key Infrastructure lectures. Make a copy of it and go over the
A full DES example
Some notes on
Finite Field Arithmetic
needed for understanding AES. Make a copy of it and go over the
material. More details can be found in Chapter 5 of the textbook. (There was an error in my notes that was recognized by a student. It has now been corrected with a thank-you to the student.)
Handout of the DSA Algorithm Sketch.
Handout on the Kerberos
Handout on the Common
Remote Authentication Protocols in Use.
Handout on the Birthday Paradox and
Security of Cryptographic Hash Functions.
This material on
IKE would be useful to understand the safe (authenticated) D-H Key exchange and the set up
of SA in the context of IPSec. As described in this document, the full SA set up is a two-phase process.
The first phase is the key exchange and the second step is the actual SA set up. In phase 1, authentication is
done using pre-shared keys or Kerberos so that the D-H exchange is protected against MIM
attack. The cookie exchange version of the protocol (discussed in class) achieves the same goals but uses a slightly
different approach. Here, the cookies are used for mutual authentication (phase 1) using
a challenge-response method. This protocol also uses a secret and in addition, initiator-responder unique
information to generate the cookies. The actual protocol is quite involved and you are not
required to know all the details for the purpose of this course.
Handout on Lattice Model . This is the foundation for OS Security models.
Homeworks and Projects:
Click here to view Homework 1.
You can submit hand written or typed versions. But it must be a hardcopy submission in class.
Warning: Some questions are repeated from previous year homeworks. But reproducing answers as is from previous year solution keys will constitute academic dishonesty and will be dealt with penalty. So, be cautious. The best approach and
to stay out of trouble is to do the problems yourselves. Do not
share your solution with anyone because homeworks must be
I have uploaded some of the tables that will be useful for this
homework. This way, you don't need to search for them in the Appendix of
the book. DES IP
and inverse IP tables. DES
S-Boxes. DES Key
Quiz 1 has been graded (by Zihao Shan). Collect your papers from any of the TAs. A solution sketch has been made available on UBlearns.
Click here to view Project 1.
Click here to view Perl Code for
Click here to view Homework 2. Solution sketch for HW #2 has been posted on UBlearns.
Library for computations in GF(2^n). Courtesy: author J. Plank. You may find
it useful for Homework 2.
Quiz 2 has been graded (by Weihao Qu). Collect your papers from any of the TAs. A solution sketch has been made available on UBlearns.
Click here to view Homework 3.
Click here to view
Click here to view Needed files for Project
Click here to view Homework 4.
Click here to view Homework 5.
Click here to view
Click here to view Homework 6.
Last Updated: 11/24/17