Security Theory Module UG2 Information 2010 - 2011 Weeks 1 - 12

Security Theory Module UG2 Information Weeks 1 - 12

Module Notes

Week 1

Lecture notes: Security System Theory module introduction notes and bullet points

Tutorial notes: Use of Linux Virtual Machines and OpenSSL command.

Week 2

Lecture notes: Password based security systems

Tutorial notes: This week's lab exercise involves some Linux command lines which create keys and message digests suitable for creating a digital signature. Use of OpenSSL commands for key generation, secure signing and generating hash digests.

Week 3

lecture notes: Symmetric cryptography and block ciphers

Tutorial notes: Use of GPG (GNU Privacy Guard) to sign and encrypt messages securely between 2 parties.

Week 4

Lecture notes: Asymmetric Cryptography and Public Key Encryption Concepts.

Tutorial notes: Use of GPG (GNU Privacy Guard) to sign and encrypt messages securely involving trusted third parties in key verification.

Week 5

Lecture notes: Linux/Unix ownership, permissions and setuid.

Tutorial notes: Please complete the Unix security commands tutorial.

Week 6

Lecture notes: Entropy, random numbers and password generation.

Tutorial notes: Using a simple password hash cracking program.

Week 7

Lecture notes: Access control, ACLs, capabilities and SELinux.

Tutorial: Mandatory Access Control tutorial. Students may also prepare their coursework 1.1 answers during this session.

Week 8

Lecture notes: Public Key Infrastructure.

If time is available we may revisit the end of the symmetric cryptography presentation.

Tutorial: PKI and key revocation tutorial. Students may also prepare their coursework 1.1 answers during this session.

Week 9

Reading week. Use this week to catch up with any tutorial exercises you have missed and carry out further background reading based upon module guide recommending reading and the module website relevant to the assignment part 1 questions.

Week 10

Lecture to be provided by Stish Sarna. Indicative content: Prime numbers, factors and modular arithmetic.

Tutorial: We will be further discussing issues with the increasingly discredited HTTPS PKI based upon Certificate Authorities after watching Moxie Marlinspike's Convergence talk as presented at BlackHat USA 2011.

Week 11

Lecture to be provided by Stish Sarna. Indicative content: Modular Exponentiation and inverse ME.

Tutorial: Monday tutorial students are expected to prepare their coursework 1.1 answers during this session. Individual feedback will be provided on initial efforts. Thursday tutorial students will be provided advice and support concerning miniproject topics and selection.