CS 3CN3 / SE 4C03
Computer Networks & Security
Winter 2011

• Instructor: Michael Soltys, email: soltys@mcmaster.ca
• TA:
  • Jason Jaskolka <jason.jaskolka@gmail.com>
  • Can Wang <wangc36@mcmaster.ca>
  • Wisam Hussain <wisamhussain@gmail.com>
• Course Information (updated Dec 29, 2010)
• Lectures: Mo, We, Th 10:30-11:20, in HSC/1A6.
• Office Hours:
  • Instructor: Thursdays 12:30-2:30
• Course outline: The calendar description is as follows: Physical networks, TCP/IP protocols, switching methods, network layering and components, network services. Information security, computer and network security threats, defense mechanisms, encryption. We are going to concentrate on the network security aspects, especially on cryptography; a mixture of theory and programming assignments in Python.
• Textbook:

  Charlie Kaufman, Radia Perlman and Mike Speciner Network Security: Private Communication in a Public World. 2nd edition 2002 Published by Prentice Hall

• Please Read: McMaster Academic Integrity Statement.

Announcements:

• Apr 8: The marking scheme for assignment 3 has been posted below.
• Apr 4: Important: if you use a shell script you need to modify its permissions so that the TAs can run it, i.e., chmod 777 <script>.sh
• Apr 4: Assignment 3 is due today, but we will be accepting assignments without penalty until Wednesday midnight. In effect, giving everyone an extension until April 6, 11:59pm.
• Mar 23: Yahoo Fine-Tunes Its Search Engine
• Mar 23: Test 6 will contain material on PKI, Certificates, Kerberos and Search Engines.
• Mar 23: The material on Search Engines comes from the following three papers. They are given here as background, but the lectures notes are sufficient to prepare for the test.
  • Mining the WWW; “hubs and authorities” paper
  • The original Google paper on the search engine architecture
  • Google PageRank algorithm
• Mar 23: Here are some clarifications about assignment 3:

  In terms of your report:

  You should answer the same four questions that have been asked for the previous assignments, i.e.,

  1. Describe how you solved the problem
  2. Describe how was your program tested
  3. Discuss any problems you encountered
  4. Provide a sample run of the program

  You should also demonstrate that you understand what your program is doing. That is, that you are able to adequately explain what each line of the core of your program (the part where you are retrieving the certificates from the remote host and verifying them) does. You need not explain how you parsed or formatted the output. For example, can you explain what ssl.wrap_socket(...) does in Python or what openssl verify does?

  You should describe in detail how you obtained the test results and verified that these results were what you expected.

  In terms of your code:

