course: Network Security 1

number:
141242
teaching methods:
lecture with tutorials
media:
Moodle, computer based presentation
responsible person:
Prof. Dr. Jörg Schwenk
Lecturers:
Prof. Dr. Jörg Schwenk (ETIT), M. Sc. Martin Grothe (ETIT), M. Sc. Sebastian Lauer (ETIT), M. Sc. Jens Müller (ETIT)
language:
german
HWS:
4
CP:
5
offered in:
winter term

dates in winter term

  • start: Friday the 11.10.2019
  • lecture Fridays: from 12:15 to 13.45 o'clock in HID
  • tutorial Fridays: from 14:15 to 15.45 o'clock in ID 04/445

Exam

All statements pertaining to examination modalities (for the summer/winter term of 2020) are given with reservations. Changes due to new requirements from the university will be announced as soon as possible.
Form of exam:written
Registration for exam:FlexNow
Date:13.08.2020
Begin:15:30
Duration:120min
Rooms : HGB 10,  HGD 10
Individual appointments of students to each exam location will be issued by the responsible chair.

goals

After successful completion of the module, students have a comprehensive understanding of the technical aspects of network security. They have recognized that cryptography alone is not sufficient to solve security problems. They have acquired a comprehensive understanding of complex IT systems. By independently thinking about improving network security, students prepare themselves for their role in professional life. They can analyse new problems and develop new solutions. They are able to argue the benefits of the solutions they have developed. They understand that non-technical factors such as questions of liability and the resulting costs have a significant influence on decisions regarding IT security.

content

When cryptography is used in a technical environment such as a computer, data or telephone network, security depends not only on purely cryptographic factors but also on the technical embedding of the encryption and signature algorithms. Prominent examples (for faulty embeddings) are EFAIL (efail.de), attacks on the WLAN encryption systems WEP and WPA (KRACK) and various attacks on TLS (Bleichenbacher, POODLE, DROWN, ROBOT). The module "Network Security 1" deals with concrete networks for data transmission and examines them from all sides with regard to their security. It comprises the following parts:

  • Introduction: Internet
  • Introduction: confidentiality
  • Introduction: Integrity
  • Introduction: Cryptographic Protocols
  • PPP security (esp. PPTP), EAP protocols
  • WLAN security (WEP, WPA, Wardriving, KRACK)
  • GSM and UMTS mobile radio (authentication and encryption)
  • IPSec (ESP and AH, IKEv1 and v2, attacks on IPSec)
  • File encryption with OpenPGP (data format, Efail, climate-pink)
  • E Mail encryption with S/MIME (SMTP, data format, Efail, POP3, IMAP)

In addition to the systems themselves, published attacks on these systems are also discussed; the students themselves make scientific considerations on how to improve security.

requirements

keine

recommended knowledge

Basic knowledge of TCP/IP, basic knowledge of security problems of computer networks at the level of popular journals (e.g. c't).

literature

  1. Schwenk, Jörg "Sicherheit und Kryptographie im Internet", Vieweg, 2014