Cryptography and Information Security

Module code: CO3099

Module co-ordinators: Stanley Fung and Emilio Tuosto

Computers and computer networks are an integral part of our lives in areas such as e-banking and e-commerce. However, convenience comes with a price and the security of computer systems is now a critical issue. Some of the security issues that must be addressed include:

  • How can computer systems defend themselves against network attacks?
  • How can we ensure that our data has not been tampered with, or disclosed without our consent?
  • How can we be sure somebody is who they say they are?

A fundamental part of security systems is cryptography, the science of secret writing. There have been rapid advances in cryptography in the past few decades, and cryptography has become an integral part of many commercial computer applications.

In this module you will study the principles of modern public key cryptography, a cornerstone of many security-enabled network applications in current use. We will explore a range of cryptographic primitives, including message digests, digital signatures and certificates. We will also look in detail at how to write secure network applications using these cryptographic primitives.

We will consider in particular the security model of Java and elements of its access control model (e.g., Security manager and policies), as well as some notation and techniques for the analysis of cryptographic protocols commonly adopted in distributed applications. Such techniques are used to argue about security aspects of some amongst the most popular applications of cryptographic protocols (e.g., Pretty Good Privacy and digital signatures).

Learning

  • 30 hours of lectures
  • 10 hours of surgeries
  • 10 hours of labs

Assessment

  • Coursework (40%)
  • Exam (60%)