CSC424/ECE534-F: Communication and Security
Prof. B. Rosenberg
Spring Semester, 2025 (252)
MWF 1:25–2:15 PM
Mahoney/Pearson Com 118
Email: burt at cs miami edu
- Monday 13 Jan:
- First day of class
Syllabus for CSC421 Computer Operating Systems.
This is a course in:
- The standard communication protocols of computers, including TCP/IP,
- and the security concerns consequent to those protocols;
- The craft of highly skilled coding in C, following specifications,
- and understanding and countering sophisticated attacks against system security.
- Join the class slack channel csc-courses.slack.com, #csc424-252.
- Please visit csc424-252 github, the class github.
- Enroll in AWS to use their Elastic Computing.
- You might qualify for a free tier. If not the cost of the semester's computer use will be under $100.
- Suggested reading:
- Computer Networks, Fifth Edition: A Systems Approach
(The Morgan Kaufmann Series in Networking) 5th Edition,
Other editions might be acceptable.
by Larry L. Peterson (Author), Bruce S. Davie (Author).
((Amazon))
- Projects:
- A series projects, usually 2 to 3 weeks in length. A grace period
of lateness is allowed.
- Project grading:
- Projects are generally scored on a 0 to 5 scale.
- The makefile usually provides a Basic Test, and correctly passing the Basic
Test gives 3 points.
- Projects passing the Basic Test are given an
Extended Test, for the remainder of the points.
- The 3+2 point pattern that is generally true, is modified according to
project difficulty.
- Programs that are substantially similar to solutions either from other
students, past or present, or on the web, might have points deducted.
- Due dates are midnight of the given day, in the current Miami local time (EST in winter).
- No work accepted for grade after midnight, the last day of classes.
- Grading:
- Lateness: Three days grace automatic on projects. Over that, one point off and an additional one point
for each week late, up to some reserve number of points.
- No lateness for quizzes or presentations.
- No work accepted once reading days end.
- Class grading: After normalizations, 30% each midterm and final, 40% projects.
- If quizzes are assigned, they will be an announced percentage.
- Quizes:
- From time to time, to emphasize a concept. Will be due in a short
time frame, and no lateness is allowed.
- Due by midnight of the date, in the current Miami local time (EST in winter).
- Midterm and Final
- Midterm date:
- Final date:
- Honor Code:
- Class participants read and accept the University Honor Code,
available from the Dean of Students.
- Work resulting from an integrity violation will not be graded. A no-grade arising
in this way can be numerically distinct from a zero.
Packet communications and the Internet
- Introduction
- Tools of the trade and network etiquette.
- The OSI ISO model (image)
- Discussion: Why layers? Why not layers?
- Peer-to-peer responsibilities vs. SAP (service access points)
- Encapsulation, headers and payload, demultiplexing (unpacking) (image)
- Implementation and standards, for the Internet/WAN (image) and for
the LAN (image)
- Basic concepts
- Packet versus connection.
- Broadcast versus routed.
- Common and point-to-point mediums.
- LAN versus WAN, and an internet.
- The wizard behind the curtain
Adresses and Names
- What's in a name
- The MAC address is "just a name", and it pretty useless "far away" from the
destination.
- Names, such as www.miami.edu, are non-entities in TCP-UDP/IP. Only numbers
count.
- The role of DNS to turn names into numbers, before the networking game starts.
- L2: MAC address
- Broadcast address, broadcast domain
- Except LSB is 0 for unicast, 1 for multicast or broadcast
- And except that second LSB is U/L bit. 0 for Universally administered, 1 for Locally administered.
- Universally administed with a 24 leading-bit OUI
- L3: IP
- The IP address gives the network name for the endpoint, and
contains routing information in the prefix.
- IP space map.
- Classfull addressing
- A, CIDR-speak /8 (pronounced: slash 8).
- B, CIDR-speak /16 (pronounced: slash 16).
- C, CIDR-speak /24 (pronounced: slash 24).
