 ISBN 0-07-212285-4 |
 ISBN 0-07-138038-8 |
 ISBN 0-07-913759-8 |
The
George Washington University
School of Engineering and Applied Science
(SEAS)
Engineering Management and Systems Engineering
(EMSE)
Contact Information:
Voice:
Mobile:
Business E-Mail:
GWU E-Mail:
Website:
10:00
AM - 10:00 PM EST
717-258-5693
717-329-9836
cto@infosec-technologies.com
crypto@gwu.edu
www.infosec-technologies.com
March 17-21, 2002; Final Exam: 8 May 2003
Randall K Nichols and Panos C Lekkas, Wireless Security, (WS) McGraw-Hill Professional Books, January 2002. ISBN: 0-07-138038-8. One of the most comprehensive references on the subject, by far.
Robert Churchhouse, Codes and Ciphers: Julius Caesar, the Enigma and the Internet, (RC) Cambridge Press, 2002. ISBN: 0-521-00890-5 Good progression of trends and directions of cryptography up to AES.
Richard Dreher, Lawrence Harte, Steven Kellog, Tom Schaffnit, The Comprehensive Guide To Wireless Technologies: Cellular, PCS, Paging, SMR, and Satellite, (WT) APDG, 1999. (Contact 919-557-2260) ISBN: 0-965-06584-7. Easy, broad ranging and interesting read.
Neils Ferguson and Bruce Schneier, Practical Cryptography, Wiley, April, 2003.
Randall K. Nichols, The ICSA Guide To Cryptography (GUIDE), McGraw-Hill Professional Books, November 1999, 837 pages with CDROM. [ISBN 0-07-913759- 8]
H.X. Mel and Doris Baker, Cryptography Decrypted Addison Wesley, 352 pages, January 2001. ISBN: 0-201-61647-5. Informative, "meaty" and a terrific read on cryptography.
William Stallings, Wireless Communications and Networks, Prentice Hall, 2001. Another one by the master author and more detail than we can cover.
Course Overview
This course covers advanced management issues and techniques for government organizations and corporations that must operate worldwide and must rely upon secure information infrastructures to create, store, process, and communicate sensitive information and engage in electronically supported activities. EMSE 319 looks heavily into the wireless world.
The safeguarding of information traveling over
wireless technology has quickly become one of
the most important and contentious challenges
facing today's technology innovators. With the
advent of Third Generation Internet technology-a
capability that connects mobile devices to the
Internet and allows users to send and receive
detailed information over wireless and fiber
networks-the security measures necessary to
protect critical data on these wireless networks
have become even more elusive and complex. The
issues surrounding proper security in the use
of networked wireless devices have played out
in a contest between individual, business and
government interests.
The number of wireless devices accessing the
Internet is forecast in the next few years to
exceed that of personal computers, with an estimated
600-800 million mobile technology users connected
to the Internet. Within those huge numbers,
mobile device manufacturers see customers eager
to use wireless technology access for messaging,
commerce and a more effective mobile work force.
Unfortunately, in this race to be first, security
is rarely a primary concern. With the expansion
of wireless technology, and as new services
and applications are created, security will
increase as a major issue for end-users. The
trend is for faster development of applications
built on solutions that are not fully tested
against known and evolving threats. When challenged,
developers indicate that security solutions
will come later.
The focus of EMSE 319 Emerging Issues in Information Security Management and Wireless Security is to explore the vast array of wireless technologies, techniques and methodologies, to provide current relevant analysis and understanding, and to put at the core of wireless implementations - wireless security. EMSE 319 Emerging Issues in Information Security Management and Wireless Security is structured broadly into four parts:
- Part I: Wireless Threats presents a basic
overview of wireless communications and societal
impacts of wireless, telecommunications, cellular
network and bearer technologies. Wireless
security is then presented in terms of the
model of Wireless Information Warfare. We
inspect the air ground interface and vulnerabilities
that are prevalent in both telephone and satellite
systems.
- Part II: Cryptographic Countermeasures
explores a wide range of encryption technologies
from stream ciphers to elliptic curve cryptography
(ECC) to Rijndael, the advanced encryption
standard (AES) winner that may be applied
very effectively to wireless communications.
The limitations of encryption and need for
robust authentication systems are reviewed.
The fascinating science of speech cryptology
is introduced to balance the cryptographic
countermeasures applied.
- Part III: Application Solutions views the
practical solutions and security principles
and flaws of popular wireless technologies
such as wireless LANS, WAP, TLS, Bluetooth
and VOIP.
- Part IV: Hardware Solutions and Embedded Design focuses on hardware considerations for end-to-end (E2E) security and optimizing real-time wireless communications security. E2E implementations with advanced integrated circuits, namely using (a) specialized field programmable gate arrays (FPGA's) for rapid prototype development and technology validation and (b) (very-large scale integration) VLSI application specific integrated circuits (ASICs) or IP (intellectual property) cores for the solution implementation in state-of-the-art SOC (systems-on-a-chip) are discussed.
