The CIA Triad (Confidentiality, Integrity, Availability). Security Attacks: Passive (Interception, Traffic Analysis) vs. Active (Modification, Masquerade, Replay, DoS). Security Services (X.800) and Mechanisms. The Mo...
The CIA Triad (Confidentiality, Integrity, Availability). Security Attacks: Passive (Interception, Traffic Analysis) vs. Active (Modification, Masquerade, Replay, DoS). Security Services (X.800) and Mechanisms. The Model for Network Security. User Authentication: Identification vs. Authentication, Password Hashing, Salting, Rainbow Tables, and Dictionary Attacks.
Substitution Ciphers (Caesar, Monoalphabetic, Playfair, Vigenère). Transposition Ciphers (Rail Fence, Columnar). Steganography. Mathematical Foundations: Modular Arithmetic, Euclidean Algorithm for GCD, Extended Euclidean Algorithm, Fermat's Little Theorem, Euler's Totient Function, and Primality Testing (Miller-Rabin).
Stream Ciphers vs. Block Ciphers. The Feistel Cipher Structure. Data Encryption Standard (DES): Structure, Function, and Strength. Triple DES (3DES). Advanced Encryption Standard (AES): Transformations (SubBytes, ShiftRows, MixColumns, AddRoundKey). Block Cipher Modes of Operation: ECB, CBC, CFB, OFB, and CTR (Counter Mode).
Principles of Public-Key Cryptosystems. The RSA Algorithm: Key Generation, Encryption, and Decryption mathematics. Security of RSA. Diffie-Hellman Key Exchange: The discrete logarithm problem, protocol, and Man-in-the-Middle (MITM) vulnerability. Introduction to Elliptic Curve Cryptography (ECC).
Cryptographic Hash Functions: Properties (Pre-image resistance, Second pre-image resistance, Collision resistance). The Secure Hash Algorithm (SHA) family. Message Authentication Codes (HMAC). Digital Signatures (DSA, RSA-PSS). Access Control Models: Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role-Based Access Control (RBAC).