楊中皇老師 一百零六學年度第一學期 (Fall 2017)「資訊安全」參考資料:

 

 

  1. 課程大綱

  2. 教科書網站

  3. 國立高雄師範大學行事曆
  4. 學校選課學生名單
  5. 高雄師範大學開課資料查詢系統
  6. 10月4日上課前email (chyang@nknu.edu.tw)繳交分組(每組1-4人)名單,分組上台報告人員報告(含Q/A)當天上課時抽籤決定
  7. 10月18日期初報告(軟體下載,最多兩張投影片),10月25日上課前繳交期初報告投影片
  8. 期中考(老師指定座位考試期間禁止上網考試範圍:Chapters 1- 3中文考題包含計算題與問答題,Open Book Exam): 
  9. 期中報告(軟體功能與安裝):
  10. 期末報告(軟體操作使用):
  11. 期末考(老師指定座位考試期間禁止上網考試範圍:Chapters 1- 9中文考題包含計算題與問答題 ,Open Book Exam): 
  12. 2016學期成績分數分布圖
  13.  

     組別 期初,期中,期末(報告繳交日期)

    軟體功能、安裝與使用

     相關網址

    1

     

    AndroRat

    https://github.com/DesignativeDave/androrat

    2  

    Santoku

    https://santoku-linux.com

    3  

    MobiSec

    http://sourceforge.net/projects/mobisec/

    4  

    OpenKeychain

    https://github.com/open-keychain/open-keychain

    5  

    AndroGuard

    https://code.google.com/p/androguard/

    6

     

    drozer

    https://labs.mwrinfosecurity.com/tools/drozer/

    7   AFLogical OSE https://github.com/nowsecure/android-forensics
  1.        
  2. 微軟Windows Cryptographic Primitives

  3. Android設備 Cryptographic Primitives

  4. Android Security, https://source.android.com/security/

  5. 智慧型手機市場銷售 (2016)

  6. 個人電腦市場銷售 (2016)

  7. Android Open Source Project (AOSP)

  8. Android主要版本與使用分佈

  9. Android 7.1 密碼學算法原始碼

  10. 2017年3月Android擊敗Windows,正式成為全球第一大作業系統Android超越Windows成互联网用户最常用操作系统

  11. Google's Nexus devices

  12. Factory Images for Nexus and Pixel Device

  13. Android 8.0.0, Nexus 6P

  14. Android 8.0.0原始碼

  15. Full-Disk Encryption

  16. OpenSSL, openssl-1.1.0b (2016-Sep-26)

  17. 網路犯罪導致全球每年損失6兆億美金,網絡安全人士失業率降至零,http://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/

  18. Claude E. Shannon, "Communication Theory of Secrecy Systems", Bell System Technical Journal, vol.28-4,

    page 656-715, 1949.

  19. SHA-256 Checksum in Factory Images for Nexus Devices (local copy, Nov. 2016)

  20. Ubuntu 16.04.1 LTS download

  21. One-Way Hash MD5原始碼(RFC1321)

  22. Birthday Paradox (生日迷思):n個人,任意兩人生日是同一天(同月同日)的機率

  23. 大學教師的掙扎:嚴格還是放水  (local copy, Nov.  2016)

  24. 常見勒索軟體的加密演算法 (local copy, Nov.  2016)

  25. "How to avoid surveillance ... with the phone in your pocket",https://www.youtube.com/watch?v=ni4FV5zL6lM

  26. “Cracking Stuxnet, a 21st-century cyber weapon”,https://www.youtube.com/watch?v=CS01Hmjv1pQ

  27. “比特幣、汗水、汰漬:品牌貨幣的未來”,https://www.ted.com/talks/paul_kemp_robertson_bitcoin_sweat_tide_meet_the_future_of_branded_currency?language=zh-tw

  28. “How the blockchain will radically transform the economy”,https://www.youtube.com/watch?v=RplnSVTzvnU

  29. How the blockchain is changing money and business,區塊鍊將如何改變金融與企業,https://www.ted.com/talks/don_tapscott_how_the_blockchain_is_changing_money_and_business/transcript?language=zh-tw

  30. We need hackers 我們需要駭客,https://www.ted.com/talks/rodrigo_bijou_governments_don_t_understand_cyber_warfare_we_need_hackers?language=zh-tw

  31. Everyday cybercrime,網路犯罪無所不在,https://www.ted.com/talks/james_lyne_everyday_cybercrime_and_what_you_can_do_about_it?language=zh-tw

