B.C.A 2017-18

PES DEGREE COLLEGE BANGALORE SOUTH CAMPUS Affiliated to Bangalore University

CRYPTOGRAPHY AND NETWORK SECURITY

MODULE SPECIFICATION SHEET

Course Outline Security is ubiquitous. With the advent of e-commerce and electronic transactions, the need for development of secured systems has grown tremendously. Cryptography is the study of building ciphers to ensure the confidentiality and integrity of information. Along with it is the activity of analyzing the strength of a cipher by subjecting it to several forms of attack. This field of cryptology, known as cryptanalysis, ensures that the ciphers are strong enough to defend against all known forms of attack. To be secured information needs to be hidden from unauthorized access, protected from unauthorized change and available to an authorized entity when it is needed. During the last two decades, computer networks created a revolution in the use of information. Information is now distributed. Not only should information be confidential when it is stored in a computer, there should be a way to maintain confidentiality when it is transmitted from one computer to another. Here comes the importance of network security. This part of the subject, in turn, deals with issues of design and usage of protocols for security which, in turn, uses the cryptographic algorithms developed by the cryptographers. As a matter of fact, for an end to end security one has to take care of the network, the operating system and even the policies used for security.

Faculty Details ASHA JOSEPH

ASSISSTANT PROFESSOR Department of BCA

Ashk47@yahoo.com

PH

OTO

Page 2 of 19

1. GENERAL INFORMATION Academic Year : 2017-2018 Semester : VI BCA

Title Code Duration

Cryptography and Network Security BCA603T

Lectures 60

Seminars 0

Total: 60

Credits 03

2. PRE REQUIREMENT STATEMENT Students taking this unit must be exposed to computer networks, basic concepts of network security and specific areas of mathematics including number theory, linear algebra and algebraic structures.

3. COURSE RELEVANCE Network security is one of the most active and important research and application areas in computer science. It is an essential that the students understand network security issues and have a solid foundation in designing and developing secure network systems and application. This course will provide students with a practical and theoretical knowledge of cryptography and network security.

4. LEARNING OBJECTIVES After studying this course, you should be able to:

• Understand cryptography and network security concepts and applications.

• Identify some of the factors driving the need for network security.

• Identify and classify particular examples of attacks.

• Differentiate between the important standards used in block encipherment.

• Understand physical points of vulnerability in simple networks.

• Compare and contrast symmetric and asymmetric encryption systems and their

vulnerability to attack, and explain the characteristics of hybrid systems.

5. VENUE AND HOURS/WEEK All lectures will normally be held on VII / VIII Floor. Lecture Sessions / Week : 6

Page 3 of 19

6. MODULE MAP Class

# Topic Details % of

portions Cumulative

% of Portions Covered

UNIT – I

Learning outcome 1: Define the three types of security goals and explain attacks that threaten confidentiality, integrity and availability. Learning outcome 2: Differentiate the different categories of cryptographic attacks. Learning outcome 3: Outline the different techniques needed for implementing security goals.

1

Security Goals Topic Outline: Objectives, Cryptanalytic attacks Reading Material : TextBook 1, Chapter No 1, Page Nos 1-2

18.3

18.3

2

Security Topic Outline: Security types Reading Material : TextBook 1, Chapter No 1, Page Nos 2-4

3

Cryptographic Attacks Topic Outline: Passive, Active attacks,Differentiation Reading Material : TextBook 1, Chapter No 1, Page Nos 2-4

4

Security Services Topic Outline: Types, Relation between services and mechanisms Reading Material : TextBook 1, Chapter No 1, Page Nos 5

5

Security Mechanism Topic Outline: Techniques for security goals implementation, Steganography Reading Material : TextBook 1, Chapter No 1, Page Nos 6- 9

6

Integer Arithmetic Topic Outline: Binary operation, Integer division Reading Material : TextBook 1, Chapter No 2, Page Nos 16-17

