USQ LogoCourse specification
The current and official versions of the course specifications are available on the web at http://www.usq.edu.au/course/specification/current.
Please consult the web for updates that may occur during the year.

CSC8419 Cryptography and Security

Semester 1, 2013 External Toowoomba
Units : 1
Faculty or Section : Faculty of Sciences
School or Department : Maths and Computing
Version produced : 21 July 2014

Contents on this page

Staffing

Examiner: Hua Wang
Moderator: Ron Addie

Requisites

Pre-requisite: Students must be enrolled in one of the following Programs: MCOP or MPIT or MCOT or MCTE or MSBI or MSSC or MENC or MEPR or MENS or METC or MSST.

Other requisites

Pre-requisite: Know basics of programming in C, C++, Java, or other high level language, or possess basic knowledge of any field related to cryptology.

Rationale

Security has become an important and challenging goal in the design of computer systems. A number of security techniques such as signature, multi-signature, blind signature and access control have been published and have been adopted by researchers and industry applications. This course will provide students with key knowledge about the nature and challenges of computer security, especially the relationship between policy and security, the role and application of cryptography, the methodologies and technologies for assurance, vulnerability analysis and intrusion detection and building secure systems.

Synopsis

The course gives a broad overview of methods of implementing security services based on cryptography in today's communication networks. Topics to be covered include the fundamentals of contemporary cryptography and its application to network services, such as confidentiality, integrity, authentication, and non-repudiation. We show new ideas in cryptology, such as public key cryptography and zero-knowledge protocols, permit the efficient solutions to the problems of digital signature, electronic cash, key exchange, and access control. We analyse the strength of today's ciphers and their implementations, and discuss the best known crypto analytical techniques used to break security systems. We analyse the most popular implementations of cryptography used on the Internet, including systems for electronic mail protection, secure WWW, and electronic payment protocols. We discuss the ongoing work on the development of American and international standards for secure communications and present the most recent research trends in cryptology.

Objectives

On successful completion of this course should be able to:

  1. Analyse and address a number of situations in which security can be compromised;
  2. Understand and apply selected protocols used to ensure security;
  3. Apply the algorithms behind some current cryptographic protocols;
  4. Demonstrate understanding of how insecure systems can be attacked;
  5. Understand public key systems and their applications;
  6. Demonstrate detailed knowledge of the RSA algorithm;
  7. Demonstrate detailed knowledge of the PGP system;
  8. Design and develop techniques and algorithms that are used to implement these protocols.

Topics

Description Weighting(%)
1. Review of pre-computing cryptography. 5.00
2. Single key and public key cryptography. 9.00
3. Key management and attacks on public key systems. 9.00
4. Secrecy and digital signatures. 9.00
5. The RSA public key algorithm 9.00
6. Security policy design and implementation. 9.00
7. Authentication and the Kerberos algorithm. 9.00
8. Hash functions and birthday attacks. 9.00
9. Multiple key cryptography: secret splitting and sharing. 9.00
10. Access control management. 9.00
11. The PGP package. 9.00
12. The attitude of public bodies to security. 5.00

Text and materials required to be purchased or accessed

ALL textbooks and materials available to be purchased can be sourced from USQ's Online Bookshop (unless otherwise stated). (https://bookshop.usq.edu.au/bookweb/subject.cgi?year=2013&sem=01&subject1=CSC8419)

Please contact us for alternative purchase options from USQ Bookshop. (https://bookshop.usq.edu.au/contact/)

  • Gollmann, Dieter 2011, Computer security, 3rd edn, Wiley, New York.

Reference materials

Reference materials are materials that, if accessed by students, may improve their knowledge and understanding of the material in the course and enrich their learning experience.
  • Bishop, Matt 2004, Introduction to computer security, Addison Wesley, Boston.
  • Cheswick, WR & Bellovin, SM 2003, Firewalls and internet security, 2nd edn, Addison-Wesley Professional.
  • Ferguson, N & Schneier, B 2003, Practical cryptography, John Wiley & Sons, New York.
  • Garfinkel, S & Spafford, G 2003, Practical unix and internet security, 3rd edn, O'Reilly & Associates.
    (Online from Library.)
  • Finally, there are many relevant and interesting resources on the web, from newsgroups such as sci.crypt.research and comp.risks through hacker and CERT sites to organisations involved in crypto policy and, of course, researchers' home pages (http://www.swcp.com//mccurley/cryptographers/cryptographers.html).

Student workload requirements

Activity Hours
Directed Study 30.00
Private Study 60.00
Project Work 80.00

Assessment details

Description Marks out of Wtg (%) Due Date Notes
PROJECT PROPOSAL 16 16 27 Mar 2013
PROJECT IMPLEMENTATION 24 24 08 May 2013
FINAL RESEARCH REPORT 60 60 12 Jun 2013

Important assessment information

  1. Attendance requirements:
    It is the students' responsibility to study all material provided to them or required to be accessed by them to maximise their chance of meeting the objectives of the course and to be informed of course-related activities and administration.

  2. Requirements for students to complete each assessment item satisfactorily:
    To satisfactorily complete an assessment item a student must achieve at least 50% of the marks. Students do not have to satisfactorily complete each assessment item to be awarded a passing grade in this course. Refer to Statement 4 below for the requirements to receive a passing grade in this course.

  3. Penalties for late submission of required work:
    If students submit assignments after the due date without (prior) approval of the examiner then a penalty of 5% of the total marks gained by the student for the assignment may apply for each working day late up to ten working days at which time a mark of zero may be recorded.

  4. Requirements for student to be awarded a passing grade in the course:
    To be assured of receiving a passing grade a student must achieve at least 50% of the total weighted marks available for the course.

  5. Method used to combine assessment results to attain final grade:
    The final grades for students will be assigned on the basis of the aggregate of the weighted marks obtained for each of the summative assessment items in the course.

  6. Examination information:
    There is no examination in this course.

  7. Examination period when Deferred/Supplementary examinations will be held:
    As there are no examinations in this course, there will be no deferred or supplementary examinations.

  8. University Student Policies:
    Students should read the USQ policies: Definitions, Assessment and Student Academic Misconduct to avoid actions which might contravene University policies and practices. These policies can be found at http://policy.usq.edu.au.

Assessment notes

  1. The due date for an assignment is the date by which a student must despatch the assignment to the USQ. The onus is on the student to provide proof of the despatch date, if requested by the Examiner.

  2. Students must retain a copy of each item submitted for assessment. This must be produced within five days if required by the Examiner.

  3. The due date for an assignment is the date by which a student must despatch the assignment to the USQ. The onus is on the student to provide proof of the despatch date, if requested by the Examiner.

  4. In accordance with University Policy, the Examiner may grant an extension of the due date of an assignment in extenuating circumstances.

  5. Students who have undertaken all of the required assessments but who have failed to meet some of the specified objectives within the normally prescribed time may be awarded the temporary grade: IM (Incomplete - Make up). An IM grade will only be awarded when, in the opinion of the examiner, a student will be able to achieve the remaining objectives of the course after a period of non directed personal study.

  6. Students who, for medical, family/personal, or employment-related reasons, are unable to complete an assignment may apply to defer an assessment in a course. Such a request must be accompanied by appropriate supporting documentation. The following temporary grade IDM (Incomplete Deferred Make-up may be awarded.

  7. The referencing system to be used in this course is supported by the Department. Information on this referencing system and advice on how to use it can be found in the course materials.