Unit convenor and teaching staff |
Unit convenor and teaching staff
Other Staff
Leslie Bell
Contact via les.bell@mq.edu.au
E6A 354
one hour after each lecture plus other times by appointment
Unit Convenor
Christophe Doche
Contact via christophe.doche@mq.edu.au
|
---|---|
Credit points |
Credit points
3
|
Prerequisites |
Prerequisites
39cp and (COMP125(P) or COMP165(P)) and (DMTH137(P) or MATH237(P) or DMTH237(P))
|
Corequisites |
Corequisites
|
Co-badged status |
Co-badged status
|
Unit description |
Unit description
This unit provides an introduction to modern cryptography and information security. First, some cryptographic primitives, such as private key and public key ciphers, hash functions and digital signatures, are introduced. Then, some security technologies are discussed to illustrate how basic cryptographic primitives are concretely used in real life applications. Various attacks on the cryptographic schemes and protocols are also discussed.
|
Information about important academic dates including deadlines for withdrawing from units are available at https://www.mq.edu.au/study/calendar-of-dates
On successful completion of this unit, you will be able to:
Name | Weighting | Due |
---|---|---|
Tutorial Tasks | 10% | Weekly |
Assignment 1 | 15% | Week 7 |
Assignment 2 | 15% | Week 12 |
Mid-semester test | 15% | Week 6 |
Final exam | 45% | TBA |
Due: Weekly
Weighting: 10%
Each week, a set of exercises will be available online. The first of the tutorial exercises for the week is the task you need to solve. Your solutions should be submitted electronically via iLearn before the deadline specified in the text.
Due: Week 7
Weighting: 15%
Implementation of a cipher. The assignment is to be submitted via iLearn. Late submissions attract no marks.
Due: Week 12
Weighting: 15%
Security Evaluation of a System or Product. The assignment is to be submitted via iLearn. Late submissions attract no marks.
Due: Week 6
Weighting: 15%
It is a 50 minutes long written examination worth 15% that will be held in week 6 during class time. It will test your understanding of material covered in weeks 1 to 5. The mid-semester test has the same structure as the final examination. The feedback received will allow you to be better prepared for the final examination.
Due: TBA
Weighting: 45%
The final examination is designed to test your understanding of basic concepts of modern Cryptography and Information Security. Regarding the examination process, note that
Each week you should read the slides and prepare for the lectures. The first hour of lecture every Tuesday is especially important as it is delivered in a more interactive tutorial style. The next two hours of lectures are on Wednesday. There is also a one hour practical. For details of days, times and rooms consult the timetables webpage.
Note that Practicals commence in week 1.
You should have selected a practical at enrolment.
Please note that you will be required to submit work every week. Failure to do so may result in you failing the unit or being excluded from the exam.
Recommended readings for this unit:
iLearn
iLearn is a Learning Management System that gives you access to lecture slides, lecture recordings, forums, assessment tasks,...
Echo 360 (formerly known as iLecture)
Digital recordings of lectures are available. Read these instructions for details.
Technology Used
Java programming language and PARI, GnuPG, TrueCrypt, Thunderbird, OpenSSH, PuTTY
Week |
Topic |
Reading |
---|---|---|
1 |
Introduction to cryptography |
Lecture slides Week 1 |
2, 3 |
Symmetric Key Cryptography |
Lecture slides Week 2, 3 |
4 |
Cryptographic Hashing |
Lecture slides Week 4 |
5 |
Public Key Cryptography |
Lecture slides Week 5 |
6 |
Public Key Cryptography + Mid-Term Test |
Lecture slides Week 5 |
7 |
Encrypted files and file systems (data at rest) |
Lecture slides + SE Chap. 5 + NIST SP 800-38a, IEEE Std 1619-2007, SP 800-38E |
8 |
Symmetric encryption for data in motion |
Lecture slides + SE Chap. 21 (1st ed.: 18), NIST SP800-38a, RFC 4346 (TLS 1.1) + RFC 5246 (TLS 1.2), notes on SSH |
9 |
Authentication |
Lecture slides + SE Chaps. 3 and 15 |
10 | Access control | Lecture slides + SE Chaps. 4, 8, 9, notes on UNIX permissions |
11 | eMoney, eVoting, Digital Rights Management | Lecture slides + SE Chaps. 10, 22 |
12 | Revision | Lecture slides |
13 | Revision | Lecture slides |
Macquarie University policies and procedures are accessible from Policy Central. Students should be aware of the following policies in particular with regard to Learning and Teaching:
Academic Honesty Policy http://mq.edu.au/policy/docs/academic_honesty/policy.html
Assessment Policy http://mq.edu.au/policy/docs/assessment/policy.html
Grading Policy http://mq.edu.au/policy/docs/grading/policy.html
Grade Appeal Policy http://mq.edu.au/policy/docs/gradeappeal/policy.html
Grievance Management Policy http://mq.edu.au/policy/docs/grievance_management/policy.html
Disruption to Studies Policy http://www.mq.edu.au/policy/docs/disruption_studies/policy.html The Disruption to Studies Policy is effective from March 3 2014 and replaces the Special Consideration Policy.