7

Euclidean Algorithm (EA) – Extended EA Topic Outline:Divisibility Reading Material : TextBook 1, Chapter No 2, Page Nos 18-22

8

Modular Arithmetic Topic Outline: Modulo operator,Set of residues Reading Material : TextBook 1, Chapter No 2, Page Nos 22-23

Page 4 of 19

9

Congruence Topic Outline:Residue classes, Operations in Zn Reading Material : TextBook 1, Chapter No 2, Page Nos24-27

10

Matrices Topic Outline: Definition, Operations and relations Reading Material : TextBook 1, Chapter No 2, Page Nos32-34

11

Linear Congruence Topic Outline:Single variable linear equation Reading Material : Text Book 1, Chapter No 2, Page Nos 35-37

UNIT – II

Learning outcome 1: Review integer arithmetic, finding the greatest common divisor using Euclidean algorithm Learning outcome 2: Define matrix and emphasis on the relevance of matrix operations on residue matrices in cryptography Learning outcome 3: Explain the security developed for DES

12

Sustitution Ciphers Topic Outline: Monoalphabetic, Additive Reading Material : Text Book 1, Chapter No 3, Page Nos 43-46

23.3

41.6

13

Shift ciphers Topic Outline: Caesar, Multiplicative Reading Material : Text Book 1, Chapter No 3, Page Nos 47-55

14

Stream and Block Ciphers Topic Outline: Transposition ciphers Reading Material : Text Book 1, Chapter No 3, Page Nos 71

15

Introduction to DES Topic Outline: Feistel Cipher, DES Function Reading Material : Text Book 1, Chapter No 6, Page Nos 137-138

16

DES structure Topic Outline: DES permutation Reading Material : Text Book 1, Chapter No 6, Page Nos 138-150

17

DES Analysis Topic Outline: DES weakness, Avalanche effect Reading Material : Text Book 1, Chapter No 6, Page Nos 151-156

Page 5 of 19

18

Security of DES Topic Outline: Brute force attack, Differential and Linear Cryptanalysis Reading Material : Text Book 1, Chapter No 6, Page Nos 156-160

19

Multiple DES Topic Outline: 2-DES, 3-DES,Meet in the middle attack Reading Material : Text Book 1, Chapter No 6, Page Nos 157

20

AES Introduction Topic Outline:History,criteria,rounds Reading Material : Text Book 1, Chapter No 7, Page Nos 169-173

21

Transformations Topic Outline: Substitution,Transformation using GF field,permutation Reading Material : Text Book 1, Chapter No 7, Page Nos 173-182

22

Key Expansion Topic Outline: Key expansion in AES-128 Reading Material : Text Book 1, Chapter No 7, Page Nos 182-187

23

The AES ciphers Topic Outline: Design Reading Material : Text Book 1, Chapter No 7, Page Nos 187-190

24 Examples of AES Reading Material : Text Book 1, Chapter No 7, Page Nos 190-191

25

Analysis of AES Topic Outline: Security, Implementation, Simplicity and cost Reading Material : Text Book 1, Chapter No 7, Page Nos 192-194

UNIT – III

Learning outcome 1: Understand the security issues required for encipherment using symmetric-key block or stream ciphers. Learning outcome 2: Discuss primality test algorithms and their efficiencies Learning outcome 3: Explain the concept of RSA, Rabin , Elgamal and elliptic curve cryptosystems

26

Use of Modern Block Ciphers, Topic Outline: Use of Stream ciphers, modes of operation Reading Material : Text Book 1, Chapter No 8, Page Nos 200-210

Page 6 of 19

27

Primes , Primality testing Topic Outline: Primes, Cardinality of primes, Checking for primeness, Eulers phi function, Fermats theorem Reading Material : Text Book 1, Chapter No 9, Page Nos 224-236

21.6

63.2

28

Factorization Topic Outline: Factorization methods, Reading Material : Text Book 1, Chapter No 9, Page Nos 236-242

