• Assignment 1: Cryptographic analysis task
• Assignment 2: System cybersecurity report
• Assignment 3: Podcast

• Blackboard
• Unconfirmed practical marks when available

This unit aims to:

• A1 provide the student with an understanding of fundamental security properties that we desire to maintain and why they are important and of the principal security mechanisms used to uphold these properties;
• A2 develop an understanding of important security strength criteria, an appreciation of the sources of confidence that are associated with specific security mechanisms, and the ability to calculate or otherwise determine the strength of specific mechanisms in their deployed context - We will address quantitative criteria (e.g. for cryptographic elements) and qualitative approaches (e.g. some formal methods for protocol proofs of correctness);
• A3 develop the analysis and synthesis skills necessary to identify important threats to systems under examination, evaluate the degree to which threats to systems are countered, and propose countermeasures or appropriate changes to countermeasures to achieve effective and efficient risk reduction;
• A4 enhance the communication and professional skills of the student;
• A5 familiarise the student with the contextual issues relevant to the topics taught - professional, legal, ethical, political etc.

By the end of the unit, a candidate will be able to:

• LO1 explain what the major system security properties are, why they are important, and what mechanisms are available to support them;
• LO2 describe security strength criteria for specific mechanisms, explain the rationale behind them, and determine the strength of specific mechanisms;
• LO3 analyse deployed mechanisms, identify weaknesses in them, and demonstrate how they can be exploited;
• LO4 choose suitable security requirements and mechanisms in a variety of system contexts and justify those choices;
• LO5 independently research material relevant to the module and communicate findings to a non-specialist audience
• LO6 articulate the contextual issues (professional, legal, ethical, political etc) that apply

Security​ ​properties and mechanisms

• Confidentiality,​ ​Integrity,​ ​Availability,​ ​Anonymity,​ ​Non-repudiation,​ ​Privacy​ ​etc.
• Identification​ ​and​ ​Authentication:
• Password​ ​systems,​ ​graphical​ ​passwords​ ​systems,​ ​biometrics,​ ​CAPTCHAs,​ ​etc
• Social​ ​engineering​ ​attacks.

Access​ ​Control: MAC and DAC etc.

Modern​ ​cryptography:

• Stream​ ​cipher​ ​basics.​ ​Divide​ ​and​ ​conquer​ ​correlation​ ​attacks.
• Block​ ​ciphers​.
• Modes​ ​of​ ​encryption:​ ​Code​ ​Book,​ ​CFB,​ ​OFB,​ ​CBC.
• Attacks​ ​on​ ​cryptographic​ ​algorithms:​ ​linear​ ​cryptanalysis,​ ​differential cryptanalysis
• Public​ ​key​ ​algorithms.
• Cryptographic​ ​hash​ ​functions.
• Power,​ ​timing, attacks
• Brute​ ​force​ ​potential.​ ​The​ ​rise​ ​of​ ​compute​ ​power.
• The​ ​threat​ ​from​ ​quantum​ ​computing.​
• Quantum​ ​key​ ​distribution​ ​protocols.

Security Protocols:

• What are security protocols?
• Uses in one-way and two-way authentication, key distribution, and the like.
• Proofs of claims: belief and knowledge approaches, model checking approaches,
• synthesis of provably correct protocols.

• 10 hours of online materials. These content delivery elements will cover theoretical and practical aspects but also act as an index to referenced materials. All LOs except LO5. Detail provided by referenced materials.
• 8 hours (4 x 2 hours) practical sessions on cryptography related aspects. - This addresses LO1, LO2, LO3 and LO4. Students have to implement attacks and analyses which exposes strengths and weakness of mechanisms;
• 8 hours (4 x 2 hours) practical sessions on the non-cryptographic aspects. - This addresses LO1, LO2, LO3, LO4, LO6;
• 10 hours (5 x 2 hours) seminars/discussions - Addresses all LOs except LO5;
• 116 hours of independent study of supporting referenced materials. Wherever possible referenced materials will be freely available on the web. Students are expected to read around the subject. Independent study is an important component of the module. -Addresses all LOs.