8CS2 INFORMATION SYSTEM SECURITY (Common to Comp. Engg. & Info. Tech)

  Units    Contents of the subjects
I
Elements of Number Theory: Divisibility and Euclid Algorithm, Primes and the Sieve of Eratosthenes, testing for primes, Prime Number Theorem, Euler’s, Fermat’s Little theorems, Congruences, Computing Inverse in Congruences, Legendre and Jacobi Symbols, Chinese Remainder Theorem, Algebraic Structures in Computing (Definitions, properties and Elementary Operations Only): Groups, subgroup, order of group, cyclic group, ring, field, division algorithm, polynomial over a field. Galois Field Elements of Information Theory: Entropy, redundancy of language, Key Equivocation & Unicity Distance, equivocation of a simple cryptographic system
II
Security Attacks: Active V/S Passive, Security Services, Security Mechanisms. Symmetric Cipher Model, Types of attacks on Encrypted messages. Classical Cipher Techniques: Caeser, Affine, Mono-alphabetic, Transposition, Polyalphabetic Ciphers Private Key Cryptosystems: Block Cipher Principles, Fiestel Cipher, Concept of ‘Confusion’ and “Diffusion’ in block ciphers, Product Ciphers, Lucifer Algorithm. DES Algorithm, DES modes of operations, IDEA.
Differential & Linear Cryptanalysis (Introduction Only). S-box theory: Boolean Function, S-box design criteria, Bent functions, Propagation and nonlinearity, construction of balanced functions, S-box design. Link Vis End-to-End Encryption, Key Distribution in Symmetric Encryption
III
Public Key Cryptosystems: Principles of Public Key Cryptosystems, Factorization, RSA Algorithm, security analysis of RSA, Exponentiation in Modular Arithmetic. Key Management in Public Key Cryptosystems: Distribution of Public Keys, Distribution of Secret keys using Public Key Cryptosystems. Discrete Logarithms, Diffie-Hellman Key Exchange
IV
Message Authentication & Hashing: Birthday Paradox and General case of Duplications, Basic functions of Message Authentication and Hashing, Introduction to Hash & MAC algorithms.
Digital Signatures: RSA Based, ElGamal Signatures, Undeniable Signatures. Authentication: Model of Authentication Systems, Impersonation, Substitution and spoofing games, Authentication schemes for mutual authentication based on shared secret, two-way public key, one-way public key, Mediated Authentication, One way Authentication..
V
X.509 Authentication Service: Certificates, Authentication Procedure, X.509 Version 3. E-Mail Security: PGP including management of keys in PGP, S/MIME. Network Security: IPSec, AH & ESP in Transport and Tunnel mode with multiple security associations (Key Management not Included). SSL (Protocols Only) Intrusion Detection: Audit Reports, Statistical Anomaly Detection, Rule based detection, honeypots, intrusion detection exchange formats. Password Protection: Lamport Hash, EKE Protocol.

 

Text/References:
1. Stalling Williams: Cryptography and Network Security: Principles and Practices, 4th Edition, Pearson Education, 2006.
2. Kaufman Charlie et.al; Network Security: Private Communication in a Public World, 2nd Ed., PHI/Pearson.
3. Pieprzyk Josef and et.al; Fundamentals of Computer Security, Springer-Verlag, 2008.
4. Trappe & Washington, Introduction to Cryptography, 2nd Ed. Pearson.