Lecture notes from CSE508 Network Security, taught by Prof. Rob Johnson.

- What is security: Alice, Bob, key reuse, the one-time pad (OTP)
- Hacking WEP: initialization vectors, the birthday attack, WEP reaction attack
- Pseudo-random number generators (PRNG): computational indistinguishability advantage, linear feedback shift register (LFSR), data processing inequality (DPI)
- More PRNGs
- Pseudo-random functions (PRF)
- Pseudo-random permutations (PRP): PRPs versus PRFs
- Real or random (RoR) and block ciphers: modes of operation for block-ciphers, electronic codebook mode (ECB), counter mode (CTR), cipher block chaining (CBC)
- CBC and message integrity: integrity of ciphertext (INT-CCA)
- Message authentication codes (MAC): the birthday problem, replay attacks, MACs using PRFs, CBC-MAC
- Chosen-plaintext attack and Chosen-ciphertext attack: oracles, crypto games, CCA-secure encryption schemes, encrypt then MAC rule
- Diffie Hellman key exchange: public-key cryptography, man-in-the-middle attack, the extended Euclidian algorithm
- A little number theory: set of congruence classes modulo n, the totient function, the Chinese remainder theorem
- Rivest-Shamir-Adleman (RSA) encryption and ElGamal: logarithmic exponentiation, the prime number theorem, Miller-Rabin primality testing, RSA encryption, RSA attacks, weak and strong RSA assumptions, ElGamal, CCA attack on ElGamal
- Trapdoor one-way functions: one-way functions (OWF), one-way permutations (OWP), trapdoor one-way permutations (TOWP), RoR security for public key encryption (PKE)
- MIDTERM: Cheatsheet
- Public key signatures: signature scheme, hashing, the random oracle model, full domain hashing
- Bit commitment and zero knowledge proofs
- Network protocols: network protocol principles (binding, explicit messages, replay protection), session IDs
- More network protocols: acknowledgements (ACKs), timers, timestamps, key agreement protocols
- Key agreement: Needham-Schroeder, key distribution centers (KDC), Kerberos
- Kerberos v5 and certificates: public key infrastructure (PKI)
- More PKI: transitive trust, SSL, DNSSEC
- DNS security and Pretty Good Privacy (PGP): Domain Name System Security Extensions (DNSSEC), DNS-based Authentication of Named Entities (DANE)
- Application level security: buffer overflows, format string attacks, SQL-injection attacks
- Web security: cookies, JavaScript and same origin policy, cross site request forgeries attacks (CSRF), ambient security
- Cross-site scripting (XSS): BLUEPRINT, forced browsing, mashups
- Mashup security: iframe, postMessage in HTML5, OpenID
- Anonimity: global versus non-global adversary, anonymity versus privacy, mix nets, onion routing, the Tor network