Cryptography and Computer Security (CCS)

Spring 2024

Course description:
This subject provides an explanation of basic contents of IT security. It focuses on the symetric and public-key cryptography, cryptographic hash functions, authentication protocols, digital signatures and certificates. Course contains a survey of standards and covers legislative aspects of IT security. Course goal is introduction to algorithms and fundamentals of security protocols and technics. The main goal of this subject is introduction to cryptography.

Grading (Attendance at lectures and seminars is compulsory, as well as preparation for the seminars):

Attendance at seminars - minimum 9 , maximum 12 points

Three tasks, each for a minimum of 5, maximum of 11 points, obligation to meet the deadline

Written exam: min 20 - max 55 points

Lecture notes:

Lecture 21.2.2024, Seminar 21.2.2024

Lecture 28.2.2024, Seminar 28.2.2024

Lecture 6.3.2024, Seminar 6.3.2024

Lecture 13.3.2024, Seminar 13.3.2024

Downloads:

Stallings, W.: Cryptography and Network Security, Prentice Hall Stallings, cryptography-and-network-security_-principles-and-practice-7th-global-edition.pdf

CrypTool 1.4.30

References:

Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone: Handbook of Applied Cryptography, CRC Press, ISBN: 0-8493-8523-7, October 1996, 816 pages, https://cacr.uwaterloo.ca/hac/

Schneier B.: Applied cryptography, John Wiley & Sons, New York, 1995 Security_in_Computing_4th_Edition_Oct_2006.zip

Journey into cryptography

Pfleeger Ch.P.: Security Computing, Prentice Hall, 1997

Gollmann D.: Computer Security , Wiley 2000

Garfinkel S., Spafford G.:Bezpečnost v UNIXu a Internetu v praxi , Computer Press 1998

Rivest R.L.: Cryptography and Security, http://theory.lcs.mit.edu/~rivest/
Ritter T.: Ciphers By Ritter: Cryptography and Technology, http://www.ciphersbyritter.com/

Savard J.: A Cryptograhpic Compendium, http://www.quadibloc.com/crypto/intro.htm

NIST - Computer Security Division , http://csrc.nist.gov/

Course Outline:

Introduction to information and data security. Basic concepts: attacks, risks, security functions and mechanisms, vulnerabilities.

Introduction to number theory.

Cryptography: basic concepts, cryptanalytic attacks.

Cryptography: classical techniques and its cryptanalysis.

Cryptography: symetric algorithms, basic concepts and principles, block cipher modes of operation, DES, AES.

Cryptography: aymetric algorithms (public-key cryptography), basic concepts and principles. RSA, ELGamal.

Key management. Key exchange, Diffie-Hellman.

Authentication, authentication protocols, biometry.

Hash function, MAC.

Digital signature, DSS. Certificates, certificate authority.

Eliptic curve cryptography.

Firewalls, electronic mail security (PEM, PGP, S/MIME), SSL.

Standards (ITSEC, ITSEM, Common Criteria, ISO 9000,...) and legislative aspects of IT security.