Cryptography and Network Security (CS60065)
Autumn semester 2019-20
Announcements
- All registered students should join piazza to get updates and announcements about the course. The piazza link is: https://piazza.com/iitkgp.ernet.in/summer2019/cs60065
Instructors
Debdeep Mukhopadhyay Contact: (debdeep [AT] cse.iitkgp.ac.in) Mainack Mondal Contact: (mainack [AT] cse.iitkgp.ac.in)Course Timings
Wednesday 12:00 - 12:55 Thursday 11:00 - 11:55 Friday 09:00 - 10:55 Class venue: CSE 107Teaching Assistants
- Manaar Alam (alam [DOT] manaar [AT] gmail. com)
- Arnab Bag (amiarnabbolchi [AT] gmail. com)
Text book
- Cryptography Theory and Practice, Third Edition, by Douglas Stinson
- Cryptography and Network Security, by William Stallings
- Other materials will be announced/distributed as the class progresses.
Course evaluation
Internal assessment: 30% Mid-semester exam: 30% End-semester exam: 40%Topics
The major components of the course include- Introduction to Security
- Cryptography
- Network Security
- Web Security
- Usable Security
- Privacy and Anonymity
- Advanced topics (smartphone security, adversarial machine learning)
| Topic | Slides | Tentative Sub topics |
|---|---|---|
| Security: An overview | Slides |
1. The security mindset 2. What is security 3. Threat modelling |
| Cryptography | TBA |
1. Overview of Cryptography 2. Symmetric Key Cryptosystems: SPN Ciphers, The Feistel Cipher 3. Modern Block Cipher Standards - AES 4. Cryptanalytic Techniques: Linear Cryptanalysis, Differential Cryptanalysis 5. Advanced block cipher design: SBox Design Principles, Modes of Operations 6. Cryptographic Hash functions and Message Authentication Codes 7. Asymmetric Ciphers: The RSA Cryptosystem |
| Network security | TBA |
1. Networking Basics 2. Network threat model 3. Basic Network Attacks 4. DNS, BGP attacks 5. Denial of Service Attacks, smurf attack, Reflection attack 6. Mitigation, IP traceback |
| Web security | TBA |
1. How the Modern Web Works: Anatomy of webpage and http(s) requests 2. SQL injection 3. XSS, CSRF attacks 4. Online tracking 5. Buffer overflow: the curious case of Heartbleed 6. Botnets |
| Usable Security | TBA |
1. A few case studies 2. Qualitative methods 3. Usability for developers 4. Phishing attacks and mitigation |
| Privacy and anonymity | TBA |
1. Definitions of privacy 2. Anonymity: Overview of Tor 3. Attacks on Tor 3. Private information retrieval, differential privacy 4. Anonymous routing |
| Advanced topics 1: Smartphone security | TBA |
1. Permission model in Android 2. Attacks on permission model and mitigation |
| Advanced topics 2: Adversarial Machine Learning | TBA |
1. Intro to adversarial machine learning 2. Adversarial Deep Learning |