"Cryptography" Full Course Description

Course Description:

There are very few mechanisms / tools available to the Information Assurance engineer / architect that can be used to build policy enforcing information systems. One of those mechanisms is Cryptography. Cryptography is a very powerful mechanism. However the use of cryptography as an information assurance mechanism is fraught with problems and challenges that lead to unintended failure of the policy enforcement. It is essential that our Information Assurance students have a firm grasp on the power of cryptography and the problems and pitfalls associated with its use.

The key principles of information assurance: confidentiality, integrity, and availability, in many instances depend on the effective and correct use and implementation of the cryptography. In addition to the challenges of implementation is the very hard problem of key management.

Students will study the basic concepts of classical cryptography, the transition era and the emergence of and development of modern cryptography. They will study the concepts of how cryptography and cryptanalysis work and fail in practice, and what role cryptography plays in the design of secure systems. In parallel they will study the development of the key management that has accompanied the evolution of cryptography.

This course is intended for first year graduate students with the following qualification: typically coming out of computer science, mathematics, computer engineering, or informatics; it is helpful to have a working understanding of number theory and some programming facility.

This class will be primary individual study, with weekly assigned readings, eleven homework assignments, one take home quiz, one project, a midterm and a final. The course will also have nine laboratory assignments which will be separate from the class lecture and performed outside of the class time. Each lab assignment will take approximately two to five hours to complete. Students may work in teams on the lab assignments and on the semester project.

Objectives:

1. Students will learn and review the foundational elements of cryptography and cryptanalysis. This includes a history of cryptology, the significance of cryptology for society, functioning of classical and modern ciphers, cryptanalysis of classical ciphers, the role of cryptography in building secure systems, requirements for cryptography to work in practice, and principles of key management.

2. With regards to cryptanalysis, students will learn why supposedly secure systems fail. In particular, they will understand that the elements typically discovered in failed systems cryptanalysis include that the cipher is weak, that the cipher is used in an insecure fashion, the key material is not random enough, the protocol is flawed, the base system is insecure, the implementation is flawed, and/or in general, complexity is the enemy of security. With this understanding, students will be able to develop effective cryptographic solutions, and begin to address the full spectrum of cyber threats.

3. To demonstrate knowledge and skills in the course, students will apply what he/she learns to the following implementing ciphers and key management and decoding and analyzing cryptograms. This will be evaluated in quizzes, homework, labs and testing.