CSC 774 Advanced Network Security - Dr. Peng Ning

CSC 774 Advanced Network Security
1. Instructor:
Dr. Peng Ning,
Office: 3258 EB II, Centennial Campus
Phone: (919) 513-4457
Email: pning@ncsu.edu
URL: http://www.csc.ncsu.edu/faculty/ning
Office hours: See course website
Syllabus
2. Course Objectives:
By the end of this course, students will be able to:
1. List the common threats and vulnerabilities of networked systems
2. Describe the following electronic payment systems: NetBill, PayWords, MicroMint, fair
exchange protocols.
3. Describe and give examples of broadcast authentication protocols.
4. Explain the two types of group management techniques: group key agreement and group
key distribution.
5. Describe the following group key management protocols: Group Diffie-Hellman
protocol, Tree-based Group Diffie-Hellman protocol, LKH, and SDR.
6. Explain at least on secure MANET routing protocol.
7. Describe security mechanisms for secure routing in MANET.
8. Explain at least one approach to detecting selfish nodes in MANET.
9. Describe µTESLA, the broadcast authentication protocol for sensor networks.
10. Explain the following key pre-distribution protocols for sensor networks: random key
predistribution scheme, q-composite scheme, random pairwise keys scheme, polynomial
pool based random key predistribution scheme.
11. Explain the techniques for secure and resilient location estimation in wireless sensor
networks.
12. Explain client puzzle and its effects on denial of service (DoS) attacks.
13. Use client puzzles to mitigate potential DoS attacks.
14. Use one-way function chains, collisions of one-way function images, and Merkle hash
tree to provide authentication.
15. Identify flaws in cryptographic protocols.
3. Text:
• No textbook is required.
• Handouts (All handouts are available on-line):
1. R. Merkle. "A digital signature based on a conventional encryption function." In
Advances in Cryptology -CRYPTO '87, pages 369-378, 1988.
2. R. Merkle. "A certified digital signature." In Advances in Cryptology -CRYPTO '89,
pages 218-239, 1990.

3. A. Juels and J. Brainard, "Client puzzles: A Cryptographic Countermeasure Against
Connection Depletion Attacks." in: Proceedings of NDSS '99, 1999, pp. 151--165.
4. T. Aura, P. Nikander, and J. Leiwo, "DoS-Resistant Authentication with Client Puzzles."
In Proceedings of the 8th International Workshop on Security Protocols, LNCS 2133,
170-177.
5. X. Wang, and M. Reiter, "Mitigating Bandwidth-Exhaustion Attacks using Congestion
Puzzles." In Proceedings of the 11th ACM Conference on Computer and
Communications Security (CCS '04), 257-267.
6. B. Waters, A. Juels, J. Halderman, and E. Felten, "New Client Puzzle Outsourcing
Techniques for DoS Resistance." In Proceedings of the 11th ACM Conference on
Computer and Communications Security (CCS '04), 246-256.
7. Adi Shamir. "Identity-Based Cryptosystems and Signature Schemes." Advances in
Cryptology: Proceedings of CRYPTO 84, Lecture Notes in Computer Science, 7:47--53,
1984.
8. Dan Boneh, Matthew K. Franklin, "Identity-Based Encryption from the Weil Pairing."
Advances in Cryptology - Proceedings of CRYPTO 2001.
9. Carlo Blundo, Paolo D'Arco, Antonio Giorgio Gaggia. "A τ-Restricted Key Agreement
Scheme." The Computer Journal, Volume 42, No.1, page 51--61, 1999.
10. C. Castelluccia, S. Jarecki and G. Tsudik. "Secret Handshakes from CA-oblivious
Encryption." IACR AsiaCrypt'04, December 2004.
11. D. Balfanz, G. Durfee, N. Shankar, D.K. Smetters, J. Staddon, and H.C.Wong. "Secret
handshakes from pairing-based key agreements." In IEEE Symposium on Security and
Privacy, 2003.
12. Michael O. Rabin. "Efficient dispersal of information for security, load balancing, and
fault tolerance." In Journal of the ACM, Vol. 36, No. 2, 1989.
13. B. Cox, J.D. Tygar, and M. Sirbu. “Netbill Security and Transaction Protocol,” In The
First USENIX Workshop on Electronic Commerce, pages 77--88, July 1995.
14. R. Rivest and A. Shamir, “PayWord and MicroMint: Two simple micropayment
schemes,” in Proceedings of Security Protocols Workshop, pages: 69 – 87, 1996.
15. S. Micali and R. Rivest. “Micropayments revisited”. In Bart Preneel, editor, Progress in
Cryptology --- CT-RSA 2002, Lecture Notes in Computer Science, Vol. 2271. Springer-
Verlag, February 18—22, 2002.
16. N. Asokan, M. Schunter, and M. Waidner. “Optimistic Protocols for Fair Exchange,” In
Proceedings of 4th ACM Conference on Computer and Communications Security, Zurich,
April 1997.
17. A. Perrig, R. Canetti, D. Song, and D. Tygar, “Efficient Authentication and Signing of
Multicast Streams over Lossy Channels,” in Proc. of IEEE Security and Privacy
Symposium, May 2000.
18. A. Perrig, R. Canetti, D. Song, and D. Tygar, “Efficient and Secure Source
Authentication for Multicast,” in Proceedings of Network and Distributed System
Security Symposium, February 2001.
19. A. Perrig, "The BiBa One-Time Signature and Broadcast Authentication Protocol," in
Proceedings of the ACM Conference on Computer and Communications Security,
November 2001.
20. M. Steiner, G. Tsudik, and M. Waidner, “Diffie-Hellman Key Distribution Extended to
Group Communication,” in Proceedings of the 3rd ACM Conference on Computer and
Communications Security, pages 31--37, 1996.
21. Y. Kim, A. Perrig and G. Tsudik, “Simple and fault-tolerant key agreement for dynamic
collaborative groups,” in Proceedings of the 7th ACM Conference on Computer and
Communications Security, pages 235 -- 244, 2000.