  1. You should format your output so that it looks like the example given in the Assignment.
  2. You do not have to have command line arguments (though it is preferred); your code must be able to query the user for input.
  3. There have been problems with the use of openssl verify to verify the certificate against the root certificates. This is an unforeseen technical issue and in light of this, we require that you simply put the results of the verify in the “Status” field of the output, i.e., if you get an OK put OK, if you get an error message put the error message, etc. The point of this assignment is to be able to understand how the verification is done and the emphasis is not on the programming aspect.
• Mar 18: Slides on PKI and Certificates
• Mar 12: The marking scheme for assignment 2 has been posted below.
• Mar 11:
  • Slides on Rabin-Miller
  • Slides on authentication
• Mar 10: An Animated Learning Tool for Kerberos Authentication Architecture.
• Mar 9: Test 5 will take place on Monday March 14. The test will be of the usual size, and it will cover Diffie-Hellman, ElGamal and RSA cryptosystems. Although the test covers all three cryptosystems, it is especially important that you learn the mechanics of the ElGamal cryptosystem.
• Mar 7: Some you may find this event interesting: Nik Garkusha, Open Source Strategy Lead of Microsoft Canada
• Mar 7: Please submit assignment 2 by 10pm today — please submit on time using SVN.
• Mar 5: Slides from the lectures on Wednesday March 2 and Thursday March 3.
• Feb 23: For assignment 2 and assignment 3 (not out yet), please write a report as in assignment 1; here is the reminder of what was asked: Please include a text write up of your program. That is, write a short report (a few paragraphs, included as a comment at the beginning of your code) describing how you solved the problem, how was your program tested, any problems you encountered, and a sample run of the program (and an output dump of the sample run). The intention is to have a basic "manual" for your program.
• Feb 21: Some comments regarding assignment 2:
  • The link-state database only contains the items that you add to it. The database can only be modified through the add and del commands.
  • You run Dijkstra's algorithm only when the tree command is executed.
  • When you remove a node (either rt or nt) you also remove all of its incoming & outgoing edges.
• Feb 18: The TAs will have no office hours during reading week.
• Feb 17: Slides:
  • Hardware
  • Public Key Cryptography
  For test 4 prepare as follows:
  • Read the article distributed in class on February 16, Improving performance on the Internet by Tom Leighton. (Just in case you are interested: DOI:10.1145/1461928.1461944 — a DOI is a “Digital Object Identifier”; you can read about them at http://www.doi.org/.)
  • Slides on hardware and public key crypto posted above.
  • Material from chapters 5 and 6 in the textbook related to the lecture (most of the stuff, without the technical details of the construction of hash functions and with just the basic math behind PKC).
• Feb 13: Here is the second half of the “routing handout” with information about the Bellman-Ford algorithm, just in case not all of it is legible in the photocopied version distributed in class.
• Feb 4: Reminder: use Python 2.
• Feb 4: Internet Runs Out Of IP Addresses
• Feb 2: In assignment 1, ECB-DES, you can generate all the samples you want using openssl, as explained in the assignment. The key (the value of the argument of -K) must be represented as a string comprised only of hex digits. So whatever key you want to use, translate it into hexadecimal digits, and use that. Each hexadecimal number represents 4 bits; so a 56-bit long string (which is what openssl expects for its key in this mode — see man pages) can be represented with 14 hex digits. So take your 56 bits, and groups them into fours, and translate each four into one of the (16) hex digits, 0-9,a-f. Note that in the example in the assignment, I only used one zero because when lacking 14 hex digits, openssl pads it with zeros until the end; so one zero is the same as 10 or 14 zeros.
• Jan 31: Test 2 with solutions has been posted below.
• Jan 27: Google Python course is a good source to learn the language.
• Jan 27: If you lost a sweatshirt in the classroom, please come to pick it up from my office (a white hoodie).
• Jan 27: Test 2 will be on Monday January 31, and it will consist of three questions:
  1. Definition of concepts
  2. Networking (based on handout distributed last Monday)
  3. Security (chapters 3 and 4 in the textbook)
• Jan 20: Submitting your work:
  1. You must either have subversion on your system (easy to install), or use your account in one of the ITB labs (or ssh into a departmental machine).
  2. Put in the header of your Python program the names in your team.
  3. Choose a member in your team who will be submitting the work for everyone on your team; let this be the <user> in the next step.
  4. svn co <https://websvn.mcmaster.ca/cs3cn3-se4c03>/<user> --username <user>
  5. Move your program to the local copy of your repository, i.e., the svn working directory on your system.
  6. svn add des.py
  7. svn commit -m "<message>"
     Note that the message is mandatory (you have to give one, even if it is blank quotes).
  8. svn status
  9. Note that you can resubmit newer versions as often as you like, until the deadline, with the command svn update.
  10. The deadline for Assignment 1: February 7, 10pm.
  If you have questions, please take them to the office hours. Also, it would be wise to attempt to submit (even a trial version, or some test file) well before the deadline.
• Jan 20: In assignment 1, the key is 64 bits; the parity bits are useless (every 8-th bit), and your program may ignore them altogether.
• Jan 17: Solutions to the first test posted below.
• Jan 14: Monday's test will cover chapters 1 and 2, and the first 3 sections of chapter 3 — related to DES.
• Jan 11: Please note the time change in the office hours / tutorials below; Can's hours have moved from 14:30-16:00 to 16:00-17:30.
• Jan 10: Assignment 1 has been posted below. Click here for OpenSSL.
• Jan 8: Lab schedule:
  The labs will take place in ITB-235; they will serve as office hours for Q&A regarding the assignments, Python, and the lecture material in general.

  Mon Jan 17 14:30-16:00 Jason

  Tue Jan 18 16:00-17:30 Can

  Mon Jan 24 14:30-16:00 Jason

  Tue Jan 25 16:00-17:30 Can

  Mon Feb 7 14:30-16:00 Jason

  Tue Feb 8 16:00-17:30 Can

  Mon Mar 7 14:30-16:00 Jason

  Tue Mar 8 16:00-17:30 Can

  Mon Mar 21 14:30-16:00 Jason

  Tue Mar 22 16:00-17:30 Can

  Mon Apr 4 14:30-16:00 Jason

  Tue Apr 5 16:00-17:30 Can

• Jan 7: The labs — which are going to be more like office hours — will start on January 17. They have been scheduled EOW (Every Other Week). They will take place in ITB-235; you will be able to get help with Python, and the programming assignments, as well as any other questions related to the course. I will post more information (such as the exact dates & times) soon.
• The Python official website from where you can download Python — check first if you already have it: on OS X, Linux or UNIX type python --version. We are going to use Python 2. You can download a manuscript of Python for software design by Allen B. Downey as a PDF or HTML for free.

Assignments and Tests:

Item	Due Date	PDF file	Comments
Test 1	January 17	test1.pdf
Test 2	January 31	test2.pdf
Assignment 1	February 7	a1.pdf	marking scheme
Test 3	February 14	test3.pdf	solution to Q1 corrected on Feb 15
Test 4	February 28	test4.pdf
Assignment 2	March 7	a2.pdf	marking scheme
Test 5	March 14	test5.pdf
Test 6	March 28	test6.pdf
Assignment 3	April 4	a3.pdf	marking scheme