COURSE OBJECTIVES:
Learn to analyze the security of in-built cryptosystems.
Know the fundamental mathematical concepts related to security.
Develop cryptographic algorithms for information security.
Comprehend the various types of data integrity and authentication schemes
Understand cyber crimes and cyber security.
OVERVIEW OF THE COURSE
The content below outlines a detailed syllabus on Cryptography and Cyber Security, structured into five units. Here’s a brief overview of each unit to help you understand the key topics and concepts covered:
Computer Security Concepts: Covers the fundamental ideas in computer security, including confidentiality, integrity, availability, and non-repudiation.
OSI Security Architecture: Focuses on the OSI model's security aspects, including various layers where security measures can be applied.
Security Attacks: Types of security breaches, such as active vs. passive attacks, insider vs. outsider threats, etc.
Security Services and Mechanisms: Discusses the mechanisms to enforce security services like authentication, encryption, and access control.
Model for Network Security: Introduces models to understand and design secure networks.
Classical Encryption Techniques:
Substitution Techniques: Methods like Caesar cipher, monoalphabetic, and polyalphabetic substitution.
Transposition Techniques: Techniques that rearrange the order of characters (e.g., rail fence cipher).
Steganography: Hiding information within other non-secret data.
Foundations of Modern Cryptography:
Perfect Security: Theoretical concept where the cryptographic system is unbreakable.
Information Theory: Mathematical study of data transmission and compression.
Product Cryptosystem: Combines multiple encryption methods.
Cryptanalysis: Study of breaking cryptographic systems.
Number Theory and Algebraic Structures: Fundamental mathematical concepts used in cryptography, including modular arithmetic, Euclid’s algorithm, and algebraic structures like groups, rings, and fields.
Symmetric Key Ciphers:
SDES: A simplified version of the Data Encryption Standard (DES).
Block Ciphers: DES, and its variants, which encrypt data in fixed-size blocks.
Strength of DES: Analysis of DES's vulnerabilities.
Differential and Linear Cryptanalysis: Methods to break block ciphers.
Block Cipher Design Principles: Guidelines for creating secure block ciphers.
Block Cipher Modes of Operation: Different ways to apply block ciphers (e.g., CBC, ECB).
AES Evaluation Criteria: Standards for evaluating the Advanced Encryption Standard.
Pseudorandom Number Generators: Algorithms to generate sequences that appear random.
RC4: A stream cipher widely used in wireless security.
Key Distribution: Techniques to distribute cryptographic keys securely.
Mathematics of Asymmetric Key Cryptography:
Primes and Primality Testing: Finding and verifying prime numbers.
Factorization: Breaking down numbers into their prime factors.
Euler’s Totient Function: Key to RSA cryptosystem.
Fermat’s and Euler’s Theorem: Fundamental theorems in number theory.
Chinese Remainder Theorem: Solving systems of congruences.
Exponentiation and Logarithm: Critical operations in cryptography.
Asymmetric Key Ciphers:
RSA Cryptosystem: A widely used public-key encryption system.
Key Distribution and Management: Managing cryptographic keys in asymmetric systems.
Diffie-Hellman Key Exchange: A method for secure key exchange.
Elliptic Curve Cryptography (ECC): Advanced cryptographic technique based on elliptic curves.
Authentication and Integrity:
MAC (Message Authentication Code): Ensures message integrity and authenticity.
Hash Functions: Used to produce a fixed-size hash from input data.
Security of Hash Functions: Techniques like HMAC and CMAC to enhance hash security.
SHA: Secure Hash Algorithm, a family of cryptographic hash functions.
Digital Signature and Authentication Protocols: Methods to verify the sender’s identity and message integrity.
DSS and Schnorr Digital Signature Scheme: Specific digital signature algorithms.
ElGamal Cryptosystem: An asymmetric key encryption algorithm.
Entity Authentication: Methods to verify the identity of an entity (e.g., biometrics, passwords).
Authentication Applications: Practical applications like Kerberos for secure authentication.
Mutual Trust:
Key Management and Distribution: Managing keys in both symmetric and asymmetric systems.
Distribution of Public Keys: Methods like X.509 certificates to distribute public keys securely.
Cyber Crime and Information Security:
Classification of Cyber Crimes: Types of cyber crimes like hacking, phishing, etc.
Tools and Methods: Techniques used in cybercrimes (e.g., password cracking, keyloggers, spyware).
SQL Injection: A common attack vector in web applications.
Network and Cloud Security:
Network Access Control: Methods to control access to a network.
Cloud Security: Protecting data in cloud computing environments.
Web and Wireless Security: Ensuring the security of web applications and wireless networks.
This syllabus provides a comprehensive foundation in computer security and cryptography, from basic concepts to advanced cryptographic techniques and practical security applications.
COURSE OUTCOMES:
CO1: Understand the fundamentals of networks security, security architecture, threats and vulnerabilities
CO2: Apply the different cryptographic operations of symmetric cryptographic algorithms
CO3: Apply the different cryptographic operations of public key cryptography
CO4: Apply the various Authentication schemes to simulate different applications. CO5: Understand various cyber crimes and cyber security.
TEXT BOOKS
1. William Stallings, "Cryptography and Network Security - Principles and Practice", Seventh Edition, Pearson Education, 2017.
2. Nina Godbole, Sunit Belapure, “Cyber Security: Understanding Cyber crimes, Computer Forensics and Legal Perspectives”, First Edition, Wiley India, 2011.
REFERENCES
1. Behrouz A. Ferouzan, Debdeep Mukhopadhyay, "Cryptography and Network Security", 3rd Edition, Tata Mc Graw Hill, 2015.
2. Charles Pfleeger, Shari Pfleeger, Jonathan Margulies, "Security in Computing", Fifth Edition, Prentice Hall, New Delhi, 2015.