IFN648 Applied Cryptography


To view more information for this unit, select Unit Outline from the list below. Please note the teaching period for which the Unit Outline is relevant.


Unit Outline: Semester 1 2024, Gardens Point, Internal

Unit code:IFN648
Credit points:12
Pre-requisite:IFN541 or IFQ541 concurrently with IFN648 or IFN511
Anti-requisite:IFN642, CAB340
Coordinator:Xavier Boyen | xavier.boyen@qut.edu.au
Disclaimer - Offer of some units is subject to viability, and information in these Unit Outlines is subject to change prior to commencement of the teaching period.

Overview

This advanced unit will provide an in-depth understanding of cryptographic algorithms and their applications. Cryptographic algorithms enable practical security services such as confidentiality and integrity assurance for stored or transmitted data, and authentication of entities. As a society, we are increasingly dependent on electronic systems, often interconnected, for storage and transmission of information. However, there are many threats to the security of information. This unit will explore the application of modern cryptographic techniques to protect information in a range of situations, and also provide an understanding of their limitations. This unit follows IFN553 Introduction to Security, and IFN541 Information Security
Management, and is a more detailed examination of a particular set of control mechanisms that make use of mathematical and analytical algorithms to protect information assets. 

Learning Outcomes

On successful completion of this unit you will be able to:

  1. Discuss the components of various classes of cryptographic systems, and discuss their roles, limitations, and impact of their use in broader systems.
  2. Apply the transformations performed by various cryptographic algorithms to achieve specific cryptographic services within a variety of security models.
  3. Relate the information-scientific and mathematical principles at the root of common cryptographic systems to justify their proper use for stated security purposes.
  4. Integrate the use of a combination of cryptanalytic techniques to address cryptographic challenges and devise remedies to identified weaknesses.
  5. Critically evaluate a real-world scenario and recommend the most appropriate cryptographic technologies to meet the information security specifications.

Content

Basic concepts in cryptography including: encryption and decryption, entity authentication, data integrity, non-repudiation, symmetric and asymmetric cryptography. Knowledge of a range of cryptographic algorithms from historic symmetric ciphers (Caesar, transposition ciphers, Hill cipher, Enigma) to modern symmetric ciphers (stream and block) and modes of operation, and modern asymmetric ciphers (RSA, El Gamal) and their applications for confidentiality and digital signatures. Classes of attack (ciphertext-only, known plaintext, chosen plaintext, chosen ciphertext), information theoretic security (Shannon’s Theorem).

Learning Approaches

In this unit you will learn through a combination of weekly lectures where you will learn about the material and engaging weekly tutorials where you will have the opportunity to put your knowledge to practice through hands-on practical exercises using open source e-learning software. The lectures will explain concepts of applied cryptography, including a number of famous and important algorithms with their strengths and weaknesses, whilst the tutorials will further explore the actual behaviour of those algorithms – both for regular use and for cryptanalysis. No experience with the e-learning software prior to beginning IFN648 is required. 

The practical exercises are designed to reinforce the cryptographic concepts presented in the lectures, and to help the student comprehend to operations and the applications of the algorithm in real-world scenarios. You will work on these exercises at home in preparation of the tutorial, and are encouraged to bring your own laptop to the tutorials, during which the staff will highlight the key points and help you gain practical insight into the various cryptographic operations. You can complete and review the exercises individually outside of class time with the help of worked-through solution sheets. The free e-learning software can also be downloaded and installed on individual student machines. 

Unit staff provide a learning environment designed to maximise your learning experience. In order to realise your full potential, it is strongly recommended that you actively participate in all of the learning activities offered in this unit. Understanding of the lecture material is essential, whilst attending the tutorials remains optional but highly advisable.

The unit coordinator will use the unit's Canvas page to make announcements to the class and post various types of information throughout the semester; and you will have ample opportunity to ask questions directly to the teaching staff at the lectures and tutorials, and also via email. It is your responsibility to access your email account and the unit's Canvas page regularly.

Feedback on Learning and Assessment

You can obtain feedback on your progress in this unit via the following mechanisms:

  • Self-assess your responses to presented material
  • Ask the teaching staff for advice and assistance during workshop sessions, or by email
  • Review your assessment items when the marked items are returned, noting application of the marking criteria and the marker comments,
  • Have a private consultation with teaching staff to discuss your progress (email the unit coordinator to arrange an appointment).

Taking note of the marker’s feedback on the problem solving tasks will enable you to review the concepts covered to ensure that you understand the material prior to the final examination.

Assessment

Overview

The summative assessment items in this unit will allow you to demonstrate your ability to solve practical problems through the application of cryptography (the problem solving task), reason about and identify security problems that can be mitigated through cryptographic techniques (the report), and confirm the knowledge you have gained about cyber security and cryptography (the exam).

Unit Grading Scheme

7- point scale

Assessment Tasks

Assessment: Problem solving task

This task will require you to solve various cryptographic problems using the techniques presented in the classical cryptography section of the unit. You will submit reports outlining the process you have followed and the solutions obtained:

  • Part 1 about Cryptanalysis and Historical Ciphers is worth 15% and due at the end of week 4
  • Part 2 about Symmetric-key Cryptography and Analysis is worth 15% and due at the end of week 7
  • Part 3  about Public-key Cryptography is worth 20% and  due at the end of week 11.

Although you may discuss the assessment topics with others, the work you submit for assessment must be your own individual effort.

This assignment is eligible for the 48-hour late submission period and assignment extensions.

.

Weight: 50
Individual/Group: Individual
Due (indicative): Due in weeks 4, 7 and 11
Related Unit learning outcomes: 2, 4

Assessment: Report

This assessment item will require you to work in a group, preparing a report on the analysis of an information security issue, based on topics covered in the course. The task will allow you to demonstrate the knowledge of cryptographic algorithms you have acquired in the unit and their application in the context of a network security.

This assignment is eligible for the 48-hour late submission period and assignment extensions.

Weight: 20
Individual/Group: Group
Due (indicative): Week 13
Related Unit learning outcomes: 1, 3, 5

Assessment: Final Exam

Final written examination

Weight: 30
Individual/Group: Individual
Due (indicative): Central Examination Period
Related Unit learning outcomes: 1, 2, 3

Academic Integrity

Students are expected to engage in learning and assessment at QUT with honesty, transparency and fairness. Maintaining academic integrity means upholding these principles and demonstrating valuable professional capabilities based on ethical foundations.

Failure to maintain academic integrity can take many forms. It includes cheating in examinations, plagiarism, self-plagiarism, collusion, and submitting an assessment item completed by another person (e.g. contract cheating). It can also include providing your assessment to another entity, such as to a person or website.

You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.

Further details of QUT’s approach to academic integrity are outlined in the Academic integrity policy and the Student Code of Conduct. Breaching QUT’s Academic integrity policy is regarded as student misconduct and can lead to the imposition of penalties ranging from a grade reduction to exclusion from QUT.

Resources

  • No specific textbook is required for this unit.
  • Free open source e-learning software will be used – details provided in the Week 1 class.

Course Learning Outcomes

This unit is designed to support your development of the following course/study area learning outcomes.

IN20 Master of Information Technology

  1. Demonstrate specialist knowledge of at least one Information Technology discipline
    Relates to: ULO1, ULO3
  2. Critically assess, select and integrate existing IT approaches, and develop novel methods, to address discipline-specific problems
    Relates to: ULO4
  3. Engage in effective professional and scholarly communication
    Relates to: ULO2
  4. Achieve positive change through the creative and skilful application of IT
    Relates to: ULO5