Cryptography & Network Security

UNIT I: INTRODUCTION & NUMBER THEORY

Services, Mechanisms, and Attacks

• The OSI security architecture

• Network security model

Classical Encryption Techniques

• Symmetric Cipher Model

• Substitution Techniques

• Transposition Techniques

• Steganography

Finite Fields and Number Theory

• Groups, Rings, Fields

• Modular arithmetic

• Euclid's algorithm

• Finite fields

• Polynomial arithmetic

• Prime numbers

• Fermat's and Euler's theorems

• Testing for primality

• The Chinese remainder theorem

• Discrete logarithms

UNIT II: BLOCK CIPHERS & PUBLIC KEY CRYPTOGRAPHY

Block Ciphers

• Data Encryption Standard (DES)

• Block Cipher Principles

• Block cipher modes of operation

• Advanced Encryption Standard (AES)

• Triple DES

• Blowfish

• RC5 Algorithm

Public Key Cryptography

• Principles of public key cryptosystems

• The RSA Algorithm

• Key management

• Diffie-Hellman Key Exchange

• Elliptic Curve Arithmetic

• Elliptic Curve Cryptography

UNIT III: HASH FUNCTIONS AND DIGITAL SIGNATURES

Authentication

• Authentication requirement

• Authentication function

Message Authentication Code (MAC)

• Hash Function

• Security of hash functions and MAC

• MD5

• SHA

• HMAC

• CMAC

Digital Signatures & Authentication Protocols

• Digital Signature Standard (DSS)

• ElGamal

• Schnorr

UNIT IV: SECURITY PRACTICE & SYSTEM SECURITY

Authentication Applications

• Kerberos

• X.509 Authentication Services

Internet Firewalls for Trusted Systems

• Roles of firewalls

• Firewall-related terminology

• Types of Firewalls

• Firewall Designs

• SET for E-commerce Transactions

Intrusion Detection and Threats

• Intruder

• Intrusion detection systems

• Virus and related threats

• Countermeasures

• Firewall design principles

• Trusted systems

• Practical implementation of cryptography and security

UNIT V: E-MAIL, IP & WEB SECURITY

E-mail Security

• Security services for email

• Attacks possible through email

• Establishing keys

• Privacy and authentication of the source

• Message integrity

• Non-repudiation

• Pretty Good Privacy (PGP)

• S/MIME

IP Security (IPSec)

• Overview of IPSec

• IP and IPv6

• Authentication header

• Encapsulation Security Payload (ESP)

• Internet Key Exchange (IKE)

  • Phases of IKE

  • ISAKMP/IKE encoding

Web Security

• SSL/TLS Basic Protocol

  • Computing the keys

  • Client authentication

  • Public Key Infrastructure (PKI) as deployed by SSL

• Attacks fixed in SSL v3

• Exportability

• Encoding

• Secure Electronic Transaction (SET)