Computer Science and Engineering

Central Institute of Technology Kokrajhar

Lecture Notes: Cryptography & Network Security (DCSE504)

Credits: 6

L-T-P: 3-0-0

Module 1: Introduction to Cryptography & Network Security (4 Hours)

1.1 The Need for Security

  • Importance of protecting information in the digital age
  • Threats from unauthorized access, modification, and interception
  • Real-world examples of security breaches

1.2 Principles of Security (CIA triad)

  • Confidentiality: Ensuring only authorized users can access information.
  • Integrity: Guaranteeing data remains unaltered during transmission or storage.
  • Authentication: Verifying the identity of a user or system.
  • Non-repudiation: Preventing someone from denying an action they performed.
  • Access Control: Regulating access to specific resources based on permissions.
  • Availability: Ensuring authorized users can access information and systems when needed.

1.3 Types of Attacks (4 hours)

  • Passive Attacks: Eavesdropping (snooping), traffic analysis
  • Active Attacks: Tampering with data, masquerading as another user, denial-of-service attacks
  • Malicious Software: Viruses, worms, Trojan horses
  • Social Engineering: Techniques to trick users into revealing information or taking actions.
  • Specific Attacks:
  • Spoofing: Forging source address to impersonate another user/system.
  • Phishing: Deceptive emails or websites tricking users into revealing personal information.
  • Pharming: Redirecting users to malicious websites by manipulating DNS records.

Module 2: Concept and Techniques of Cryptography (8 Hours)

2.1 Plain Text and Cipher Text

  • Plain text: Original, unencrypted message.
  • Cipher text: Encrypted message, unreadable without a decryption key.

2.2 Substitution Techniques (4 hours)

  • Replacing characters in the plain text with different characters or symbols.
  • Examples: Caesar Cipher, Monoalphabetic substitution, Polyalphabetic substitution (Vigenere Cipher,Playfair Cipher, Hill Cipher).

2.3 Transposition Techniques (2 hours)

  • Rearranging the order of characters in the plain text.
  • Examples: Rail Fence Technique, Simple Columnar Transposition.

2.4 Encryption and Decryption

  • Processes of transforming plain text to cipher text and vice versa.

2.5 Symmetric and Asymmetric Key Cryptography

  • Symmetric Key: Same key used for encryption and decryption (shared secret).
  • Asymmetric Key: Public and private key pair used for encryption and decryption (public key for encryption,private key for decryption).

2.6 Steganography

  • Hiding the existence of a message within another medium (image, audio).

Module 3: Symmetric Key Algorithms (10 Hours)

3.1 Algorithm Types and Modes of Operation (ECB, CBC, CFB, OFB, CTR)

  • Different encryption algorithms used for symmetric key cryptography.
  • Modes of operation determine how blocks of data are processed during encryption/decryption.

3.2 Overview of Symmetric Key Cryptography

  • Advantages and limitations of symmetric key algorithms.

3.3 Data Encryption Standard (DES)

  • A widely used, now outdated, symmetric key algorithm.
  • Understanding the DES algorithm structure and limitations.

3.4 Advanced Encryption Standard (AES)

  • The current standard for symmetric key encryption, considered more secure than DES.
  • Exploring the key features and strengths of AES.

Module 4: Asymmetric Key Algorithms (10 Hours)

4.1 Overview of Asymmetric Key Cryptography

  • Advantages and disadvantages compared to symmetric key algorithms.
  • Applications for public key cryptography (secure communication, digital signatures).

4.2 The RSA Algorithm (Rivest–Shamir–Adleman)

  • A widely used public key cryptography algorithm.
  • Understanding the key generation process and mathematical foundation of RSA.
  • Exploring practical applications of RSA (digital signatures, key exchange).

4.3 Symmetric and Asymmetric Key Cryptography Together

  • Hybrid cryptosystems utilizing both symmetric and asymmetric keys for efficiency and security.
  • Common use cases for hybrid systems.

4.4 Digital Signature, Message Digest (Hashing), MD5, Secure Hash Algorithm (SHA), Hash-based Message Authentication Code (HMAC)

  • Digital signatures for message authentication and non-repudiation.
  • Message digest algorithms (MD5, SHA) for data integrity verification.
  • HMAC combining message digest with a secret key for message authentication.

Module 5: Authentication (5 Hours)

5.1 Authentication Basics

  • Importance of user and system authentication for secure access.
  • Different authentication factors (something you know, something you have, something you are).

5.2 Password-Based Authentication

  • Common method for user authentication, with inherent vulnerabilities (weak passwords, password cracking).
  • Techniques for strengthening password security (password complexity requirements, password hashing).

5.3 Public Key Infrastructures (PKI)

  • A framework for managing digital certificates and public keys for secure communication.
  • Components of PKI (Certificate Authorities, Registration Authorities, digital certificates).

5.4 Certification Authorities (CAs) and Key Distribution Centers (KDCs)

  • Roles of CAs in issuing and managing digital certificates.
  • KDCs and their role in securely distributing keys in Kerberos authentication.

5.5 Kerberos

  • A network authentication protocol using a central KDC for secure user authentication.
  • Understanding the Kerberos authentication process and its benefits.

Module 6: Firewall (5 Hours)

6.1 Firewall Characteristics

  • Definition of a firewall and its role in network security.
  • Types of firewalls (packet filtering, stateful inspection, application-level).

6.2 Firewall Capabilities and Limitations

  • Functionality of firewalls in filtering traffic and controlling access.
  • Recognizing limitations of firewalls (not a complete security solution, can be bypassed by sophisticated attacks).

6.3 Firewall Configuration

  • Basic principles of firewall configuration for different network environments.
  • Importance of proper firewall configuration for effective security.

6.4 Trusted Systems and Virtual Private Networks (VPNs)

  • Trusted systems with enhanced security measures to resist attacks.
  • VPNs for creating secure encrypted tunnels over public networks.
Lecture NumberTopicTotal Lecture HoursRemarks
Module 1: Introduction to Cryptography & Network Security4
11.1 The Need for Security1
21.2 Principles of Security (CIA triad)1.5
3-41.3 Types of Attacks1.5
Module 2: Concept and Techniques of Cryptography8
52.1 Plain Text and Cipher Text0.5
5-62.2 Substitution Techniques2.5
72.3 Transposition Techniques1
8-102.4 Encryption and Decryption, Symmetric and Asymmetric Key, Steganography4
Module 3: Symmetric Key Algorithms10
11-123.1 Algorithm Types and Modes of Operation (ECB, CBC, CFB, OFB, CTR)2
133.2 Overview of Symmetric Key Cryptography1.5
14-153.3 Data Encryption Standard (DES)3.5
16-193.4 Advanced Encryption Standard (AES)3
Module 4: Asymmetric Key Algorithms10
19Overview of Asymmetric Key Cryptography1
20-21The RSA Algorithm (Rivest–Shamir–Adleman)3
22-23Symmetric and Asymmetric Key Cryptography Together3
24-25Digital Signature, Message Digest (Hashing), MD5, Secure Hash Algorithm (SHA), Hash-based Message Authentication Code (HMAC)3
Module 5: Authentication5
26Authentication Basics1
27Password-Based Authentication1
28-30Public Key Infrastructures (PKI)2
31-33Certification Authorities (CAs) and Key Distribution Centers (KDCs)1
34-35Kerberos1
Module 6: Firewall5
36Firewall Characteristics1
37Firewall Capabilities and Limitations1
38Firewall Configuration1
39-40Trusted Systems and Virtual Private Networks (VPNs)2