b.c.a 2017-18degree.pes.edu/pdf/2017/bca/cryptography and network... · 2018-01-02 · b.c.a...
TRANSCRIPT
B.C.A 2017-18
PES DEGREE COLLEGE BANGALORE SOUTH CAMPUS Affiliated to Bangalore University
CRYPTOGRAPHY AND NETWORK SECURITY
MODULE SPECIFICATION SHEET
Course Outline Security is ubiquitous. With the advent of e-commerce and electronic transactions, the need for development of secured systems has grown tremendously. Cryptography is the study of building ciphers to ensure the confidentiality and integrity of information. Along with it is the activity of analyzing the strength of a cipher by subjecting it to several forms of attack. This field of cryptology, known as cryptanalysis, ensures that the ciphers are strong enough to defend against all known forms of attack. To be secured information needs to be hidden from unauthorized access, protected from unauthorized change and available to an authorized entity when it is needed. During the last two decades, computer networks created a revolution in the use of information. Information is now distributed. Not only should information be confidential when it is stored in a computer, there should be a way to maintain confidentiality when it is transmitted from one computer to another. Here comes the importance of network security. This part of the subject, in turn, deals with issues of design and usage of protocols for security which, in turn, uses the cryptographic algorithms developed by the cryptographers. As a matter of fact, for an end to end security one has to take care of the network, the operating system and even the policies used for security.
Faculty Details ASHA JOSEPH
ASSISSTANT PROFESSOR Department of BCA
PH
OTO
Page 2 of 19
1. GENERAL INFORMATION Academic Year : 2017-2018 Semester : VI BCA
Title Code Duration
Cryptography and Network Security BCA603T
Lectures 60
Seminars 0
Total: 60
Credits 03
2. PRE REQUIREMENT STATEMENT Students taking this unit must be exposed to computer networks, basic concepts of network security and specific areas of mathematics including number theory, linear algebra and algebraic structures.
3. COURSE RELEVANCE Network security is one of the most active and important research and application areas in computer science. It is an essential that the students understand network security issues and have a solid foundation in designing and developing secure network systems and application. This course will provide students with a practical and theoretical knowledge of cryptography and network security.
4. LEARNING OBJECTIVES After studying this course, you should be able to:
• Understand cryptography and network security concepts and applications.
• Identify some of the factors driving the need for network security.
• Identify and classify particular examples of attacks.
• Differentiate between the important standards used in block encipherment.
• Understand physical points of vulnerability in simple networks.
• Compare and contrast symmetric and asymmetric encryption systems and their
vulnerability to attack, and explain the characteristics of hybrid systems.
5. VENUE AND HOURS/WEEK All lectures will normally be held on VII / VIII Floor. Lecture Sessions / Week : 6
Page 3 of 19
6. MODULE MAP Class
# Topic Details % of
portions Cumulative
% of Portions Covered
UNIT – I
Learning outcome 1: Define the three types of security goals and explain attacks that threaten confidentiality, integrity and availability. Learning outcome 2: Differentiate the different categories of cryptographic attacks. Learning outcome 3: Outline the different techniques needed for implementing security goals.
