Vivekanand Education Society’s Institute of Technology

Department of Computer Engineering

(Affiliated to University of Mumbai, Approved by AICTE & Recognized by Govt. of Maharashtra)

Course Code Course Title Credit

CSC602 Cryptography & System Security 3

Prerequisite: Computer Networks

Course Objectives

1 To introduce system security goals, ethical hacking and system security concepts.

To explore the classical encryption techniques, working principles and utilities of various
2 cryptographic algorithms including secret key cryptography, hashes and message digests, and
public key algorithms.

To explore the design issues and working principles of various authentication protocols, PKI
3
standards and various secure communication standards including Kerberos, IPsec, and SSL/TLS.

To develop the ability to use existing cryptographic utilities to build programs for secure
4
communication

5 To understand cyber crimes and cyber security.

Course Outcomes

Understand system security goals, ethical hacking and concepts, analyze and apply system
1
security concepts to recognize malicious code.

Understand classical encryption techniques, compare and apply different encryption and
2
decryption techniques to solve problems related to confidentiality and authentication

Understand and analyze the symmetric public-key cryptography, RSA and other public-key
3
cryptosystems ,the key distribution and management schemes

Apply different message digest and digital signature algorithms to verify integrity and achieve
4
authentication and design secure applications

Understand network security basics, analyze different attacks on networks and evaluate the
5
performance of firewalls and security protocols like SSL, IPSec, and PGP and S/MIME

6 Understand various cyber crimes and cyber security

Modul Content Hours

Introduction - Number Theory and Basic Cryptography

Security Goals, Attacks, Services and Mechanisms, Techniques. Concept of

1.1 Ethical Hacking and essential terminologies-Threat,Attack,Vulnerabilities,
1 Reconnaissance and Footprinting. 08

1.2 System Security: Buffer Overflow, malicious Programs: Worms and Viruses
 Vivekanand Education Society’s Institute of Technology
Department of Computer Engineering
(Affiliated to University of Mumbai, Approved by AICTE & Recognized by Govt. of Maharashtra)

Modular Arithmetic: Euclidean Algorithm, Fermat‘s and Euler‘s theorem

Classical Encryption techniques, Symmetric cipher model, monoalphabetic and
1.3
polyalphabetic substitution techniques: Vigenere cipher, playfair cipher, Hill
cipher, transposition techniques: keyed and keyless transposition ciphers

Symmetric and Asymmetric key Cryptography and key Management

Block cipher principles, block cipher modes of operation, DES,

2.1
Double DES, Triple DES, Advanced Encryption Standard (AES), Introduction
2 08
to Stream Ciphers

2.2 Public key cryptography: Principles of public key cryptosystems- The RSA
Cryptosystem

Cryptographic Hash Functions & Key Distribution

Cryptographic Hash Functions: Properties of secure hash function, SHA-512,

3.1
MAC, HMAC 06
3
Symmetric Key Distribution: KDC, Needham-schroeder protocol.
3.2 Kerberos: Kerberos Authentication protocol, Symmetric key agreement:
Diffie Hellman, Public key Distribution: Digital Certificate: X.509

Authentication Protocols & Digital Signature Schemes

User Authentication, Entity Authentication: Password Base, Challenge 04

4.1
4 Response Based

Digital Signature, Attacks on Digital Signature, Digital Signature Scheme:

4.2
RSA.

Network Security and Applications

Network security basics: TCP/IP vulnerabilities (Layer wise), Network

5.1
Attacks: Packet Sniffing, ARP spoofing, port scanning, IP spoofing.
5 08
Denial of Service: DOS attacks, ICMP flood, SYN flood, UDP flood,
5.2
Distributed Denial of Service.

Internet Security Protocols: SSL, IPSEC, PGP.

5.3
Network security: IDS, Firewalls.

Cyber Crime And Cyber Security

6.1 CyberCrime and Information Security, Classifications of Cyber Crimes – Tools

6 and Methods –Password Cracking, Keyloggers, Spywares, SQL Injection – 05
Network Access Control.

