Computer and Network Security

by

Avinash Kak

Think of these lecture notes as a living textbook that strives to strike a balance between the systems-oriented issues and the cryptographic issues. Without the latter, many aspects of the former cannot be fully comprehended, and, without the former, the latter are too dry to appreciate.

Note for instructors using these slides/notes:



It is not uncommon for the instructors who use these notes/slides to want to know how exactly I use them in class since there is much more information on a typical slide than you will usually find in a powerpoint presentation.



Here is the answer: When I teach the theoretical portions of this course, I actually work out the formulas on the chalkboard and, when I do so, I follow the derivations presented in these lecture notes. On the other hand, when I teach the systems portion of the course, I spend quite a bit of time demonstrating the issues on my Linux laptop, again in the manner described in these lecture notes. These lecture notes are intended as much for showing in class in the form of slides as they are for focused reading by the students on their own. When used as slides, these serve as backdrop to the explanations provided on the chalkboard or through demonstrations on a computer.



Regarding homework assignments:



Homework assignments typically involve writing Perl or Python scripts in order to gain a deeper understanding of the ideas through actual implementation. (From a pedagogical standpoint, scripting is much more efficient for this than writing code in raw C.) In the part of the course that deals with encryption and hashing, students write scripts for implementing DES, AES, RC4, SHA1, SHA512, etc. In the part of the course that deals with more system related issues, the students are asked to write scripts that carry out DoS attacks, buffer overflow attacks, etc., against servers (for buffer overflow attacks, that would be a socket program in C with intentionally embedded buffer-overflow vulnerability).



If you are an instructor and you'd like to see these homework assignments (along with the two best solutions submitted by the students at Purdue), send me a note at kak@purdue.edu. If you do so, please place the string "requesting security homework" in your subject line to get past my merciless spam filter. VERY IMPORTANT: Your email request for this material must establish two things: that you are an instructor and that you are using these lecture notes to teach your class. An anonymous email request (using, say, a gmail or a yahoomail address) that does not indicate your institutional affiliation will be ignored.



Useful resources for homework assignments: The BitVector class in Python is useful for creating compact implementations for hash functions (see Lecture 15 for an example) and for writing scripts for block and stream ciphers.



The BitVector class in Perl that lets you do everything in Perl that the above mentioned class does in Python.



If you are writing Perl and/or Python scripts for solving homework problems or for course projects, you will find the book "Scripting with Objects" a useful resource for this course. Chapters 2 and 3 of the book provide quick and easy-to-follow introductions to Perl and Python, respectively.



If you'd rather do your homework in C++ or Java, you will find the book "Programming With Objects" a useful resource. This book is now being used at a number of universities for teaching object-oriented programming in both C++ and Java simultaneously.



If you would like to know about the OBJECTS TRILOGY PROJECT that led to the two books mentioned above, click here . The third book in the Objects Trilogy is:

"Designing with Objects"

When will this material be updated next?:



The 2020 update of the lecture notes is finished. The next major update of this material is scheduled for the January – April 2021 time frame.