1
Security Goals Topic Outline: Objectives, Cryptanalytic attacks Reading Material : TextBook 1, Chapter No 1, Page Nos 1-2
18.3
18.3
2
Security Topic Outline: Security types Reading Material : TextBook 1, Chapter No 1, Page Nos 2-4
3
Cryptographic Attacks Topic Outline: Passive, Active attacks,Differentiation Reading Material : TextBook 1, Chapter No 1, Page Nos 2-4
4
Security Services Topic Outline: Types, Relation between services and mechanisms Reading Material : TextBook 1, Chapter No 1, Page Nos 5
5
Security Mechanism Topic Outline: Techniques for security goals implementation, Steganography Reading Material : TextBook 1, Chapter No 1, Page Nos 6- 9
6
Integer Arithmetic Topic Outline: Binary operation, Integer division Reading Material : TextBook 1, Chapter No 2, Page Nos 16-17
7
Euclidean Algorithm (EA) – Extended EA Topic Outline:Divisibility Reading Material : TextBook 1, Chapter No 2, Page Nos 18-22
8
Modular Arithmetic Topic Outline: Modulo operator,Set of residues Reading Material : TextBook 1, Chapter No 2, Page Nos 22-23
Page 4 of 19
9
Congruence Topic Outline:Residue classes, Operations in Zn Reading Material : TextBook 1, Chapter No 2, Page Nos24-27
10
Matrices Topic Outline: Definition, Operations and relations Reading Material : TextBook 1, Chapter No 2, Page Nos32-34
11
Linear Congruence Topic Outline:Single variable linear equation Reading Material : Text Book 1, Chapter No 2, Page Nos 35-37
UNIT – II
Learning outcome 1: Review integer arithmetic, finding the greatest common divisor using Euclidean algorithm Learning outcome 2: Define matrix and emphasis on the relevance of matrix operations on residue matrices in cryptography Learning outcome 3: Explain the security developed for DES
12
Sustitution Ciphers Topic Outline: Monoalphabetic, Additive Reading Material : Text Book 1, Chapter No 3, Page Nos 43-46
23.3
41.6
13
Shift ciphers Topic Outline: Caesar, Multiplicative Reading Material : Text Book 1, Chapter No 3, Page Nos 47-55
14
Stream and Block Ciphers Topic Outline: Transposition ciphers Reading Material : Text Book 1, Chapter No 3, Page Nos 71
15
Introduction to DES Topic Outline: Feistel Cipher, DES Function Reading Material : Text Book 1, Chapter No 6, Page Nos 137-138
16
DES structure Topic Outline: DES permutation Reading Material : Text Book 1, Chapter No 6, Page Nos 138-150
17
DES Analysis Topic Outline: DES weakness, Avalanche effect Reading Material : Text Book 1, Chapter No 6, Page Nos 151-156
Page 5 of 19
18
Security of DES Topic Outline: Brute force attack, Differential and Linear Cryptanalysis Reading Material : Text Book 1, Chapter No 6, Page Nos 156-160
19
Multiple DES Topic Outline: 2-DES, 3-DES,Meet in the middle attack Reading Material : Text Book 1, Chapter No 6, Page Nos 157
20
AES Introduction Topic Outline:History,criteria,rounds Reading Material : Text Book 1, Chapter No 7, Page Nos 169-173
21
Transformations Topic Outline: Substitution,Transformation using GF field,permutation Reading Material : Text Book 1, Chapter No 7, Page Nos 173-182
22
Key Expansion Topic Outline: Key expansion in AES-128 Reading Material : Text Book 1, Chapter No 7, Page Nos 182-187
23
The AES ciphers Topic Outline: Design Reading Material : Text Book 1, Chapter No 7, Page Nos 187-190
24 Examples of AES Reading Material : Text Book 1, Chapter No 7, Page Nos 190-191
25
Analysis of AES Topic Outline: Security, Implementation, Simplicity and cost Reading Material : Text Book 1, Chapter No 7, Page Nos 192-194
UNIT – III
Learning outcome 1: Understand the security issues required for encipherment using symmetric-key block or stream ciphers. Learning outcome 2: Discuss primality test algorithms and their efficiencies Learning outcome 3: Explain the concept of RSA, Rabin , Elgamal and elliptic curve cryptosystems
