Cryptography and Computer Network-Security
 |
BASIC CONCEPTS |
|
KEY MANAGEMENT |
| |
CLASSICAL CRYPTOALGORITHMS |
| |
PUBLIC KEY CRYPTOALGORITHMS |
| |
SECURITY SERVICES |
| |
CRYPTOGRAPHIC STANDARDS AND SECURE INTERNET PROTOCOLS |
BASIC CONCEPTS
-
The need for security services in today's computer networks
-
Basic concepts of cryptology
-
Types of cryptosystems. Implementation of security services
 |
Threats to
computer security
|
||||
|
|
Security services
in computer networks and relationships among them:
|
||||
|
|
Electronic
commerce and other applications of security services in today's
computer networks
|
||||
|
|
Survey of
domestic and foreign cryptographic products
|
|
|
Cryptosystem,
plaintext, ciphertext, key
|
|
|
Examples of
simple cryptosystems
|
|
|
To publish or
not to publish?
|
|
|
Secret and
open research in cryptology
|
|
|
Software vs.
hardware implementations of cryptography
|
|
|
Evolution of
cryptography and cryptanalysis.
|
|
|
Classical
(symmetric) vs. public key (asymmetric) cryptosystems
|
|
|
Trapdoor
one-way functions - main components of public key cryptosystems
|
|
|
Features
required from today's ciphers
|
|
|
Implementing
security services using cryptographic transformations
|
|
|
Block vs.
stream ciphers
|
|
|
Measures of
the cipher strength
|
-
Key Management
-
Pretty Good Privacy
|
|
Session keys
and key encrypting keys
|
|
|
Exchange of
keys using Key Distribution Center
|
|
|
The Diffie-Hellman
key exchange protocol
|
|
|
Exchange of
symmetric keys using public key cryptosystems
|
|
|
Generation
and registration of the public key pair
|
|
|
Concept of a
public key certificate
|
|
|
Formats of
certificates
|
|
|
Hierarchy of
Certification Authorities - Public Key Infrastructure
|
|
|
Certificate
revocation
|
|
|
E-mail
Security
|
|
|
|
Implementation
of Basic Security Services in PGP
|
|
|
|
General
Format of PGP Messages
|
|
|
|
Key Rings
|
|
|
|
PGP Trust
Model
|
-
Mathematical Background
-
Historical ciphers
-
Data Encryption Standard - first attempt to standardize protection of information in public computer networks
-
Modes of operation of block ciphers
Block ciphers vs. stream ciphersCTR, OFB, CFB, CBCComparison of existing modes of operationEvaluation criteria for new modes of operation -
Other symmetric-key block ciphers
IDEARC5Fast software encryption cryptoalgorithmsMinimal key lengths for symmetric-key ciphers
|
|
Motivation
|
|
|
Basic
definitions
|
|
|
Laws of
modular arithmetic
|
|
|
Euclid's
algorithm
|
|
|
Extended
Euclid's algorithm
|
|
|
Solving
linear congruences
|
|
|
Substitution
ciphers
|
||||||||||
|
|
Transposition
ciphers
|
||||||||||
|
|
Breaking
substitution ciphers using frequency analysis
|
||||||||||
|
|
Breaking
polyalphabetic ciphers using Kasiski's method and method of the
index of coincidance
|
||||||||||
|
|
Shannon's theory
of perfect secrecy and its practical implications. One-time pad.
|
||||||||||
|
|
Product
ciphers
|
|
|
History of the
cryptosystem - the NBS-NSA-IBM roles
|
|
|
Acceptance by
government and commercial sectors
|
|
|
Main features
of the algorithm
|
|
|
Design
criteria
|
|
|
Differential
and linear cryptanalysis
|
|
|
Vulnerability
to the exhaustive key search attack
|
|
|
Extensions of
DES: Triple DES, DESX
|
|
|
Modes of
operation
|
|
|
Security of
different operational modes
|
-
RSA – Genesis, operation & security. Factorization records.
-
RSA Implementation: Efficient encryption, decryption & key generation
|
|
Genesis of
RSA
|
||||||
|
|
RSA as a
trapdoor one-way function
|
||||||
|
|
Factorization
as a basis of the RSA security
|
||||||
|
|
Recommended
key sizes for the RSA cryptosystem
|
|
|
Basic
exponentiation algorithm
|
|
|
Using
Chinese Remainder Theorem for fast exponentiation
|
|
|
Basic
algorithms for multiplication and modular reduction in software
|
|
|
Basic
architectures for multiplication and modular reduction in
hardware
|
|
|
Dependence
between the key size and the times of cryptographic
transformation
|
|
|
Probabilistic
tests for primality
|
|
|
Deterministic
tests for primality
|
|
|
Constructing a
random prime
|
|
|
Optimal Assymetric
Encryption Padding
|
-
Data integrity and authentication - two faces of the same problem. Hash functions and MACs
|
|
Requirements
for secure hash functions.
|
||||||||
|
|
Classification
of hash functions.
|
||||||||
|
|
Attacks against
hash functions.
|
||||||||
|
|
Standard and
non-standard applications of hash functions.
|
||||||||
|
|
Families of
hash function algorithms and their security
|
||||||||
|
|
Requirements
for Message Authentication Code (MAC).
|
||||||||
|
|
Families of
MACs and their security.
|
||||||||
|
|
Authentication
combined with confidentiality.
|
-
American and international cryptographic standards
-
Secure Internet Protocols
-
Export and import control of cryptographic devices
|
|
Standard
organizations
|
||||||||||
|
|
Main groups
of cryptographic standards:
|
||||||||||
|
|
Classical
cryptography standards
|
||||||||||
|
|
Public-key
cryptography standards
|
|
|
Secure electronic
mail
|
||||
|
|
Secure WWW
|
||||
|
|
Secure payment
card protocols
|
||||
|
|
Secure virtual
private networks
|
|
|
Evolution of
the U.S. policy
|
|
|
Current U.S.
regulations
|