Home » Second Level Degree » Courses » CRYPTOGRAPHY

Second Level Degree in Mathematics

Jump second level menu

CRYPTOGRAPHY - 6 CFU

From CYBERSECURITY AND CRYPTOGRAPHY: PRINCIPLES AND PRACTICES (SECOND CYCLE DEGREE Cybersecurity)

Teacher

Alessandro Languasco

Scheduled Period

I Year - 1 Semester | 04/10/2021 - 15/01/2022

Hours: 48 (8 esercitazione, 40 lezione)

Move Up ▲

Prerequisites

For the first part (Prof. Languasco; 6 credits): The topics of the following courses: Algebra (congruences, groups and cyclic groups, finite fields), Calculus (differential and integral calculus, numerical series) both for the BA in Mathematics.

For the second part (Prof. Conti and Prof. Migliardi; 6 credits): OS, Programming.

Target skills and knowledge

For the first part (Prof. Languasco; 6 credits): The main goal of the first part of the course is to give an overview of the theoretical basis of the field in order to allow a critical study of the cryptographic protocols used in many applications (authentication, digital commerce). We will give first the mathematical basic tools (essentially from elementary and analytic number theory) that are required to understand modern public-key methods. After this, we will see how to apply this know-how to study and criticize some protocols currently used.

For the second part (Prof. Conti; 3 credits): Students will be able to identify, classify, describe, explain, and correlated the key concepts of cybersecurity attacks and defenses.

For the second part (Prof. Migliardi; 3 credits): Assess the risks to which an IT system is exposed, Explain how an attack works, Describe, explain and generalize software vulnerabilities, Avoid software pitfalls.

Examination methods

For the first part (Prof. Languasco; 6 credits): Written exam in class; if, due to the pandemic situation, this will not be possible the written exam will be done using the available videoconferencing tools.

For the second part (Prof. Conti and Prof. Migliardi; 6 credits): Written Exam, Homeworks, oral test.

Assessment criteria

For the first part (Prof. Languasco; 6 credits): During the written exam the student will have to reply to some questions about the topics taught during the lectures.
The maximal mark (30/30) will be conferred to error-free exams only. If the written exam will not be sufficient to decide the mark, the teacher will ask to the candidate some further questions to be directly replied on the blackboard. The oral exam will be in class if possible; but if the pandemic situation will be present, it will be done using the available videoconferencing tools.

For the second part (Prof. Conti and Prof. Migliardi; 6 credits): Evaluation of both theoretical competence and operational ability to apply what has been learned to a real case.

Course contents

For the first part (Prof. Languasco; 6 credits): First Part: Basic theoretical facts: Modular arithmetic. Prime numbers. Little Fermat theorem. Chinese remainder theorem. Finite fields: order of an element and primitive roots. Pseudoprimality tests. Agrawal-Kayal-Saxena's test. RSA method: first description, attacks. Rabin's method and its connection with the integer factorization. Discrete logarithm methods. How to compute the discrete log in a finite field. Elementary factorization methods. Some remarks on Pomerance's quadratic sieve. Protocols and algorithms. Fundamental crypto algorithms. Symmetric methods (historical ones, DES, AES) . Asymmetric methods. Attacks. Digital signature. Pseudorandom generators (remarks). Key exchange, Key exchange in three steps, secret splitting, secret sharing, secret broadcasting, timestamping. Signatures with RSA and discrete log.

For the second part (Prof. Conti and Prof. Migliardi; 6 credits):
Introduction to Cybersecurity, User Authentication, Access Control, Database Security, Malicious Software, Denial-of-Service Attacks, Intrusion Detection, Firewalls and Intrusion Prevention Systems, Operating System Security, Trusted Computing and Multilevel Security.
The execution environment of a program and the vulnerabilities resulting from the threat model of the time. Languages and threat models. Control hijacking: attack. Control hijacking: defense. Security of operating systems and principle of least privilege necessary (and examples of privilege escalation). Sandboxing and interaction with legacy code. Flaw search techniques.

Planned learning activities and teaching methods

Classroom lectures (if possible); if the pandemic situation will be present, the lectures will be done using the available videoconferencing tools.

Additional notes about suggested reading

For the first part (6 credits): We will use the following textbooks:
1) A.Languasco, A.Zaccagnini - Manuale di Crittografia - Hoepli Editore, 2015. (italian).
2) N. Koblitz - A Course in Number Theory and Cryptography -Springer, 1994.
3) H. Knospe - A Course in Cryptography - American Mathematical Society, 2019.
4) R. Crandall, C.Pomerance - Prime numbers: A computational perspective - Springer, 2005.
5) B. Schneier - Applied Cryptography - Wiley, 1994.

Textbooks (and optional supplementary readings)

Torna su ▲