CS 395T - Design and Analysis of Security Protocols (54302)
Course descriptionThis is a project-oriented course intended to give students hands-on experience in using a variety of analysis techniques to evaluate cryptographic protocols and other security mechanisms. A network protocol such as SSL (Secure Sockets Layer) may fail in three ways: the protocol design may be flawed, the cryptography may be inadequate, or the implementation may be buggy. This course is primarily concerned with techniques for identifying design flaws, but we will also talk about cryptography and secure implementation to the extent that they affect protocol design.
The first part of the course will survey contemporary security protocols and their properties, including confidentiality, authentication, secure group communication, privacy, and anonymity. We will also cover cryptographic primitives, as well as standard formal models and tools used for mechanized verification of secure systems, including model checking, constraint solving, process algebras, protocol logics, and game theory.
The second part of the course will focus primarily on student projects, carried out individually or in small teams. A typical project may involve:
PrerequisitesThere are no prerequisites for this course. Some prior familiarity with cryptography or formal methods may be helpful, but all necessary background will be covered in class.
Tentative syllabusThis syllabus is only a rough draft. It may change as the course progresses. The subjects will not necessarily be covered in the order they are listed below. Some topics may be presented by students as part of the paper-reading assignment. The last part of the course will be devoted to project presentations.
Security protocols and their properties
Protocol analysis tools