The object will be to give the class a comfortable grounding in encryption technologies as applied to Wireless Security communications and networks. Class participation is very important. Each class will start (and may end) with student "bullets" of current issues gleaned from many sources. Team learning facilitates a better understanding of the critical issues. The class will be divided into working teams and assigned a semester long research paper on current wireless security issues and security of mobile devices. This course is reading intensive and is presented in increasing difficulty of subject matter. In-Class slides will be available to all students.
EMSE
319 is an approved concentration elective. Prerequisites:
EMSE 218, EMSE 315, EMSE 312, EMSE 313, EMSE
314 and EMSE 316.
First Principles
Introductions
Administrative
Formation of working teams and suggestions
for effective implementation
TEAM RESEARCH PAPER Requirements and expectations
Overview of the Wireless Security Course
How Cryptography Works and Historical Lessons from Classical Cryptography
Introduction to Wireless Applications and Technologies
-
Why are they Different
First, second, third and fourth generation
Wireless systems
WS:
Chapter 1: Introduction To Wireless and Why
it is Different
RC:
Chapter 1: Introduction
Chapter 2: From Julius Caesar to Simple Substitution
WT:
Chapter 1: Introduction to Wireless
Chapter 2: Wireless Applications
Threats and Vulnerabilities
CDMA, GSM, TDMA, Spectrum issues, SMS, Securing Mobile systems and
Differences in system engineering required depending on application or customer.
Electromagnetic capture. Cryptographic attacks and countermeasures. Military unique requirements.
SUBMIT CHOICE OF RESEARCH TOPIC
WS:
Chapter 2: Wireless Information Warfare
RC:
Chapter 3: Polyalphabetic Systems
WT:
Chapter 3: Wireless Basics [Spectrum, signal
types, modulation, etc.]
Securing Telephone; Evolution of Cryptographic Countermeasures
Interception, jamming, fraud, legal issues, counter-intelligence, more about cryptography and lessons from classical history, criminal phreaking.
TEAM OUTLINES DUE
WS:
Chapter 3: Telephone System Vulnerabilities
RC:
Chapter 4: Jigsaw Ciphers (Transposition)
Chapter 5: Two-Letter Ciphers
WT:
Chapter 4: Cellular and PCS Mobile Radio
Modern Cryptography - Authentication, Confidentiality, and Data Integrity and Non-Repudiation
WS:
Chapter 5: Cryptographic Security
RC:
Chapter 6: Codes
Chapter 7: Ciphers for Spies
WT:
Chapter 5: Land Mobile Radio
Applied Cryptographic Countermeasures and Problems
with Wireless
WS:
Chapter 4: Satellite Communications
RC:
Chapter 8: Producing Random Numbers and Letters
WT:
Chapter 6: Mobile Wireless Data
Chapter 8: Satellite Systems
Teams I
MIDTERM
Speech Cryptology
WS:
Chapter 6: Speech Cryptology
RC:
Chapter 9: The Enigma Cipher Machine and /or
Chapter 10: The Hagelin Cipher Machine
WT:
Chapter 7: Paging
Teams II & Practical Applications: Wireless Networks
Reading assignments:
WS:
Chapter 7: Wireless Local Area Network (WLAN)
Chapter 8: Wireless Application Protocol (WAP)
RC: (optional)
Chapter 11: Beyond the Enigma
WT:
Chapter 9: Fixed Wireless
Chapter 10: Television and Radio Broadcast
TEAMS - In class project time
WEEK
9: 13 March 2003
Cryptanalysis and Security of Cryptographic
Systems
System Identification and Key Clustering. Cryptanalytic attacks, principals of vertical and horizontal differentiation based on repetitions, entropy, PRNG, testing, compression and graphical analysis. Side channel attacks, differential and linear cryptanalysis, character and bit level analysis. Demonstration: identification of traffic, signatures, and strength of encryption systems, work factor and brute force.
Courtesy review of draft research papers.
WS:
Chapter 9: Wireless Transport Layer Security
Chapter 10: Bluetooth
Chapter 11: VOIP
RC:
Chapter Public Key Cryptography
WT:
Chapter 11: Wireless Office and Cordless Telephones
WEEK
10: 27 March 2003
E2E Software / Hardware Issues
WS:
Chapter 12: Hardware Perspectives for End-to-End
in Wireless Applications
RC:
Chapter 13: Encipherment and the Internet
WT:
Chapter 11: Wireless Office and Cordless Telephones
Optimizing real-time wireless communications security.
Chapter 13: Optimizing Wireless Security Using FPGA's
and ASIC
WEEK 14: 24 April 2003 Make-up if necessary for weather or scheduling
Team Presentations on their assigned topics
FINAL GRADES