29 Chinese remainder theorem Reading Material : Text Book 1, Chapter No 9, Page Nos 242-243

30

Quadratic congruence Topic Outline: Quadratic congruence modulo a prime and non-prime Reading Material : Text Book 1, Chapter No 9, Page Nos 244-245

31

Exponentiation and logarithm Topic Outline: Fast exponentiation, Euler’s theorem Reading Material : Text Book 1, Chapter No 9, Page Nos 246-253

32

Asymmetric-key Cryptography Topic Outline: Introduction Reading Material : Text Book 1, Chapter No 10, Page Nos 260-264

33

RSA Cryptosystem Topic Outline:Key generation Reading Material : Text Book 1, Chapter No 10, Page Nos 265-275

34

Encryption in RSA Topic Outline: Decryption in RSA, Cryptographic attacks Reading Material : Text Book 1, Chapter No 10, Page Nos 265-275

35

Elgamal Cryptosystem Topic Outline: Procedure Reading Material : Text Book 1, Chapter No 10, Page Nos 279-282

36

Elgamal Cryptosystem Topic Outline: Encryption, Decryption Reading Material : Text Book 1, Chapter No 10, Page Nos 279-282

37

Elliptic Curve Cryptosystem Topic Outline: Elliptic curves over GF Reading Material : Text Book 1, Chapter No 10, Page Nos 283-288

Page 7 of 19

38

Elliptic Curve Cryptosystem Topic Outline: Key generation, Encryption, Decryption Reading Material : Text Book 1, Chapter No 10, Page Nos 283-288

UNIT – IV

Learning outcome 1: Discuss the general ideas behind cryptographic hash functions Learning outcome 2: Understand the concepts behind MD-hash family and Whirlpool as an example of cryptographic hash functions Learning outcome 3: Describe the process of digital signatures and discuss the different digital signature schemes.

39

Cryptographic Hash Functions Topic Outline: Introduction, Iterated hash function Reading Material : Text Book 1, Chapter No 12, Page Nos 317-320

18.32

81.92

40

Description of MD Hash Family Topic Outline: MD4 hash function Reading Material : Text Book 1, Chapter No 12, Page Nos 321-324

41

Whirlpool Topic Outline: Whirlpool cipher Reading Material : Text Book 1, Chapter No 12, Page Nos 324-329

42

SHA-512 Topic Outline:Introduction, Comparison Reading Material : Text Book 1, Chapter No 12, Page Nos 334-335

43

Digital Signature Topic Outline: Process, Services Reading Material : Text Book 1, Chapter No 13, Page Nos 347-351

44

Attacks on Digital Signature Topic Outline: Attack types, Forgery types Reading Material : Text Book 1, Chapter No 13, Page Nos 353

45

Digital signature schemes Topic Outline: RSA, ElGamal,DSS,Elliptic curve Reading Material : Text Book 1, Chapter No 12, Page Nos 353-363

46 Variations and Applications Reading Material : Text Book 1, Chapter No 12, Page Nos 365

47

Symmetric key distribution Topic Outline: Key distribution center Reading Material : Text Book 1, Chapter No 15, Page Nos 390-394

Page 8 of 19

48

Kerberos Topic Outline: Servers, Operations Reading Material : Text Book 1, Chapter No 15, Page Nos 394-397

49

Symmetric key Agreement Topic Outline: Diffie-Hellman key agreement Reading Material : Text Book 1, Chapter No 15, Page Nos 397-401

50

Public-key distribution Topic Outline: Public announcement, trusted center,Certification authority,X.509, Hijacking Reading Material : Text Book 1, Chapter No 15, Page Nos 402-410

UNIT – V

Learning outcome1: Discuss the need for security services at the transport layer of the Internet Protocol Learning outcome 2: Illustrate the general structure of Security Sockets Layer(SSL) Learning outcome 3: Define the general structure of Transport Layer Security(TSL) and highlight the differences between TSL and SSL protocols

