Facebook this Page (opens a new window)
Tweet this Page (opens a new window)
Add to Portfolio.

CYB 2311 - Introduction to Applied Cryptography

2 lecture hours 2 lab hours 3 credits
Course Description
This course will provide students with an introduction to applied cryptography. The course starts with the need for protection mechanisms for data during processing, when in transit, and when at rest. The course starts with a study of classical cipher techniques and randomness. The majority of the course is a study of applied cryptography, focusing on the practical aspects of private key and public key cryptography, the mechanisms/algorithms that cryptography provides for symmetric and asymmetric encryption, key agreement, hashing, and digital signatures. NIST standard mechanisms, including AES, Triple-DES, RSA, SHA-1, SHA-2, ASCON, and others will be used extensively in laboratory exercises. The key takeaway from the course will be an ability to identify the appropriate mechanisms for securing an architecturally distributed system.
Prereq: CSC 1120 , MTH 2310  
Note: None
This course meets the following Raider Core CLO Requirement: None
Course Learning Outcomes
Upon successful completion of this course, the student will be able to:
  • Explain the CIA triad and its importance to cryptography
  • Understand the relationship between cryptography and security
  • Define cryptography and cryptanalysis
  • Explain the operation of a Caesar cipher and Vignere cipher
  • Implement a software module to encode and decode messages using a Caesar cipher
  • Implement a software module to encode and decode messages using a Vigenère cipher
  • Compare and contrast random number generation and pseudorandom number generation
  • Define and calculate entropy
  • Use standard Unix random number generation APIs in the construction of simple programs
  • Identify the appropriate uses of symmetric and asymmetric encryption
  • Assign some measure of strength to cryptographic algorithms and the associated keys
  • Explain the operation of a block cipher
  • Implement code for a block cipher
  • Implement an application using AES
  • Explain the operation of a stream cipher
  • Construct an implementation of a simple stream cipher
  • Explain the purpose for secure hashing and explain how to construct a hash function
  • Understand the SHA family of hash functions, their capabilities, and their limitations
  • Explain the operation of key security mechanisms, including RSA, Diffie-Hellman, and elliptic curves
  • Understand the common pitfalls or shortcomings associated with the implementation of cryptography and the challenges and limitations of current key management systems
  • Describe the appropriate cryptographic tools/algorithms/protocols that can be applied at various locations throughout that architecture in order to achieve a variety of goals, and the management challenges/trade-offs associated with their choices when given an enterprise architecture scenario consisting of different components (e.g., servers, clients, databases) with information that has various temporal and distribution constraints, networks, multiple sites, and trusted and untrusted clients
     
Prerequisites by Topic
  • Java data structures
Course Topics
  • Security functions (data protection, data integrity, authentication, non-repudiation)
  • Block vs. stream data
  • Digital signatures (authentication)
    •     Hash functions (MD4, MD5, SHA-1, SHA-2, SHA-3)
    •     Integrity checking
    •     For protecting authentication data
    •     Collision resistance
  • Symmetric cryptography (DES, Twofish)
  • Public key cryptography (Diffie-Hellman, RSA, ECC, ElGamal, DSA)
    •     Public key infrastructure
    •     Certificates
    •     Key management (creation, exchange/distribution)
  • Cryptography in practice
    •     Common cryptographic protocols
    •     DES - AES (evolution from DES to AES)
    •     Cryptographic modes (and their strengths and weaknesses)
    •     Cryptographic standards (FIPS 140 series)
  • Cryptographic failures
    •     Types of attacks (brute force, chosen plaintext, known plaintext, differential and linear cryptanalysis, etc.)
    •     Implementation failures
  • Number theory as applied to cryptography
  • Probability and statistics as is applied to cryptography
  • Understanding of the major algorithms (AES, RSA, EC)
  • Suite B algorithms
  • Hashing and signatures
  • Key management
  • Modes and appropriate uses
  • Classical cryptanalysis (a la Konheim)
  • Identity-based cryptography
  • Digital signatures
Laboratory Topics
  •     Caesar cipher implementation
  •     Vignere cipher implementation
  •     Pseudo random number generation
  •     Random number generation APIs
  •     Block cipher implementation
  •     AES application implementation
  •     Stream cipher implementation
  •     Application development using a stream cipher
  •     Hash function construction
  •     SHA hash function application
  •     Applications of cryptographic tools/algorithms/protocols
  •     Key management
Coordinator
Dr. Walter Schilling

Print-Friendly Page (opens a new window)
Add to Portfolio.
Close Window