This course provides an introduction to the topic of information security in the context of network communication.
It is intended for students who have some understanding of networks, but not necessarily any background in security. The goal of the course is to provide students with a foundation that will help them to identify, analyze and make appropriate security decisions during the design and deployment of information and network systems.
The course will cover selected security topics in the following areas:
- Cryptography: Formal notions of security. Classical cryptosystems, symmetric key encryption, public key encryption, digital signatures, hash functions, message authentication codes, true- and pseudo-random number generation, entropy and key length selection.
- Digital identity: Authentication and authorization, digital certificates (certificate chains, trust stores), secure password generation and storage.
- Network security protocols: TLS connections (handshake, cipher suites agreement, establishing session keys), SSH. Public key infrastructure issues (issuing, checking and revoking certificates).