  32. The 1s and 0s behind cyber warfare,網路戰爭背後的1與0,https://www.ted.com/talks/chris_domas_the_1s_and_0s_behind_cyber_warfare?language=zh-tw

  33. Three types of online attack,網路戰爭如何影響我們真實的世界,https://www.ted.com/talks/guy_philippe_goldstein_how_cyberattacks_threaten_real_world_peace?language=zh-tw

  34. Hire the hackers,雇用駭客吧,https://www.ted.com/talks/misha_glenny_hire_the_hackers?language=zh-tw

  35. Three types of online attack,線上攻擊的三種類型, https://www.ted.com/talks/mikko_hypponen_three_types_of_online_attack?language=zh-tw

  36. Fighting viruses, defending the net,打擊電腦病毒,捍衛網路安全,https://www.ted.com/talks/mikko_hypponen_fighting_viruses_defending_the_net?language=zh-tw

  37. The security mirage,安全的錯覺,https://www.ted.com/talks/bruce_schneier?language=zh-tw

  38. 1999年課程大綱

  39. 網路駭客 Hackers: Outlaws & Angels

  40. 一天內破解DES報導: (1). RSA公司 (2). CNN公司

  41. AES (Advanced Encryption Standard) 原始碼 , rijndeal.c, rijndeal.h, boxes-ref.dat

  42. FIPS 197: Advanced Encryption Standard (2001年11月)

  43. Rijndeal原始文件

  44. AES動畫(flash)介紹,http://e-handel.mm.com.pl/crypto/rijndael_ingles2004.swf (local copy)

  45. AES Algorithm Validation List, http://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html

  46. Smartphones Become Next Frontier in Cybersecurity (智慧型手機為網路空間安全的下一個新領域)

  47. 楊義先教授、鈕心忻教授,安全通論

  48. Windows XP"裸奔" 挑戰安全 https://www.youtube.com/watch?v=_BScWpvV-Bk

  49. A.J. Menezes, et al, Handbook of Applied Cryptography  (CRC Press Series on Discrete Mathematics and Its Applications), 1996. 參閱http://www.cacr.math.uwaterloo.ca/hac/有PDF電子檔. 

  50. FIPS 186-2Digital Signature Standard (DSS) January 2000http://csrc.nist.gov/publications/fips/fips186-2/fips186-2-change1.pdf, http://csrc.nist.gov/publications/drafts/dss_recommendation.pdf

  51. 日本NTT密碼學技術

  52. 國家圖書館 全國博碩士論文資訊網

  53. 美國博碩士論文檢索

  54. 2004年5月中國密碼年會與2004年8月美國Crypto年會的Rump Session,山東大學王小雲教授破解MD5和其他幾個one-way hash function (local copy)。NIST宣佈將於2010年淘汰SHA1 (local copy)

  55. IQ Test 智力測驗

  56. "NIST announces that Rijndael has been selected as the proposed AES,"NIST, October 2, 2000, http://csrc.nist.gov/archive/aes/ 

  57. Chung-Huang Yang, "Performance Evaluation of AES/DES/Camellia On the 6805 and H8/300 CPUs," Proc. The 2001 Symposium on Cryptography and Information Security (SCIS2001), January 2001,  pp. 727-730.

  58. Wi-Fi Security

  59. Wi-Fi Protected Access (WPA)

  60. WPA2 (Wi-Fi Protected Access 2)

  61. An Initial Security Analysis of the IEEE 802.1x Standard (local copy)

  62. 802.11i (How we got here and where are we headed)

  63. Wireless LANs: Defending the Enterprise Airwaves

  64. Hacking the Invisible Network

  65. WLAN War Driving

  66. Taiwan.CNET.com : 企業應用 : 專題報導 : WLAN安全風暴來襲

  67. TW-CERT 無線網路安全白皮書

  68. Eli Biham and Adi Shamir, Differential cryptanalysis of DES-like cryptosystems, Technical report CS90-16, Weizmann Institute of Science, 1990.