22. Suvo Mittra, "Iolus: a framework for scalable secure multicasting," In Proceedings of the
ACM SIGCOMM '97, pages 277 - 288, 1997.
23. Chung Kei Wong, Mohamed Gouda, Simon S. Lam, "Secure group communications
using key graphs," In Proceedings of SIGCOMM '98, pages: 68 - 79.
24. Y. Hu, A. Perrig, and D. B. Johnson, “Ariadne: A Secure On-Demand Routing Protocol
for Ad~Hoc Networks,” in Proceedings of the Eighth Annual International Conference
on Mobile Computing and Networking (MobiCom 2002), September, 2002.
25. Yih-Chun Hu, Adrian Perrig, David Johnson, "Efficient Security Mechanisms for
Routing Protocols", In Proceedings of NDSS 2003.
26. S. Marti, T. J. Giuli, K. Lai, and M. Baker, “Mitigating routing misbehavior in mobile ad
hoc networks,” in Proceedings of the Sixth annual ACM/IEEE International Conference
on Mobile Computing and Networking, pages 255 -- 265, 2000.
27. L. Eschenauer and V. D. Gligor, "A key-management scheme for distributed sensor
networks," in Proceedings of the 9th ACM Conference on Computer and
Communications Security, pages 41 -- 47, November, 2002.
28. H. Chan, A. Perrig, and D. Song, “Random Key Predistribution Schemes for Sensor
Networks,” in Proceedings of IEEE Symposium on Research in Security and Privacy,
pages 197—213, May 2003.
29. D. Liu and P. Ning, “Establishing Pairwise Keys in Distributed Sensor Networks,” in
Proceedings of the 10th ACM Conference on Computer and Communications Security
(CCS '03), pages 52--61, Washington D.C., October, 2003.
30. Bartosz Przydatek, Dawn Song, Adrian Perrig, "SIA: Secure Information Aggregation in
Sensor Networks", In Proceedings of ACM SenSys 2003.
31. Donggang Liu, Peng Ning, Wenliang Du, "Attack-Resistant Location Estimation in
Sensor Networks," in Proceedings of The Fourth International Symposium on
Information Processing in Sensor Networks (IPSN '05), pages 99 -- 106, April 2005.
32. Donggang Liu, Peng Ning, Wenliang Du, "Detecting Malicious Beacon Nodes for Secure
Location Discovery in Wireless Sensor Networks," in Proceedings of the The 25th
International Conference on Distributed Computing Systems (ICDCS '05), pages 609--
619, June 2005.
33. A. Juels and J. Brainard, "Client puzzels: A cryptographic countermeasure against
connection depletion attacks," In Proceedings of the 6th Network and Distributed
Systems Security Symposium (NDSS ’99), February 1999.
34. P. MacKenzie and M. K. Reiter. Delegation of cryptographic servers for capture-resilient
devices. Distributed Computing 16(4):307–327, December 2003.
35. P. MacKenzie and M. K. Reiter. Networked cryptographic devices resilient to capture.
International Journal of Information Security, 2(1):1–20, November 2003.
36. M. K. Reiter, A. Samar, and C. Wang. The design and implementation of a JCAcompliant
capture protection infrastructure. In Proceedings of the 22nd IEEE Symposium
on Reliable Distributed Systems, October 2003.
4. Course Organization and Scope:
(Assume each lecture takes 75 minutes. The following topics need 30 lectures (or 15 weeks).)
Introduction to network security (1 lecture)
o Basic concepts: security services, security mechanisms, etc.
o Scope of course
2. Network Security Primitives (5 lectures)
o Absolute basics: Secret key and public key cryptosystems (RSA, DSA, Diffie-
Hellman key exchange), one-way hash function