26
Use of Modern Block Ciphers, Topic Outline: Use of Stream ciphers, modes of operation Reading Material : Text Book 1, Chapter No 8, Page Nos 200-210
Page 6 of 19
27
Primes , Primality testing Topic Outline: Primes, Cardinality of primes, Checking for primeness, Eulers phi function, Fermats theorem Reading Material : Text Book 1, Chapter No 9, Page Nos 224-236
21.6
63.2
28
Factorization Topic Outline: Factorization methods, Reading Material : Text Book 1, Chapter No 9, Page Nos 236-242
29 Chinese remainder theorem Reading Material : Text Book 1, Chapter No 9, Page Nos 242-243
30
Quadratic congruence Topic Outline: Quadratic congruence modulo a prime and non-prime Reading Material : Text Book 1, Chapter No 9, Page Nos 244-245
31
Exponentiation and logarithm Topic Outline: Fast exponentiation, Euler’s theorem Reading Material : Text Book 1, Chapter No 9, Page Nos 246-253
32
Asymmetric-key Cryptography Topic Outline: Introduction Reading Material : Text Book 1, Chapter No 10, Page Nos 260-264
33
RSA Cryptosystem Topic Outline:Key generation Reading Material : Text Book 1, Chapter No 10, Page Nos 265-275
34
Encryption in RSA Topic Outline: Decryption in RSA, Cryptographic attacks Reading Material : Text Book 1, Chapter No 10, Page Nos 265-275
35
Elgamal Cryptosystem Topic Outline: Procedure Reading Material : Text Book 1, Chapter No 10, Page Nos 279-282
36
Elgamal Cryptosystem Topic Outline: Encryption, Decryption Reading Material : Text Book 1, Chapter No 10, Page Nos 279-282
37
Elliptic Curve Cryptosystem Topic Outline: Elliptic curves over GF Reading Material : Text Book 1, Chapter No 10, Page Nos 283-288
Page 7 of 19
38
Elliptic Curve Cryptosystem Topic Outline: Key generation, Encryption, Decryption Reading Material : Text Book 1, Chapter No 10, Page Nos 283-288
UNIT – IV
Learning outcome 1: Discuss the general ideas behind cryptographic hash functions Learning outcome 2: Understand the concepts behind MD-hash family and Whirlpool as an example of cryptographic hash functions Learning outcome 3: Describe the process of digital signatures and discuss the different digital signature schemes.
39
Cryptographic Hash Functions Topic Outline: Introduction, Iterated hash function Reading Material : Text Book 1, Chapter No 12, Page Nos 317-320
18.32
81.92
40
Description of MD Hash Family Topic Outline: MD4 hash function Reading Material : Text Book 1, Chapter No 12, Page Nos 321-324
41
Whirlpool Topic Outline: Whirlpool cipher Reading Material : Text Book 1, Chapter No 12, Page Nos 324-329
42
SHA-512 Topic Outline:Introduction, Comparison Reading Material : Text Book 1, Chapter No 12, Page Nos 334-335
43
Digital Signature Topic Outline: Process, Services Reading Material : Text Book 1, Chapter No 13, Page Nos 347-351
44
Attacks on Digital Signature Topic Outline: Attack types, Forgery types Reading Material : Text Book 1, Chapter No 13, Page Nos 353
45
Digital signature schemes Topic Outline: RSA, ElGamal,DSS,Elliptic curve Reading Material : Text Book 1, Chapter No 12, Page Nos 353-363
46 Variations and Applications Reading Material : Text Book 1, Chapter No 12, Page Nos 365
47
Symmetric key distribution Topic Outline: Key distribution center Reading Material : Text Book 1, Chapter No 15, Page Nos 390-394
Page 8 of 19
48
Kerberos Topic Outline: Servers, Operations Reading Material : Text Book 1, Chapter No 15, Page Nos 394-397
49
Symmetric key Agreement Topic Outline: Diffie-Hellman key agreement Reading Material : Text Book 1, Chapter No 15, Page Nos 397-401
50
Public-key distribution Topic Outline: Public announcement, trusted center,Certification authority,X.509, Hijacking Reading Material : Text Book 1, Chapter No 15, Page Nos 402-410
UNIT – V