  69. Windows平台大數GCD/LCD/乘法反元素軟體(羅靖華開發)

  70. Windows平台DES加解密軟體(羅靖華開發)

  71. 美國聯邦調查局的網路監控計畫:Carnivore, 英文介紹(mpeg, rm)

  72. IEEE 802.11, 802.11 LAN/MAN Wireless LANS標準

  73. Wi-Fi聯盟

  74. Mobile Security by NIST

  75. MIT, Dos and Don'ts of Client Authentication on the Web

  76. Nimda Notifyer

  77. IBM企業軟體技術發展暨解決方案論壇

  78. Unix Security

  79. 美國James Madison大學 資訊安全碩士學位(遠距教學)

  80. 行政院國家科學委員會科學技術資料中心「資通安全資訊網

  81. RFC, IETF 安全工作組

  82. 美國國家標準技術局電腦安全資源中心http://csrc.nist.gov/

  83. 最好的100個網路安全工具

  84. 日本資訊處理機構安全中心

  85. CERT

  86. COAST

  87. Common Vulnerabilities and Exposures (CVE)

  88. SANS

  89. SecurityFocus

  90. 美國博碩士論文檢索

  91. Bastille Linux

  92. Aryabhata and his commentators

  93. 密碼學常見問題集(FAQ)

  94. 美國國家安全局NSA的Security-Enhanced Linux

  95. BIBPIPE IT Security Research

  96. Research Papers on Strong Password Authentication

  97. W3C XML Digital Signature

  98. W3C XML Encryption 

  99. IETF PKIX Working Group

  100. IETF TLS Working Group, SSLv3TLSv1, OpenSSLRFC 2818  RFC 2817 RFC 2595  RFC 2487

  101. IETF LDAPv3 Revision Working Group, LDAPv3, OpenLDAP

  102. IETF S/MIME Working Group

  103. IETF Multicast Security Working Group

  104. IETF Secure Shell Working Group

  105. SSH

  106. PKCS #11: Cryptographic Token Interface Standard

  107. 打破NATs是安全的假象 (mirror)

  108. DCE team at Stanford University, Security in a Public World: A Survey

  109. Robert B. Reinhardt, An Architectural Overview of UNIX Network Security

  110. Dan Farmer, Improving the Security of Your Site by Breaking Into it

  111. IBM, Things that Go Bump in the Net

  112. IBM, Addressing security issues in Linux

  113. Linux Administrators Security Guide

  114. Securing a default Linux installation

  115. Windows XP Security

  116. Microsoft IIS Lockdown Tool, 23 August 2001

  117. Don Davis, Defective Sign & Encrypt in S/MIME,PKCS#7, MOSS, PEM, PGP, and XML

  118. Red Hat Linux 8.0 Security Guide

  119. Linux Security

  120. MUSCLE (Movement for the Use of Smart Cards in a Linux Environment)

  121. 政府投領標電子採購系統

  122. FIPS 180-2Secure Hash Standard (SHS)NIST,2002年8月。

  123. 人類已知最大的質數: 232,582,657-1 (9,808,358 decimal digits ) = ?  

  124. 木田祐司之UBASIC高速整數運算軟體。

  125. RSA演算法參數(P, Q, N, E, D) 範例一範例二範例三

  126. 大陸信息安全國家重點實驗室(The State Key Laboratory of Information Security,SKLOIS)

  127. 大陸中國網路信息安全

  128. 日本NTT的數位簽章演算法(TSH-EISNG)與公開金鑰加解密演算法(EPOC)

  129. 美國國立密碼博物館(National Cryptologic Museum)

  130. 政府憑證管理中心用戶使用說明

  131. 電子簽章法 (民國90年11月14日公發布)

  132. 電子簽章法施行細則 (民國91年4月10日)

  133. 財政部網路報繳稅財政部北區國稅局

  134. Kerberos: RFC 1510

  135. 微軟公司 Internet Security and Acceleration Server (ISA)

  136. Windows 2000 Security Services

  137. 微軟公司視窗2000安全性服務 (中文)

  138. Benchmarks and Scoring Tool for Windows 2000

  139. 大數分解有獎徵答(總獎金超過美金六十萬元)

  140. Certificate Authorities (CAs), Public-Key Infrastructure (PKI): RFC 2693  RFC 2587  RFC 2585  RFC 2559 RFC 2527  RFC 2528  RFC 2511  RFC 2510  RFC 2459

  141. PGP: RFC 1991, RFC 2015, RFC 2440

  142. S/MIME: RFC 2311, RFC 2312, RFC 2632, RFC 2633, RFC 2634

  143. Virtual Private Networks (VPNs): RFC 2917  RFC 2764  RFC 2547  RFC 2685

  144. NTT's IPv6, Sun's IPv6, IETF IPSec Working Group, FreeS/WAN, KAME

RFC 3041

Privacy Extensions for Stateless Address Autoconfiguration in IPv6

RFC 2409

Internet Key Exchange (IKE) 

