6CCS3CIS Cryptography and Information Security
Lecturer: Professor Luca Vigano (office hours)
Learning aims & outcomes
Teaching pattern: weekly 3-hour lecture (of which 1 hour may be a tutorial)
Prerequisites: this module contains several advanced mathematical techniques. For students who have a reasonable mathematical background, it should not be a problem. Explanations are given during the lectures/tutorials and examples are studied in detail. Nevertheless, an in-depth understanding of these techniques is required for the examination and personal work has to be anticipated.
Assessment: 100% written examination, 2 hours (Marking Model 2 - Double Marking)
To introduce both theoretical and practical aspects of cryptography, authentication and information security.
On successful completion of this module you should be able to understand the relevant mathematical techniques associated with cryptography; understand the principles of cryptographic techniques and perform implementations of selected algorithms in this area; appreciate the application of security techniques in solving real-life security problems in practical systems.
Basic terminology and concepts:
- Goals of cryptography, terminology and notation, players; Basic cryptographic functions
Number theory preliminaries:
- Congruent modulo n, equivalent class modulo n; Integer modulo n (Zn)
- Multiplicative inverse
- Relatively prime
- Euler’s theorem
- Fermat’s little theorem
- EEA (Extended Euclidean Algorithm)
- CRT (Chinese Remainder Theorem)
- Block ciphers (substitution, transposition, product)
- Stream ciphers
- Modes of operation (ECB, CBC, CFB, OFB)
- Block cipher: DES (Data Encryption Standard), AES (Advanced Encryption Standard)
- Public-key: RSA (Rivest-Shamir-Adelman), El gamal
- One-way hash function: SHA and MD5 (Message Digest 5)
- Symmetric and asymmetric techniques (Diffie-Hellman, Needham-Schroeder, Otway-Rees)
- Public-key encryption, basic and advanced Kerberos protocols
Authentication and identification:
- Fiat-Shamir and Feige-Fiat-Shamir protocols
- Zero-knowledge identification protocol
- Digital signature schemes: RSA; El-Gamal; DSA (Digital Signature Algorithm) and DSS (Digital Signature Standard)
- Password systems: number of acceptable passwords for a given password policy, exhaustive search, password ageing.
- Introduction to viruses, secure communication, social engineering (phishing), firewalls, buffer overflow, denial of services.
07 September 2017