CY202Semester 43 (2-1-0)Major

Cryptography & Network Security

Syllabus

Unit 1: Cryptography Fundamentals and Classical Techniques

Security services (confidentiality, integrity, authentication, non-repudiation), Classical ciphers (Caesar, Vigenère, Playfair, Hill), Cryptanalysis techniques (frequency analysis, known-plaintext attacks), Block vs. stream ciphers, Shannon's principles of confusion and diffusion, Modes of block cipher operation (ECB, CBC, CFB, OFB, CTR), Initialization vectors and nonce usage.

Unit 2: Symmetric Key Cryptography

Data Encryption Standard (DES) algorithm and cryptanalysis (differential, linear), Advanced Encryption Standard (AES) - Rijndael structure, S-boxes, key expansion, rounds structure, Block cipher modes security analysis, Key management challenges in symmetric cryptography, Key derivation functions and key stretching, Practical symmetric cipher selection criteria.

Unit 3: Number Theory and Public-Key Cryptography

Modular arithmetic, prime generation, Fermat/Euler theorems, Greatest Common Divisor algorithms, RSA cryptosystem (key generation, encryption/decryption, security proofs), Diffie-Hellman key exchange and man-in-the-middle attacks, Digital Signature Algorithm (DSA), Elliptic Curve Cryptography (ECC) fundamentals and advantages over RSA.

Unit 4: Hash Functions, MACs, and Authentication

Cryptographic hash function properties (collision resistance, preimage resistance), MD5 weaknesses and SHA-family algorithms, HMAC construction and security proofs, Message authentication codes (MACs), Digital signatures and non-repudiation, PKI concepts (certificates, CAs, CRLs), X.509 certificate format and validation.

Unit 5: Network Security Protocols and Applications

Transport Layer Security (TLS/SSL) handshake and cipher suites, IPsec architecture (AH, ESP, IKE), VPN protocols and tunnel modes, Email security (PGP, S/MIME), Kerberos authentication and ticket granting, Common network attacks (MITM, replay, session hijacking), Secure protocol design principles and cryptographic agility.

Skills

Data StructuresAlgorithmsComputer NetworksCyber SecurityRoboticsSemiconductor Design

Structure

Semester: 4

Credits: 3 (2-1-0)

Category: Major

Practicals

Lab 1: Classical Cipher Implementation: Focuses on implementing and cryptanalyzing classical ciphers (Caesar, Vigenère), demonstrating frequency analysis attacks and basic cryptanalysis techniques.
Lab 2: Block Cipher Modes Analysis: Focuses on implementing ECB/CBC/CTR modes, demonstrating padding oracle attacks on ECB and malleability issues in CBC mode.
Lab 3: AES Implementation Study: Focuses on studying AES encryption/decryption process, key expansion, and analyzing performance characteristics across different key sizes.
Lab 4: RSA Key Generation and Attacks: Focuses on RSA implementation, textbook vs. padded RSA, demonstrating small exponent attacks and common modulus attacks.
Lab 5: Diffie-Hellman Key Exchange: Focuses on implementing Diffie-Hellman key exchange, demonstrating man-in-the-middle attacks and ephemeral key usage.
Lab 6: Hash Function Collision Attacks: Focuses on demonstrating MD5 collision attacks and analyzing SHA-256 preimage resistance through birthday paradox experiments.
Lab 7: HMAC and Message Authentication: Focuses on implementing HMAC construction and verifying security properties against length extension attacks.
Lab 8: Digital Signature Verification: Focuses on creating/verifying digital signatures using RSA/ECDSA, implementing X.509 certificate chain validation.
Lab 9: TLS Handshake Analysis: Focuses on capturing and analyzing TLS handshakes using Wireshark, identifying cipher suite negotiation and certificate validation.
Lab 10: Network Security Protocol Implementation: Focuses on implementing simplified TLS/IPsec protocol components, demonstrating secure key exchange and data protection.