460-4046/02 – Cryptography and Computer Security (KPB)
| Gurantor department | Department of Computer Science | Credits | 4 |
| Subject guarantor | RNDr. Eliška Ochodková, Ph.D. | Subject version guarantor | RNDr. Eliška Ochodková, Ph.D. |
| Study level | undergraduate or graduate | Requirement | Optional |
| Year | 2 | Semester | summer |
| | Study language | Czech |
| Year of introduction | 2015/2016 | Year of cancellation | |
| Intended for the faculties | FEI | Intended for study types | Follow-up Master |
Subject aims expressed by acquired skills and competences
After graduation student will be able to:
1. Classify various kinds of attacks.
2. Classify particular security goals and security mechanisms dedicated to gain them.
3. Categorize cryptographic mechanisms.
4. Formulate mathematical background of cryptographic algorithms.
5. Design security mechanisms.
6. Demonstrate practical usage of cryptographic mechanisms and applied them.
7. Cooperate on project.
Teaching methods
Lectures
Tutorials
Summary
This subject provides an explanation of basic contents of IT security. It focuses on the symetric and public-key cryptography, cryptographic hash functions, authentication protocols, digital signatures and certificates. Course contains a survey of standards and covers legislative aspects of IT security.
Compulsory literature:
Stallings, W.: Cryptography and Network Security, Prentice Hall, 1999 and later
Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone: Handbook of Applied Cryptography, CRC
Press, ISBN: 0-8493-8523-7, October 1996, 816 pages,
http://www.cacr.math.uwaterloo.ca/hac/
Schneier B.: Applied cryptography, John Wiley & Sons, New York, 1995 (2nd edition)
Pfleeger Ch.P.: Security in Computing, Prentice Hall, 1997 and later
Gollmann D.: Computer Security , Wiley 2000
Grošek O., Porubský Š.: Šifrovanie, algoritmy, metódy, prax, GRADA 1992
Garfinkel S., Spafford G.:Bezpečnost v UNIXu a Internetu v praxi , Computer Press 1998
Recommended literature:
Nechvátal J.: Public-Key Cryptography, NIST Special Publication 800-2, http://csrc.nist.gov/publications/nistpubs/800-2/800-2.txt
Rivest R.L.: Cryptography and Security, http://theory.lcs.mit.edu/~rivest/
Ritter T.: Ciphers By Ritter: Cryptography and Technology, http://www.ciphersbyritter.com/
Savard J.: A Cryptograhpic Compendium, http://www.quadibloc.com/crypto/intro.htm
NIST - Computer Security Division, http://csrc.nist.gov/
Way of continuous check of knowledge in the course of semester
Conditions for credit:
- Encompassing chosen project: problem understanding, algorithm selection, implementation, functionality of application, experiments and their results, project presentation. It is necessary to obtain at least (>=) 25 points from 45 possible.
Written exam (at least (>=) 20 points from 45 possible.
E-learning
Other requirements
Additional requirements are not placed on the student.
Prerequisities
Subject has no prerequisities.
Co-requisities
Subject has no co-requisities.
Subject syllabus:
Lectures:
Introduction to information and data security. Basic concepts: attacks, risks, security functions and mechanisms, vulnerabilities.
Introduction to number theory.
Cryptography: basic concepts, cryptanalytic attacks.
Cryptography: classical techniques and its cryptanalysis.
Cryptography: symetric algorithms, basic concepts and principles, block cipher modes of operation, DES, AES.
Cryptography: aymetric algorithms (public-key cryptography), basic concepts and principles. RSA,
ELGamal.
Key management. Key exchange, Diffie-Hellman.
Authentication, authentication protocols, biometry.
Hash function, MAC.
Digital signature, DSS. Certificates, certificate authority.
Eliptic curve cryptography.
Firewalls, electronic mail security (PEM,
PGP, S/MIME), SSL.
Standards (ITSEC, ITSEM, Common Criteria,
ISO 9000,...) and legislative aspects of IT security.
Conditions for subject completion
Occurrence in study plans
Occurrence in special blocks