51

E-mail, PGP Topic Outline: Architecture, Security Reading Material : Text Book 1, Chapter No 16, Page Nos 417-430

52

S/MIME Topic Outline: MIME Reading Material : Text Book 1, Chapter No 16, Page Nos 437-440

53

SSL Architecture Topic Outline: Architecture Reading Material : Text Book 1, Chapter No 17, Page Nos 452-454

18.49

100 54

Four protocols Topic Outline: Handshake, ChangeCipherSpec, Alert, Record Reading Material : Text Book 1, Chapter No 17, Page Nos 459-469

55

SSL Message Formats Topic Outline: Handshake, ChangeCipherSpec, Alert, Record Reading Material : Text Book 1, Chapter No 17, Page Nos 469-477

56

Transport layer Security Topic Outline: IpSec, modes of IpSec Reading Material : Text Book 1, Chapter No 17, Page Nos 477-482

Page 9 of 19

57

Two security protocols Topic Outline: AH,ESP Reading Material : Text Book 1, Chapter No 18, Page Nos 488-495

58

Security Association Topic Outline: Security association database Reading Material : Text Book 1, Chapter No 18, Page Nos 494-495

59

Security Policy Topic Outline: Security Policy database Reading Material : Text Book 1, Chapter No 18, Page Nos 496-498

60

Internet Key Exchange (IKE) Topic Outline: Phases and modes Reading Material : Text Book 1, Chapter No 18, Page Nos 498-502

7. RECOMMENDED BOOKS/JOURNALS/WEBSITES

A. PRESCRIBED TEXTBOOK

a. T1 (Text Book 1) - Behrouz A. Forouzan, DebdeepMukhopadhyay: Cryptography and Network Security, 2nd Edition, Special Indian Edition, Tata McGraw-Hill, 2011.

B. REFERENCE BOOKS a. Michael E. Whitman and Herbert J. Mattord: Principles of Information Security,

2nd Edition, Thomson, Cengage Delmar Learning India Pvt., 2012. b. William Stallings: Network Security Essentials: Applications and Standards, 4th

Edition, Pearson Education, 2012.

C. WEBSITES / ONLINE REFERENCES a. Cryptography And Network Security By Atul Kahate Ebook

LEARNING OUTCOMES 8. ASSIGNMENTS

ASSIGNMENT 1 1. Explain the concept of Steganography. How are messages enciphered using this

method ? 2. A study on any one firewall product and their technology. ASSIGNMENT 2 A detailed study on the symmetric and block ciphers in existence before the DES and

AES algorithms were standardised.

Page 10 of 19

ASSIGNMENT 3 1. Write a note on Differential and Linear Cryptanalysis. 2. Explain the avalanche effect with respect to DES. ASSIGNMENT 4 1. Explain the various stages in the decryption process of Advanced Encryption

Standard. 2. Explain the types of cryptanalysis possible on AES. ASSIGNMENT 5 1. What are the four modes of operation to apply block cipher on any application to

enhance the effect of a cryptographic algorithm ? ASSIGNMENT 6 1.What are three broad categories of applications of public-key cryptosystems?

2. Write a short note on the distribution of public keys and the use of public-key encryption to distribute secret keys in asymmetric encryption.

10. THEORY ASSESSMENT

A. WRITTEN EXAMINATION

The Theory Examination is for 100 Marks which will be held for duration of 3 Hrs.

The Scheme and Blue Print will be released to the students once the Bangalore

University releases it.

B. CONTINUOUS ASSESSMENT

The Continuous Assessment is conducted as per the following parameters.

Parameter Assessment Marks Final Weightage

Internal Test 50 Marks 37.5 Marks

Assignment /

Class Test

10 Marks 6.25 Marks

10 marks 6.25 Marks

Total 55 Marks 50 Marks

The students are hereby required to note that every internal test weightage will calculated for 24 Marks. This includes timely submission of assignments and attending class tests as conducted.