Learning outcome1: Discuss the need for security services at the transport layer of the Internet Protocol Learning outcome 2: Illustrate the general structure of Security Sockets Layer(SSL) Learning outcome 3: Define the general structure of Transport Layer Security(TSL) and highlight the differences between TSL and SSL protocols
51
E-mail, PGP Topic Outline: Architecture, Security Reading Material : Text Book 1, Chapter No 16, Page Nos 417-430
52
S/MIME Topic Outline: MIME Reading Material : Text Book 1, Chapter No 16, Page Nos 437-440
53
SSL Architecture Topic Outline: Architecture Reading Material : Text Book 1, Chapter No 17, Page Nos 452-454
18.49
100 54
Four protocols Topic Outline: Handshake, ChangeCipherSpec, Alert, Record Reading Material : Text Book 1, Chapter No 17, Page Nos 459-469
55
SSL Message Formats Topic Outline: Handshake, ChangeCipherSpec, Alert, Record Reading Material : Text Book 1, Chapter No 17, Page Nos 469-477
56
Transport layer Security Topic Outline: IpSec, modes of IpSec Reading Material : Text Book 1, Chapter No 17, Page Nos 477-482
Page 9 of 19
57
Two security protocols Topic Outline: AH,ESP Reading Material : Text Book 1, Chapter No 18, Page Nos 488-495
58
Security Association Topic Outline: Security association database Reading Material : Text Book 1, Chapter No 18, Page Nos 494-495
59
Security Policy Topic Outline: Security Policy database Reading Material : Text Book 1, Chapter No 18, Page Nos 496-498
60
Internet Key Exchange (IKE) Topic Outline: Phases and modes Reading Material : Text Book 1, Chapter No 18, Page Nos 498-502
7. RECOMMENDED BOOKS/JOURNALS/WEBSITES
A. PRESCRIBED TEXTBOOK
a. T1 (Text Book 1) - Behrouz A. Forouzan, DebdeepMukhopadhyay: Cryptography and Network Security, 2nd Edition, Special Indian Edition, Tata McGraw-Hill, 2011.
B. REFERENCE BOOKS a. Michael E. Whitman and Herbert J. Mattord: Principles of Information Security,
2nd Edition, Thomson, Cengage Delmar Learning India Pvt., 2012. b. William Stallings: Network Security Essentials: Applications and Standards, 4th
Edition, Pearson Education, 2012.
C. WEBSITES / ONLINE REFERENCES a. Cryptography And Network Security By Atul Kahate Ebook
LEARNING OUTCOMES 8. ASSIGNMENTS
ASSIGNMENT 1 1. Explain the concept of Steganography. How are messages enciphered using this
method ? 2. A study on any one firewall product and their technology. ASSIGNMENT 2 A detailed study on the symmetric and block ciphers in existence before the DES and
AES algorithms were standardised.
Page 10 of 19
ASSIGNMENT 3 1. Write a note on Differential and Linear Cryptanalysis. 2. Explain the avalanche effect with respect to DES. ASSIGNMENT 4 1. Explain the various stages in the decryption process of Advanced Encryption
Standard. 2. Explain the types of cryptanalysis possible on AES. ASSIGNMENT 5 1. What are the four modes of operation to apply block cipher on any application to
enhance the effect of a cryptographic algorithm ? ASSIGNMENT 6 1.What are three broad categories of applications of public-key cryptosystems?
2. Write a short note on the distribution of public keys and the use of public-key encryption to distribute secret keys in asymmetric encryption.
10. THEORY ASSESSMENT
A. WRITTEN EXAMINATION
The Theory Examination is for 100 Marks which will be held for duration of 3 Hrs.
The Scheme and Blue Print will be released to the students once the Bangalore
University releases it.
B. CONTINUOUS ASSESSMENT
The Continuous Assessment is conducted as per the following parameters.
Parameter Assessment Marks Final Weightage
Internal Test 50 Marks 37.5 Marks
Assignment /
Class Test
10 Marks 6.25 Marks
10 marks 6.25 Marks
Total 55 Marks 50 Marks
The students are hereby required to note that every internal test weightage will calculated for 24 Marks. This includes timely submission of assignments and attending class tests as conducted.
