Budapest University of Technology and Economics, Faculty of Electrical Engineering and Informatics

    Belépés
    címtáras azonosítással
    vissza a tantárgylistához   nyomtatható verzió    

    Information and Network Security

    A tantárgy neve magyarul / Name of the subject in Hungarian: Information and Network Security

    Last updated: 2019. június 25.

    Budapest University of Technology and Economics
    Faculty of Electrical Engineering and Informatics

    Electrical Engineering

    Free Elective Subject
    Course ID Semester Assessment Credit Tantárgyfélév
    VITMAV52   4/0/0/f 4  
    3. Course coordinator and department Dr. Fehér Gábor,
    Web page of the course http://www.tmit.bme.hu/vitmav52
    4. Instructors

    Name:Profession:Institute:
    Dr. Gábor Fehér, PhDAssociate professorBME-TMIT
    László ZömbikResearch fellowBME-TMIT

    5. Required knowledge none
    6. Pre-requisites
    Kötelező:
    (Training.code=("5NAA7")
    VAGY
    Training.code=("5NAA8")
    VAGY
    Training.code=("5NAM7")
    VAGY
    Training.code=("5NAM8") )

    ÉS

    NEM ( TárgyEredmény( "BMEVIHIAV14" , "jegy" , _ ) >= 2
    VAGY
    TárgyEredmény("BMEVIHIAV14", "FELVETEL", AktualisFelev()) > 0)

    A fenti forma a Neptun sajátja, ezen technikai okokból nem változtattunk.

    A kötelező előtanulmányi rend az adott szak honlapján és képzési programjában található.

    Ajánlott:
    none
    7. Objectives, learning outcomes and obtained knowledge The objective of the course is to provide theoretical and practical knowledge from today's information and network security topics. The course introduces the theory and practice of those equipment, methods and algorithms that support secure information sharing over computer networks.
    8. Synopsis
    Introduction
    Objectives of the information and network security. Threats and attacks. History of cryptography and cryptanalysis. Monoalphabetic and polyalphabetic ciphers. Statistical tests in cryptanalysis: Index of coincidence method. Practice and examples.
    Cryptography
    Symmetric key encryption. Well known block ciphers: Data Encryption Standard (DES), 3DES, Advanced Encryption Standard (AES). Product cipher, Feistel cipher architecture, Substitution-permutation network. Meet in the middle attack. Block chaining. Modes of operation.
    Stream ciphers. One Time Pad, the perfect cipher. Binary additive stream ciphers. Synchronous stream ciphers, asynchronous stream ciphers. Converting ciphers. Hardware realized ciphers. Linear Feedback Shift Register based ciphers. Software stream ciphers: RC4. Comparison of symmetric key ciphers.
    Asymmetric key encryption, public key encryption. RSA algorithm and key generation. Enhancement on the RSA algorithm. Blinding. Digital Signature Algorithm (DSA). Signing and verification, Digital signature.
    Hash functions. Cryptographic hashing. Size of the hash output. Iterative hash functions. Block cipher based hash functions. Well known hash functions: Message Digest 5 (MD5), Secure Hash Algorithm (SHA1). Keyed hash functions, HMAC.
    Keymanagement
    Keymanagement protocols. Basics: key agreement, -transport, -authentication, confirmation. Keymanagement protocol characteristics. Perfect Forward Secrecy. Key transport protocols: Point-to-point key update, Authenticated Key Exchange Protocol 2,  Shamir’s no key protocol, Wide Mouth Frog, Needham-Schroeder, Otway-Rees protocols. Using public key cryptography in key management. Diffie-Hellman key exchange (DH), multi user DH. Station-to-station protocol. Secret sharing.
    Secure network communication
    Attacks on network security. Layer 2 and Layer 3 network security. Attacks on routing. TCP session hijacking. Secure communication protocols: IPSec (AH, ESP), Transport Layer Security: TLS/SSL. Virtual Private Networks (VPN)
    Firewalls, Intrusion Detection Systems
    Network Address Translation (NAT). Firewall functions. Packet filters and Proxy firewalls. Examples for packet filter firewall configurations. Dynamic packet filtering. Firewall architectures. Demilitarized Zone (DMZ). Firewall’s future. Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). Rule based and anomaly based detection. Network IDS and Host IDS. Honeypots.
    Vulnerability analysis
    Security of Wireless Networks
    WiFi networks. WiFi protection: Wired Equivalent Privacy (WEP), WiFi Protected Access (WPA) and IEEE 802.11i protocols. WPA Temporal Key Integrity Protocol (TKIP) and Counter Mode CBC-MAC Protocol. IEEE 802.1X. Extensible Authentication Protocol (EAP).


    9. Method of instruction 4 lectures and practice per week. Practice during the theoretical class.
    10. Assessment
    In the class period there are two in-class tests (ZH) around the 7th and 13th weeks.
    Both in-class tests should be scored above 40%. The final grade score is based on the average of the two test scores. 
    11. Recaps In the delayed completion period there is a possibility to rewrite the in-class tests (ZH) once.
    12. Consultations Consultation with the lecturers of the subject is possible at pre-arranged time.
    13. References, textbooks and resources
    Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, “Handbook of Applied Cryptography”, CRC Press, ISBN: 0-8493-8523-7
    Bruce Schneier, Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C, John Wiley & Sons, Inc., ISBN: 0471128457

    14. Required learning hours and assignment
    Kontakt óra56
    Preparation for lessons28
    Preparation for tests36
    Homework0
    Learning of prepared matters0
    Preparation for exam0
    Total120
    15. Syllabus prepared by
    Name:Profession:Institute:
    Dr. Gábor Fehér, PhDAssociate professorBME-TMIT