(Will be updated with more details)
Network Security Primitives
- Be able to explain and use one-way hash chain and Merkle hash tree (how to construct, and how to use for authentication).
- Be able to explain and use Bloom filters (choice of (non-crypto) hash functions, calculation of false alarm rate for given settings).
- Be able to explain and use client puzzles, and the difference between the two puzzle constructions.
- Be able to explain and use the puzzle outsoucing technique, including the per-channel puzzle distribution.
- Be able to explain and use Shamir's secret sharing scheme, incluidng splitting a secret into shares and recovering from a subset of the shares.
- Be able to explain and use Rabin's Information Dispersal Algorithm.
- Be able to explain the concept of secret handshake, the pairing based secret handshake protocol, and the secret handshake from CA-oblivious encryption.
- Be able to explain: broadcast authentication, the challenges in broadcast authentication, why point-to-point authentication cannot be used for broadcast authentication directly.
- Be able to describe TESLA schemes, the security condition of TESLA, the protocol to synchronize sender and receivers.
- Be able to determine if a TESLA packet can be authenticated, and how to authenticate it if yes. Be able to determine which TESLA scheme should be used for a given broadcast authentication application.
- Be able to explain the DoS attacks against the TESLA protocol and the immediate authentication extension.
- Consider EMSS. Given a set of packets, be able to determine what packets can be authenticatted and how to authenticate them (the sequence of operations).
- Be able to explain how SEALs are generated and used in BiBa.
- Be able to explain how BiBa signatures are generated and verified.
- Be able to describe how SEALs are used for broadcast authentication.
- Be able to describe how HORS works.
Group Key Management
- Be able to explain the difference between group key agreement and group key distribution.
- Be able to describe the generic group DH, GDH.1, GDH.2, and GDH.3 protocols. Be able to describe the overhead of GDH.x protocols, including #messages, #rounds, #exponentiations per member, total size of messages.
- Given a group key agreement protocol based on DH, be able to determine if it is vulnerable to replay attacks, man-in-the-middle attacks, resouce consumption attacks, DOS attacks.
- Be able to explain the key tree constructed in TGDH and the difference from the constructions in GDH protocols.
- Be able to explain how the group membership events (member join, member leave, group partition, and group merge) are handled in TGDH.
- Be able to explain group key secrecy, forward secrecy, backward secrecy, and key independence.
- Be able to explain what are "1 affects n" problem and "1 does not equal n" problem.
- Be able to describe the Iolus approach. Be able to determine the cost of secure group communication in Iolus, including # encryption/decryption required, # group keys and pairwise keys each member needs, and # messages. Be able to determine the cost to used Iolus for group key distribution with the above costs.
- Be able to describe LKH. Be able to describe how a member is added and deleted, the changes in the key tree. Be able to determine the cost involved in group member changes (addition and deletion), including the number of keys each member and the group mamager need to store, the size and the number of messages required for group member addition and deletion.
- Be able to explain and use key oriented rekey, user oriented rekey, and group oriented rekey.
Security of Wireless Sensor Networks
- Be able to describe the specifical properties of sensor networks (low cost, low power, multi-functional nodes in unattended environments, wireless communication).
- Be able to explain the difference of sensor network security from traditional network security (1. resource constraints; 2. nodes subject to capture)
- Be able to explain and use the basic probabilistic key predistribution scheme. Be able to determine the parameters given the probability to establish pairwise keys and the network size.
- Be able to explain and use q-compositie scheme, multi-path enforcement for path key establishment, and random pairwise keys scheme.
- Be able to explain and use the two methods for shared key discovery (1. broadcast the list of key ids; 2. broadcast a list of challenges). Be able to explain the advantages and the disadvantages of both methods.
- Be able to explain and use the polynomial-based key predistribution sheme, the polynomial pool-based key predistribution schemes (the general framework, the random subset assignment scheme, and the grid-based scheme). In particular, be able to compute keys with the above schemes, be able to perform shared key discovery and path discovery in the random subset assignment and the grid-based scheme. Be able to explain and use the optimization technique to perform polynomial evaluation.
- Be able to explain the Message Specific Puzzle (MSP) mechanism, its application to signature-based as well as TESLA-based broadcast authentication, and the optimization in the above two cases.
- Be able to explain the threats to the integrity and availability in remote programming in wireless sensor networks.
- Be able to explain the integrity and DoS-resilient mechanisms used in Seluge for remote programming in wireless sensor networks, including the construction of code dissemination packets, the defense of DoS attacks against the signature packets, and the defense of local DoS attacks using cluster keys.
- Be able to explain the attack-resistent MMSE method and the voting-based method for secure localization.
- Be able to explain the jam-and-replay attack against time synchronization.
- Be able to explain the secure single-hop pair-wise time synchronization in TinySeRSync.
- Be able to explain the Secure and resilient global time synchronization in TinySeRSync and short-delayed TESLA.
Wireless Physical Layer Security
- Be able to give examples of wireless physical layer security mechnisms.
- Be able to explain the notions of Primary User Emulation (PUE) attack and wireless link signature.
- Be able to explain the jamming threats to wireless broadcast communication.
- Be able to describe the following schemes: UFH, UDSSS, USD-FH, DSD-DSSS.