RFC 2406

IP Encapsulating Security Payload (ESP)

RFC 2402

IP Authentication Header 

RFC 2401

Security Architecture for the Internet Protocol 

RFC 1829

The ESP DES-CBC Transform

RFC 1828

IP Authentication using Keyed MD5 

  1. ICSA certified firewall products

  2. Time Synchronization

  3. Secure Network Time Protocol (stime)

  4. W3C XML Signature Working Group

  5. CISSP (Certified Information System Security Professional資訊系統安全認證專家)證照

  6.  

  7. 網路管理工具

    Nessus

    http://www.nessus.org/

    Nmap

    http://www.nmap.org/nmap/

    ISS

    http://www.iss.net/

    SATAN

    ftp://ftp.cerias.purdue.edu/pub/tools/unix/scanners/satan/satan/

    Tripwire

    http://sourceforge.net/projects/tripwire/

    COPS

    ftp://ftp.cerias.purdue.edu/pub/tools/unix/scanners/cops/

    TCP Wrappers

    ftp://ftp.cerias.purdue.edu/pub/tools/unix/netutils/tcp_wrappers/

    WinDump

    http://netgroup-serv.polito.it/windump/

    Tiger

    http://www-arc.com/tara/ http://savannah.nongnu.org/projects/tiger/

    portmap

    ftp://ftp.cerias.purdue.edu/pub/tools/unix/netutils/portmap/

    Fremont

    ftp://ftp.cs.colorado.edu/pub/cs/distribs/fremont/

    ipacl

    ftp://ftp.cerias.purdue.edu/pub/tools/unix/netutils/ipacl/

    Argus

    ftp://ftp.andrew.cmu.edu/pub/argus/current/

    NETMAN

    ftp://ftp.cerias.purdue.edu/pub/tools/unix/netutils/netman/

    Sniffit

    http://sniffit.rug.ac.be/%20coder/sniffit/

    Sniffer Pro

    http://www.snifferpro.co.uk/

    ethereal

    http://www.ethereal.com/download.html

    hunt

    ftp://ftp.gncz.cz/pub/linux/hunt/hunt-1.5.tgz

    Anti Sniff

    http://www.securitysoftwaretech.com/antisniff/download.html

    SARA

    http://www-arc.com/sara/

    SAINT

    http://www.wwdsi.com/saint/

    AIDE

    http://www.cs.tut.fi/~rammer/aide.html

    Snort

    http://www.snort.org

    Shadow

    http://www.nswc.navy.mil/ISSEC/CID/

    BSD Airtools

    http://dachb0den.com/projects/bsd-airtools.html

    WEPCrack

    http://wepcrack.sourceforge.net/

    FreeS/WAN

    http://www.freeswan.org/

    KAME

    http://www.kame.net/

    VNC

    http://www.realvnc.com/

  8. FTP Security

    RFC0959

    File Transfer Protocol

    RFC1579

    Firewall-Friendly FTP

    RFC2228

    FTP Security Extensions

    RFC2389

    Feature negotiation mechanism for the File Transfer Protocol

    RFC2428

    FTP Extensions for IPv6 and NATs

    RFC2577

    FTP Security Considerations, May 1999.

