course: Network Security 1

number:
141242
teaching methods:
lecture with tutorials
media:
Moodle, computer based presentation
responsible person:
Prof. Dr. Jörg Schwenk
Lecturers:
Prof. Dr. Jörg Schwenk (ETIT), M. Sc. Jens Müller (ETIT), M. Sc. Paul Rösler (ETIT)
language:
german
HWS:
4
CP:
5
offered in:
winter term

dates in winter term

  • start: Friday the 11.10.2019
  • lecture Fridays: from 12:15 to 13.45 o'clock in HID
  • tutorial Fridays: from 14:15 to 15.45 o'clock in ID 04/445

Exam

Form of exam:written
Registration for exam:FlexNow
Date:08.08.2019
Begin:16:30
Duration:120min
Room : ID 03/445

goals

The students have an understanding of all technical aspects of network security. It is clear that cryptography alone is not enough. Students can think about improving security on their own.

content

Cryptography is used to protect the confidentiality and integrity of data transmitted over data networks. Both symmetrical methods (Pay-TV, mobile radio, WLAN) and asymmetrical or hybrid methods (e-mail, WWW, VPN) are used. In the lecture, cryptographic systems for securing networks are examined and their security is examined from all sides. Network Security 1 focuses on all systems that are independent of the WWW. This includes the following topics:

  • Cryptography and the Internet (attacks, symmetrical and asymmetrical cryptography, passwords, cryptographic protocols, attacker and security models, certificates),
  • Security of dial-up connections (PPP, PPTP, attacks on PPTP, EAP protocols, AAA),
  • WLAN security (IEEE 802.11, WEP, WPA, IEEE 802.X, IEEE 802.11i, attacks on WEP and WPA, KRACK),
  • Mobile communications (GSM, UMTS, LTE, EAP-SIM),
  • IPSec (data formats ESP/AH, key agreement, IKEv1, IKEv2, Network Address Translation, attacks on IPSec),
  • IP Multicast, key agreement for groups,
  • Pretty Good Privacy (OpenPGP, Phil Zimmerman, attacks on OpenPGP),
  • Email security with S/MIME (SMTP, email data formats, MIME, PKCS#7, CMS, email attacks),
  • Domain Name System security (domains, DNS functionality, DNS spoofing, DNS cache poisoning, Kaminski attack, DNSSEC, DNSSEC weaknesses).

In addition to the systems themselves, published attacks on these systems are discussed wherever available; students are encouraged to make their own scientific considerations to improve security.

requirements

keine

recommended knowledge

Basic knowledge of TCP/IP, basic knowledge of security problems of computer networks at the level of popular journals (e.g. c't).

literature

  1. Schwenk, Jörg "Sicherheit und Kryptographie im Internet", Vieweg, 2014

miscellaneous

Die Übung am 12.10.2018 findet nicht statt. Die erste Veranstaltung ist die Vorlesung am 12.10.2018