course: Network Security 1
- teaching methods:
- lecture with tutorials
- Moodle, computer based presentation
- responsible person:
- Prof. Dr. Jörg Schwenk
- Prof. Dr. Jörg Schwenk (ETIT), M. Sc. Jens Müller (ETIT), M. Sc. Paul Rösler (ETIT)
- offered in:
- winter term
dates in winter term
- start: Friday the 11.10.2019
- lecture Fridays: from 12:15 to 13.45 o'clock in HID
- tutorial Fridays: from 14:15 to 15.45 o'clock in ID 04/445
|Form of exam:||written|
|Registration for exam:||FlexNow|
|Room :||ID 03/445|
The students have an understanding of all technical aspects of network security. It is clear that cryptography alone is not enough. Students can think about improving security on their own.
Cryptography is used to protect the confidentiality and integrity of data transmitted over data networks. Both symmetrical methods (Pay-TV, mobile radio, WLAN) and asymmetrical or hybrid methods (e-mail, WWW, VPN) are used. In the lecture, cryptographic systems for securing networks are examined and their security is examined from all sides. Network Security 1 focuses on all systems that are independent of the WWW. This includes the following topics:
- Cryptography and the Internet (attacks, symmetrical and asymmetrical cryptography, passwords, cryptographic protocols, attacker and security models, certificates),
- Security of dial-up connections (PPP, PPTP, attacks on PPTP, EAP protocols, AAA),
- WLAN security (IEEE 802.11, WEP, WPA, IEEE 802.X, IEEE 802.11i, attacks on WEP and WPA, KRACK),
- Mobile communications (GSM, UMTS, LTE, EAP-SIM),
- IPSec (data formats ESP/AH, key agreement, IKEv1, IKEv2, Network Address Translation, attacks on IPSec),
- IP Multicast, key agreement for groups,
- Pretty Good Privacy (OpenPGP, Phil Zimmerman, attacks on OpenPGP),
- Email security with S/MIME (SMTP, email data formats, MIME, PKCS#7, CMS, email attacks),
- Domain Name System security (domains, DNS functionality, DNS spoofing, DNS cache poisoning, Kaminski attack, DNSSEC, DNSSEC weaknesses).
In addition to the systems themselves, published attacks on these systems are discussed wherever available; students are encouraged to make their own scientific considerations to improve security.
Basic knowledge of TCP/IP, basic knowledge of security problems of computer networks at the level of popular journals (e.g. c't).
- Schwenk, Jörg "Sicherheit und Kryptographie im Internet", Vieweg, 2014
Die Übung am 12.10.2018 findet nicht statt. Die erste Veranstaltung ist die Vorlesung am 12.10.2018