    RFC2773

    Encryption using KEA and SKIPJACK

  9. RFC 3281, An Internet Attribute Certificate Profile for Authorization, April 2002.

  10. RFC 3280, Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, April 2002.

  11. RFC 3279 Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, April 2002.

  12. RFC 3278, Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS), April 2002.

  13. RFC 3275, (Extensible Markup Language) XML-Signature Syntax and Processing, March 2002.

  14. RFC 3244, Microsoft Windows 2000 Kerberos Change Password and Set Password Protocols, February 2002.

  15. RFC 3218, Preventing the Million Message Attack on Cryptographic Message Syntax, January 2002.

  16. RFC 3217, Triple-DES and RC2 Key Wrapping, December 2001.

  17. RFC 3211, Password-based Encryption for CMS, December 2001.

  18. RFC 3207, SMTP Service Extension for Secure SMTP over Transport Layer Security, February 2002.

  19. RFC 3206, The SYS and AUTH POP Response Codes, February 2002.

  20. RFC 3193, Securing L2TP using IPsec, November 2001.

  21. RFC 3185, Reuse of CMS Content Encryption Keys, October 2001.

  22. RFC 3183, Domain Security Services using S/MIME, October 2001.

  23. RFC 3174, US Secure Hash Algorithm 1 (SHA1), September 2001.

  24. RFC 3161, Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)

  25. RFC 2030, Simple Network Time Protocol (SNTP) Version 4, October 1996.

  26. RFC 2986, PKCS #10: Certification Request Syntax Specification Version 1.7.

  27. RFC 2985, PKCS #9: Selected Object Classes and Attribute Types Version 2.0

  28. RFC 2437, PKCS #1: RSA Cryptography Specifications Version 2.0. B. Kaliski, J. Staddon. 

  29. RFC 2315, PKCS #7: Cryptographic Message Syntax Version 1.5.

  30. RFC 2559, Internet X.509 Public Key Infrastructure Operational Protocols - LDAPv2.

  31. RFC 3039, Interne t X.509 Public Key Infrastructure Qualified Certificates Profile

  32. RFC 3029, Internet X.509 Public Key Infrastructure Data Validation and Certification Server Protocols

  33. RFC 3024, Reverse Tunneling for Mobile IP, revised

  34. RFC 3012, Mobile IPv4 Challenge/Response Extensions

  35. RFC 3163, ISO/IEC 9798-3 Authentication SASL Mechanism

  36. RFC 2759, Microsoft PPP CHAP Extensions, Version 2. G. Zorn. January 2000.

  37. RFC 2712, Addition of Kerberos Cipher Suites to Transport Layer Security (TLS). A. Medvinsky, M. Hur. October 1999.

  38. RFC 2692, SPKI Requirements. C. Ellison. September 1999.

  39. RFC 2693, SPKI Certificate Theory. C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, T. Ylonen. September 1999.

  40. RFC 2660, The Secure HyperText Transfer Protocol. E. Rescorla, A. Schiffman. August 1999.

  41. RFC 2632, S/MIME Version 3 Certificate Handling. B. Ramsdell, Ed.. June 1999.

  42. RFC 2633, S/MIME Version 3 Message Specification. B. Ramsdell, Ed.. June 1999.

  43. RFC 2634, Enhanced Security Services for S/MIME. P. Hoffman, Ed.. June 1999.

  44. RFC 2585, Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP. R. Housley, P. Hoffman. May 1999.

  45. RFC 2560, X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin, C. Adams. June 1999.

  46. RFC 2511, Internet X.509 Certificate Request Message Format, March 1999.

  47. RFC 2510, Internet X.509 Public Key Infrastructure Certificate Management Protocols, March 1999.

  48. RFC 2460, Internet Protocol, Version 6 (IPv6) Specification. S. Deering, R. Hinden. December 1998.

  49. RFC 2459, Internet X.509 Public Key Infrastructure Certificate and CRL Profile. R. Housley, W. Ford, W. Polk, D. Solo. January 1999.

  50. RFC 2409, The Internet Key Exchange (IKE). D. Harkins, D. Carrel. November 1998.

  51. RFC 2408, Internet Security Association and Key Management Protocol (ISAKMP). D. Maughan, M. Schertler, M. Schneider, J. Turner. November 1998.

  52. RFC 2407, The Internet IP Security Domain of Interpretation for ISAKMP. D. Piper. November 1998.

  53. RFC 2246, The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999.

  54. RFC 1994, PPP Challenge Handshake Authentication Protocol (CHAP). W. Simpson. August 1996.

  55. RFC 1898, CyberCash Credit Card Protocol Version 0.8. D. Eastlake 3rd, B. Boesch, S. Crocker & M. Yesil. February 1996.

  56. RFC 1510,  PS   J. Kohl, B. Neuman, "The Kerberos Network Authentication Service (V5)", 09/10/1993.

教科書目錄:

(一)、基礎理論篇
第1章:網路安全概論
第2章:私密金鑰密碼系統
第3章:公開金鑰密碼系統
第4章:單向雜湊函數
第5章:數位簽章
第6章:橢圓曲線密碼系統
第7章:金鑰管理
第8章:密碼學模組技術
第9章:IC卡
(二)、 網路工具篇
第10章:Wireshark封包分析軟體
第11章:Nmap
第12章:Nessus
第13章:Snort
第14章:AIDE與wxChecksums
第15章:PGP/GnuPG
第16章:開放原始碼的網路安全軟體