v     Subject matter

      Digital signatures and authentication protocols (not including DSS)

         Digital signatures

        Requirements for a digital signature

        Direct and arbitrated signatures

         Authentication protocols (understand the basis, if not details for each of the protocols in sec 10.2)

      Authentication applications

         Kerberos (Work through and understand a couple of dialogues)

         X.509 Directory authentication service (Work through the certificate material)

      Electronic mail security

         PGP (read this in detail)

         S/MIME (overview to depth covered in class)

      IP security (Emphasize architecture and reasoning, not format details)

         IP Security overview and architecture

         Header and ESP payload

         Security associations and key management

v     Coverage

      Through Thursday, March 15

      Chapters 11 through 15 not including appendix 12B

v     Preparation

      Read chapters 11 through 15

      Suggested problems

         11.1, 11.2, 11.3

         12.4, 12.10

         13.1, 13.2, 13.3. 13.6 (a lot of problems, but these are short and interrelated)

         14.2, 14.4

         15.5, 15.7, 15.4

v     Exam methodology

      See exam policies

      Open book and notes (avoids memorization)

      Mostly short-answer

         What if

         Why

         Invent a way to do---

         Protocol analysis and diagnosis

      Learn capabilities, not forgettable details

      Emphasis is more on protocols and algorithm consequences than on ciphers themselves