6.2 Web Security: Electronic Payment SET.

Total 39
 Vivekanand Education Society’s Institute of Technology
Department of Computer Engineering
(Affiliated to University of Mumbai, Approved by AICTE & Recognized by Govt. of Maharashtra)

Textbooks

William Stallings, “Cryptography and Network Security, Principles and Practice”, 6th Edition,
1
Pearson Education, March 2013

2 Behrouz A. Ferouzan, “Cryptography & Network Security”, Tata McGraw Hill

Behrouz A. Forouzan & Debdeep Mukhopadhyay, “Cryptography and Network Security” 3rd
3
Edition, McGraw Hill

Nina Godbole, Sunit Belapure, “Cyber Security: Understanding Cyber crimes, Computer
4
Forensics and Legal Perspectives”, First Edition, Wiley India, 2011.

Open Source Intelligence Methods and Tools: A Practical Guide to Online Intelligence by
5
Nihad A. Hassan (Author), Rami Hijazi (Author)

Reference Books

Bruce Schneier, “Applied Cryptography, Protocols Algorithms and Source Code in C”, Second
1
Edition, Wiley.

2 Atul Kahate, “Cryptography and Network Security”, Tata McGraw-Hill Education, 2003.

Charles Pfleeger, Shari Pfleeger, Jonathan Margulies, "Security in Computing", Fifth Edition,
3
Prentice Hall, New Delhi, 2015.

4 Eric Cole, “Network Security Bible”, Second Edition, Wiley, 2011.

OSINT Techniques - Resources for Uncovering Online Information - 10th Edition (2023) by
5
Michael Bazzell

Useful Links

Resources

1 https://onlinecourses.nptel.ac.in/noc22_cs90/preview

2 https://onlinecourses.nptel.ac.in/noc22_cs03/preview

3 https://cse29-iiith.vlabs.ac.in/

4 https://threema.ch/press-files/2_documentation/cryptography_whitepaper.pdf

5 http://surl.li/uhndp

6 https://netleon.com/blog/cryptography-real-world-application/

Case Studies
 Vivekanand Education Society’s Institute of Technology
Department of Computer Engineering
(Affiliated to University of Mumbai, Approved by AICTE & Recognized by Govt. of Maharashtra)

7 https://www.kroll.com/en/insights/publications/cyber/case-studies

AI Tools

8 https://www.maltego.com/

9 https://www.recordedfuture.com/threat-intelligence-101/tools-and-technologies/osint-tools

https://www.kali.org/tools/spiderfoot/
10

Internal Assessment
Assessment consists of one Mid Term Test of 20 marks and Continuous Assessment of 20 marks. The Mid
Term test is to be conducted when approximately 50% syllabus is completed and its duration will be one
hour.
Continuous Assessment
Continuous Assessment is of 20 marks. The rubrics for assessment will be considered on approval by the
subject teachers. It should be minimum 2 or maximum 4 from the following table.
Sr. No Rubrics Marks
1 Multiple Choice Questions (Quiz) 5
2 Literature review of papers/journals 5
Participation in event/ workshop/ talk / competition followed by small report and
3 5
certificate of participation relevant to the subject
4 Wins in the event/competition/hackathon pertaining to the course 10
Case study, Presentation, group discussion, technical debate on recent trends in the
5 10
said course
6 Project based Learning and evaluation / Extra assignment / Question paper solution 10
7 NPTEL/ Coursera/ Udemy/any MOOC Certificate course for 4 weeks or more 10
8 Content beyond syllabus presentation 10
9 Creating Proof of Concept 10
10 Mini Project / Extra Experiments/ Virtual Lab 10
11 GATE Based Assignment test/Tutorials etc 10
12 Peer Review and participation 5/10
*For sr.no.7, the date of certification exam should be within the term and in case a student is unable
complete the certification, the grading has to be done accordingly.

Indirect Assessment

1 Mock Viva/Practical

2 Skill Enhancement Lecture