In addition, a number of other policies can be found in the Learning and Teaching Category of Policy Central.
Macquarie University students have a responsibility to be familiar with the Student Code of Conduct: https://students.mq.edu.au/support/student_conduct/
Departmental Special Consideration Policy http://comp.mq.edu.au/undergrad/policies/special_consideration_policy.htm
Macquarie University provides a range of support services for students. For details, visit http://students.mq.edu.au/support/
Learning Skills (mq.edu.au/learningskills) provides academic writing resources and study strategies to improve your marks and take control of your study.
Students with a disability are encouraged to contact the Disability Service who can provide appropriate help with any issues that arise during their studies.
For all student enquiries, visit Student Connect at ask.mq.edu.au
For help with University computer systems and technology, visit http://informatics.mq.edu.au/help/.
When using the University's IT, you must adhere to the Acceptable Use Policy. The policy applies to all who connect to the MQ network including students.
Our graduates will take with them the intellectual development, depth and breadth of knowledge, scholarly understanding, and specific subject content in their chosen fields to make them competent and confident in their subject or profession. They will be able to demonstrate, where relevant, professional technical competence and meet professional standards. They will be able to articulate the structure of knowledge of their discipline, be able to adapt discipline-specific knowledge to novel situations, and be able to contribute from their discipline to inter-disciplinary solutions to problems.
This graduate capability is supported by:
We want our graduates to be capable of reasoning, questioning and analysing, and to integrate and synthesise learning and knowledge from a range of sources and environments; to be able to critique constraints, assumptions and limitations; to be able to think independently and systemically in relation to scholarly activity, in the workplace, and in the world. We want them to have a level of scientific and information technology literacy.
This graduate capability is supported by:
Our graduates should be capable of researching; of analysing, and interpreting and assessing data and information in various forms; of drawing connections across fields of knowledge; and they should be able to relate their knowledge to complex situations at work or in the world, in order to diagnose and solve problems. We want them to have the confidence to take the initiative in doing so, within an awareness of their own limitations.
This graduate capability is supported by:
Our graduates will also be capable of creative thinking and of creating knowledge. They will be imaginative and open to experience and capable of innovation at work and in the community. We want them to be engaged in applying their critical, creative thinking.
This graduate capability is supported by:
Four standards, namely Developing, Functional, Proficient, and Advanced, summarize as many different levels of achievement. Each standard is precisely defined to help students know what kind of performance is expected to deserve a certain mark. The standards corresponding to the learning outcomes of this unit are given below:
Learning Outcome #1 | Developing | Functional | Proficient | Advanced |
Understand some concepts of symmetric-key and public-key encryption and cryptographic hashing. Close to a correct formulation of some cryptographic attacks. | Understand basic concepts of symmetric-key and public-key encryption and cryptographic hashing. Correct formulation of basic cryptographic attacks. | Understand concepts of symmetric-key and public-key encryption and cryptographic hashing in details. Ability to describe basic cryptographic attacks in details with the understanding the relation between the security parameters and the complexity of cryptanalysis. | Master concepts of symmetric-key and public-key encryption and cryptographic hashing. Ability to describe all cryptographic attacks covered at lectures and tutorials in detail with an understanding of the relation between the security parameters and the complexity of cryptanalysis. | |
Learning Outcome #2 | ||||
Limited understanding of the fundamental concepts of information security. Some ability to apply basic cryptographic and security tools to achieve the required security goal. Limited ability to analyse security level achived. | Understanding of the concepts of information security. Ability to apply basic cryptographic and security tools to achieve the required security goals. Ability to analyse the security level achieved. | Understanding of the concepts of information security and their relations. Ability to apply basic cryptographic and security tools to achieve the required security goals. Ability to analyse the security level achieved supported by evidence. | Deep Understanding of the concepts of information security, their relationsand limitations. Ability to apply basic cryptographic and security tools to achieve the required security goals. Ability to analyse the security level achieved supported by theoretical arguments. | |
Learning Outcome #3 | ||||
Limited ability to implement a correct java program following specifications |
Correctly implement low-level bit-manipulation mechanisms of a cryptoprimitve in Java; implement a Java program following specifications |
Write efficient, well-documented Java code which implements a cryptoprimitve in Java and utilise this in a Java program which meets specifications | Design well-architected, efficient and well-documented Java program code to implement a cryptoprimitve, together with all required tests and demonstration program, following good design and test practice |
Grading
At the end of the semester, you will receive a grade that reflects your achievement in the unit
The relation between standards and grades can be loosely described as follows. If you consistently fail to reach any standard, you will fail the unit. If you consistently achieve
More precisely, your final grade depends on your performance in each part of the assessment. For each task, you receive a mark that combines your standard of performance regarding each learning outcome assessed by this task. Then the different component marks are added up to determine your total mark out of 100. Your grade then depends on this total mark and your overall standards of performance.
In particular, in order to pass the unit, you must
In order to obtain a higher grade than a Pass, you must fulfill the pass requirements and get an overall total mark in the range:
Programming Language
We use java for all implementation tasks as opposed to C++ last year
No lectures on Mon 9th June
Mon 9th June is a public holiday. No class will be held on that day.