- D, multicast, /28 sort of? with network part 0xE
- E, reserved, /28 sort of? with network part 0xF
- Netmasks and subnetting
- CIDR introduce in RFC 1518
and RFC 1519 in September 1993.
- Private local addresses (private address)
- Class A private-local 10./8
- Loopback 127./8
- Auto-config B private 169.254/16 (RFC 3927)
- Class B private-local 172.16/12
- Class C private-local 192.168/24
- Carrier Grade NAT a.k.a. NAT444. a.ka.a. 100.64.0.0/10.
- NAT and PAT (various flavors)
- L4: Ports (well-known and ephemeral)
- Except unix machines require superuser privilege to open a wel-known port, the differences are cultural, not technical
- Well Known Ports
— used by well-known, a.k.a. community developed and standardized, protocols.
- Registered ports
— claimed through IANA for typical use by a protocol
- Ephemeral/Dynamic ports
— reusable, temporary, and dynamically claimed by a host typically for the client side of any protocol.
- Header formats
- A typical L2 frame is the 802.3 ethernet
- L3 packet contains an IP packet with an IP header
- The IP packet can contain an UDP message (non-standard terminology) that starts with an UDP header
- ICMP
Getting started with sockets
- Enough networking to be dangerous
- ping
- traceroute
- ifconfig
- tcpdump
- Sockets
Routing: how packets get around
- Multilayer routing
- ARP: Address resolution protocol
- Local delivery vs. routing; known route vs. default route
- L2:
- L3: interior gateway protocols
- Distance vector Notes
- RIP: counting to infinity; split horizon and poison reverse
- OSPF: Link State Protocols
- L3: exterior gateway protocols
Application Layer Case Studies: UDP
- ICMP (not really UDP)
- Trivial File Transfer Protocol (TFTP)
- Domain Name Service (DNS).
- Dynamic Host Configuration Protocol (DHCP)
- Conclusions concerning protocol design
TCP and QUIC
Application Layer Case Studies: TCP
Symmetric Encryption
Message Authentication Codes (MAC)
- A hash function is a function h such that:
- compression: an arbitrary bit length (a string) to a fixed bit length (a number)
- ease of computation: practically speaking, using common hardware
- resistance
- preimage resistance, given y, find x such that h(x)=y
- 2nd-preimage resistance, give x find x' such that h(x)=h(x')
- collision resistance, given nothing, just find an x and x' such that h(x)=h(x')
- keyed: a hash function family hk for different keys k.
- unforgeability, given many m, hk(m) pairs find a new m,hk(m') pair.
- The Random Oracle Model according to The Flintstones
- Non-magical hash functions: in practice and in theory.
- Merkle-Damgard extending the hash function.
- Davis-Meyer compression (hash functions from encryptions)
- Applications:
- Minimal disclosure proof of knowledge
- symmetric key signatures (MAC)
- block-chain, both proof of work and chain immutability
- Data fingerprints
- Pseudo-random sequences and encryption.
- One-time authentication schemes
Public key Encryption and the PKI
Authentication
Consensus and Blockchains
Frightful Fridays
Up and running
- Read the General computing requirements
- Prepare your work environment
- You will need ssh, publickey logins, and subversion.
- Unix tools for MacOS
- Mac is Unix. It is an import of FreeBSD, open software project based on Berkeley University unix.
- Brew, will get you ports of unix tools that do not ship with Mac. (e.g. subversion)
- BBedit: my favorite code editor
- Unix tools for Windows (including ssh)
- Learn to start an AWS instance
Assignments:
- Project 1: My Web Server
- See the project homepage
- Accept the github assignment invite, posted in Slack.
- Submit by adding, committing and pushing the evidence.out file, created as a Makefile target.
- Due: Friday, January 31.
- Project 2: Netbounce
- See the project homepage
- Accept the github assignment invite, posted in Slack.
- See the Errata for the project 2 makefile.
- Due: Friday, February 14.