Page 11 of 19

Parameter MARKS

Internal Test 01 44 MARKS

Internal Test 02 44 MARKS

Internal Test 03 44 MARKS

Final Internal Marks (Sum The Three Internal

Tests) 44 MARKS

Attendance >95 % : 06 Marks 90 - 95 % : 05 Marks 85 - 90 % : 04 Marks 80 - 85 % : 03 Marks 75 - 80 % : 02 Marks

06 MARKS

Total 50 MARKS

11. ASSESSMENT / ASSIGNMENT / CLASS TEST / ACTIVITY PLANNER

Week 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

Internal Test T1 T2 T3

Assignments

Submission A1 A2 A3 A4 A5 A6

Legend Meaning Test Topics Examinable

T1, T2,T3 Internal Tests T1 Class 1 – 20

A1, A2, A3, A4, A5, A6 Assignments T2 Class 21 – 40

T3 Class 41 – 60

12. QUESTION BANK UNIT 1 1. Define three security goals. 2. Define between passive and active security attacks. 3. List and define the different security services and mechanisms. 4. Distinguish between cryptography and steganography. 5. Define residue class and least residue. 6. Explain the Euclidean algorithm and extended Euclidean algorithm. 7. Define linear congruence and matrix operations. 8. Write a short note on cryptographic attacks. UNIT 2 1. Define a symmetric key cipher. 2. Distinguish between substitution cipher and transposition cipher.

Page 12 of 19

3. Distinguish between stream cipher and block cipher. 4. Distinguish between diffusion and confusion. 5. Differentiate between differential and linear cryptanalysis. 6. What is the block size and cipher key size in DES. 7. Explain DES. 8. What is triple DES? 9. Compare AES and DES. 10. Explain the four transformations in AES.

UNIT 3 1. Explain why modes of operation are required for modern block ciphers 2. Define ECB and list its advantages and disadvantages. 3. Define CBC and list its advantages and disadvantages. 4. Define CFB and list its advantages and disadvantages. 5. Define OFB and list its advantages and disadvantages. 6. Define CTR and list its advantages and disadvantages. 7. Define Fermat’s theorem. 8. Explain Euler’s theorem and explain its application. 9. Define Chinese Remainder Theorem. 10. Distinguish between symmetric and asymmetric key cryptography.

11. Briefly explain the idea behind RSA cryptosystem. 12. Explain Rabin cryptosystem. 13. Explain ElGamal cryptosystem.

UNIT 4

1. Define cryptographic hash function. 2. Describe the Merkle-Damgard scheme and explain why this scheme is important for the

design of a cryptographic hash function. 3. List the main features of SHA-512 cryptographic hash function. 4. List features of Whirlpool cryptographic hash function. 5. Compare and contrast features of SHA-512 and Whirlpool cryptographic hash functions. 6. Compare and contrast a conventional signature and digital signature. 7. List the security services provided by a digital signature. 8. Explain the different digital signature schemes. 9. Describe the concept of hijacking. 10. Explain Kerberos. 11. List the tasks of a KDC. 12. Define the Diffie-Hellman protocol. 13. Define a certification authority and its relation to public key cryptography. 14. Define man-in-the-middle attack. 15. Define X.509 recommendation and state its purpose.

UNIT 5 Question Bank

Page 13 of 19

1. List the services provided by SSL or TLS. 2. Compare and contrast the handshake protocols in SSL and TLS. 3. Distinguish between two modes of IPSec. 4. Define Security Association and explain its purpose. 5. Define IKE and explain its role in IPSec. 6. Define AH and the security services it provides. 7. Elaborate on ESP and the security services it provides. 8. List the phases of IKE and the goal of each phase. 9. What is the difference between worms and viruses? 10. Explain the different types of viruses

13. MODEL QUESTION PAPERS

Page 14 of 19

Page 15 of 19

Page 16 of 19

Page 17 of 19

Page 18 of 19

Page 19 of 19