Syllabus CST 393 Cryptographic Algorithms

Syllabus

Module-1 (Introduction to the Concepts of Security)

Need for security, Security approaches, Principles of security, Types of attacks, OSI Security Architecture, Classical encryption techniques - Substitution techniques, Transposition techniques. Stream cipher, Block cipher, Public key cryptosystems vs. Symmetric key cryptosystems, Encrypting communication channels.

Module-2 (Symmetric Key Cryptosystems)

Overview of symmetric key cryptography, Block cipher principles, Data Encryption Standard (DES), Differential and Linear cryptanalysis, Double DES, Triple DES, International Data Encryption Algorithm (IDEA), Advanced Encryption Algorithm (AES),Block cipher modes of operation, Stream cipher, RC4.

Module-3 (Public Key Cryptosystems)

Principles of public key cryptosystems, RSA algorithm, RSA illustration, Attacks, ElGamal cryptographic system, Knapsack algorithm, Diffie-Hellman key exchange algorithm, Elliptic curve cryptosystems.

Module-4 (Key Management)

Symmetric key distribution using symmetric encryption, Symmetric key distribution using asymmetric encryption, Distribution of public keys, Generating keys, transferring keys, Verifying keys, Updating keys, Storing keys, Backup keys, Compromised keys, Public key infrastructure.

Module – 5 (Authentication)

Authentication requirements, Authentication functions, Message authentication codes (MAC), Hash functions, Security of Hash functions and MAC, Message Digest 5 (MD5), Secure Hash Algorithm (SHA)-512, Hash-based Message Authentication Code (HMAC), Cipher-based Message Authentication Code (CMAC), X.509 Authentication services.

Text Books

1. William Stallings, Cryptography and Network Security Principles and Practice, Pearson Edu, 6e.

2. Bruice Schneier, Applied Cryptography Protocols, Algorithms and source code in C, Wiley,2e.

References

1. Behrouz A. Forouzan, Cryptography and Network Security, McGraw Hill, 2e.

2. Johannes A. Buchmann, Introduction to Cryptography, Springer, 2e.

3. DouglasR. Stinson, Cryptography Theory and Practice, 3e,Chapman & Hall/CRC,2006.

4. Bernard Menezes, Network Security and Cryptography, Cengage Learning, 2011.

Sample Course Level Assessment Questions

Course Outcome 1 (CO1):

1. Consider an automated teller machine (ATM) in which users provide a personal identification number (PIN) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each case, indicate the degree of importance of the requirement.

2. Discuss the different security services provided for preventing security attacks.

Course Outcome 2 (CO2):

1. The encryption key in a transposition cipher is (3,2,6,1,5,4). Find the decryption key

2.Discuss the process of encryption in Vernam cipher

Course Outcome 3 (CO3):

1. Devise a meet-in-the-middle attack for a triple DES.

2. Write an algorithm for the InvSubBytes transformation and implement using python

(Assignment)

3. Consider the following elliptic curve signature scheme. We have a global elliptic curve, prime p, and “generator” G. Alice picks a private signing key XA and forms the public verifying YA = XAG. To sign a message M:

• Alice picks a value k

• Alice sends Bob M, k and the signature S = M - kXAG.

• Bob verifies that M=S+kYA.

Show that the verification process produces an equality if the signature is valid.

4. Write an algorithm to add two points on an elliptic curve over GF(p) and implement using Python. (Assignment)

5. Write an algorithm for encryption using knapsack cryptosystem and implement using Java.

(Assignment)

Course Outcome 4 (CO4):

1. List four general categories of schemes for the distribution of public keys.

2. What are the essential ingredients of a public-key directory?

Course Outcome 5 (CO5):

1. State the value of the length field in SHA-512 if the length of the message is 1919 bits and 1920 bits.

2. Write an algorithm in pseudo code for HMAC and implement using Python (Assignment)