Page 11 of 19
Parameter MARKS
Internal Test 01 44 MARKS
Internal Test 02 44 MARKS
Internal Test 03 44 MARKS
Final Internal Marks (Sum The Three Internal
Tests) 44 MARKS
Attendance >95 % : 06 Marks 90 - 95 % : 05 Marks 85 - 90 % : 04 Marks 80 - 85 % : 03 Marks 75 - 80 % : 02 Marks
06 MARKS
Total 50 MARKS
11. ASSESSMENT / ASSIGNMENT / CLASS TEST / ACTIVITY PLANNER
Week 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
Internal Test T1 T2 T3
Assignments
Submission A1 A2 A3 A4 A5 A6
Legend Meaning Test Topics Examinable
T1, T2,T3 Internal Tests T1 Class 1 – 20
A1, A2, A3, A4, A5, A6 Assignments T2 Class 21 – 40
T3 Class 41 – 60
12. QUESTION BANK UNIT 1 1. Define three security goals. 2. Define between passive and active security attacks. 3. List and define the different security services and mechanisms. 4. Distinguish between cryptography and steganography. 5. Define residue class and least residue. 6. Explain the Euclidean algorithm and extended Euclidean algorithm. 7. Define linear congruence and matrix operations. 8. Write a short note on cryptographic attacks. UNIT 2 1. Define a symmetric key cipher. 2. Distinguish between substitution cipher and transposition cipher.
Page 12 of 19
3. Distinguish between stream cipher and block cipher. 4. Distinguish between diffusion and confusion. 5. Differentiate between differential and linear cryptanalysis. 6. What is the block size and cipher key size in DES. 7. Explain DES. 8. What is triple DES? 9. Compare AES and DES. 10. Explain the four transformations in AES.
UNIT 3 1. Explain why modes of operation are required for modern block ciphers 2. Define ECB and list its advantages and disadvantages. 3. Define CBC and list its advantages and disadvantages. 4. Define CFB and list its advantages and disadvantages. 5. Define OFB and list its advantages and disadvantages. 6. Define CTR and list its advantages and disadvantages. 7. Define Fermat’s theorem. 8. Explain Euler’s theorem and explain its application. 9. Define Chinese Remainder Theorem. 10. Distinguish between symmetric and asymmetric key cryptography.
11. Briefly explain the idea behind RSA cryptosystem. 12. Explain Rabin cryptosystem. 13. Explain ElGamal cryptosystem.
UNIT 4
1. Define cryptographic hash function. 2. Describe the Merkle-Damgard scheme and explain why this scheme is important for the
design of a cryptographic hash function. 3. List the main features of SHA-512 cryptographic hash function. 4. List features of Whirlpool cryptographic hash function. 5. Compare and contrast features of SHA-512 and Whirlpool cryptographic hash functions. 6. Compare and contrast a conventional signature and digital signature. 7. List the security services provided by a digital signature. 8. Explain the different digital signature schemes. 9. Describe the concept of hijacking. 10. Explain Kerberos. 11. List the tasks of a KDC. 12. Define the Diffie-Hellman protocol. 13. Define a certification authority and its relation to public key cryptography. 14. Define man-in-the-middle attack. 15. Define X.509 recommendation and state its purpose.
UNIT 5 Question Bank
Page 13 of 19
1. List the services provided by SSL or TLS. 2. Compare and contrast the handshake protocols in SSL and TLS. 3. Distinguish between two modes of IPSec. 4. Define Security Association and explain its purpose. 5. Define IKE and explain its role in IPSec. 6. Define AH and the security services it provides. 7. Elaborate on ESP and the security services it provides. 8. List the phases of IKE and the goal of each phase. 9. What is the difference between worms and viruses? 10. Explain the different types of viruses
13. MODEL QUESTION PAPERS
Page 14 of 19
Page 15 of 19
Page 16 of 19
Page 17 of 19
Page 18 of 19
Page 19 of 19