CZ
Cryptography and Computer Security (CCS)
Spring 2024
Course description:
This subject provides an explanation of basic contents of IT security. It focuses on the symetric and public-key cryptography, cryptographic hash functions, authentication protocols, digital signatures and certificates. Course contains a survey of standards and covers legislative aspects of IT security. Course goal is introduction to algorithms and fundamentals of security protocols and technics. The main goal of this subject is introduction to cryptography.
Grading (Attendance at lectures and seminars is compulsory, as well as preparation for the seminars):
- Attendance at seminars - minimum 9 , maximum 12 points
- Three tasks, each for a minimum of 5, maximum of 11 points, obligation to meet the deadline
- Written exam: min 20 - max 55 points
Lecture notes:
Downloads:
References:
Pfleeger Ch.P.: Security Computing, Prentice Hall, 1997
Gollmann D.: Computer Security , Wiley 2000
Garfinkel S., Spafford G.:Bezpečnost v UNIXu a Internetu v praxi , Computer Press 1998
Rivest R.L.: Cryptography and Security,
http://theory.lcs.mit.edu/~rivest/
Ritter T.: Ciphers By Ritter: Cryptography and Technology,
http://www.ciphersbyritter.com/
Savard J.: A Cryptograhpic Compendium,
http://www.quadibloc.com/crypto/intro.htm
NIST -
Computer Security Division
,
http://csrc.nist.gov/
Course Outline:
-
Introduction to information and data security. Basic concepts: attacks, risks, security functions and mechanisms, vulnerabilities.
-
Introduction to number theory.
-
Cryptography: basic concepts, cryptanalytic attacks.
-
Cryptography: classical techniques and its cryptanalysis.
-
Cryptography: symetric algorithms, basic concepts and principles, block cipher modes of operation, DES, AES.
-
Cryptography: aymetric algorithms (public-key cryptography), basic concepts and principles. RSA, ELGamal.
-
Key management. Key exchange, Diffie-Hellman.
-
Authentication, authentication protocols, biometry.
-
Hash function, MAC.
-
Digital signature, DSS. Certificates, certificate authority.
-
Eliptic curve cryptography.
-
Firewalls, electronic mail security (PEM, PGP, S/MIME), SSL.
-
Standards (ITSEC, ITSEM, Common Criteria, ISO 9000,...) and legislative aspects of IT security.