o One-way key chain, Merkle hash tree
o Traditional key distribution techniques (Key distribution center, Certificate based
key distribution)
o Client puzzles
o Zero-knowledge proof
o Bloom filter
o Secret sharing
o ID-based cryptography
o Secret handshake
o Rabin’s information dispersal algorithm
3. Electronic payment systems (3 lectures)
o Electronic billing systems
o Micropayments
o Fair exchange protocols
4. Broadcast authentication (2 lectures)
o TESLA and EMSS
o BiBa
5. Group key management (4 Lectures)
o Basic concepts in group key management
o Group key agreement protocols (GDH, B-D protocols, TGDH)
o Group key distribution protocols (LKH, secret-sharing based protocols, SDR)
6. Security in ad-hoc networks (4 lectures)
o Secure ad-hoc routing protocols
o Detecting selfish or malicious nodes
o Broadcast authentication
o Key management for sensor networks
o Secure location verification
7. Network intrusion detection (1 lecture)
o Intrusion alert correlation
8. In-class presentations of advanced topics (10 lectures)
o Topics selected by the instructor on a per-semester basis
o Students present the above topics individually or in group (depending on
enrollment)
o 25 minutes per presentation (3 presentations per lecture)
o See Section H for grading policy for in-class presentations
5. Schedule of Reading Assignments:
• See schedule of classes on course website.
6. Schedule of homework due dates, quizzes and exams:
There are five homework assignments and two exams. Quizzes are given in the form of popup
quizzes. Pop-up quizzes are adopted to encourage the students to study during the nonexam
weeks. The results are not counted in the final grade.
• Homework 1: See schedule of classes on course website.
• Mid-term exam #1: week 6

• Mid-term exam #2: week 12
• Term paper: end of semester.
7. Grading:
Assignments: 10%; midterm #1: 25%; midterm #2: 25%; research paper: 30%; in-class presentation:
10%. The final grades are computed according to the following rules:
o A+: >= 95%
o A: >= 90% and < 95%
o A-: >= 85% and < 90%
o B+: >= 80% and < 85%
o B: >= 75% and < 80%
o B-: >= 70% and < 75%
o C+: >= 66% and < 70%
o C: >= 63% and < 66%
o C-: >= 60% and < 63%
o D+: >= 56% and < 60%
o D: >= 53% and < 56%
o D-: >= 50% and < 53%
o F: < 50%.
8. Policies on incomplete grades and late assignments:
Homework and project deadlines will be hard. Late homework will be accepted with a 10%
reduction in grade for each class period they are late by. However, once a homework
assignment is discussed in class, submissions will no longer be accepted. All assignments
must be turned in before the start of class on the due date.
9. Policies on absences (excused and unexcused) and scheduling makeup
work:
• You may be excused from an exam only with a university approved condition, with
proof. For example, if you cannot take an exam because of a sickness, we will need a
doctor's note.
• Events such as going on a business trip or attending a brother's wedding are not an
acceptable excuse for not taking an exam at its scheduled time and place.
• You will have one chance to take a makeup exam if your absence is excused. There will
be no makeup for homework assignments.
10. Course prerequisites:
CSC 570 Computer Networks, CSC 574 Information Systems Security
11. Academic integrity:
The university, college, and department policies against academic dishonesty will be strictly
enforced. You may obtain copies of the NCSU Code of Student Conduct from the Office of
Student Conduct, or from the following URL.
http://www.fis.ncsu.edu/ncsulegal/41.03-codeof.htm.

12. NC State policy on working with students with disabilities:
“Reasonable accommodations will be made for students with verifiable disabilities. In order to take
advantage of available accommodations, students must register with Disability Service for Students at
1900 Student Health Center, Campus Box 7509, 515-7653.
http://www.ncsu.edu/provost/offices/affirm_action/dss/
For more information on NC State’s policy on working with students with disabilities, please see
http://www.ncsu.edu/provost/hat/current/appendix/appen_k.html.
13. Laboratory Safety or Risk Assumption: Not Applicable.
14. “Pass-through” Charges: Not applicable.