- Docente: Jocelyne Elias
- Credits: 6
- SSD: INF/01
- Language: Italian
- Teaching Mode: Traditional lectures
- Campus: Bologna
- Corso: First cycle degree programme (L) in Computer Science (cod. 8009)
Learning outcomes
The objective of the course is to present the theory, mechanisms, techniques and tools that are effective in increasing the security of a computer system. At the end of the course, the student will be familiar with the mathematical foundations of modern cryptography, authentication, authorization and access control mechanisms that are suitable for achieving confidentiality, integrity and availability of computer systems. The student will also acquire the knowledge necessary to assess the potentials and limitations of current technologies.
Course contents
- Vulnerability Assessment
- Penetration testing
- TOR / Dark Web
- One-time pad
- Stream Ciphers
- Real-World Stream Ciphers
- Cryptographic Systems with secret key
- Cryptographic Systems with public key
- DES
- AES
- RSA Digital Signatures
- Public-key infrastructures
- Wifi network security
- SDR and radio attacks
- Access Control
- Patches and Exploits
- Reverse engineering
Readings/Bibliography
- Computer Security: Principles and Practice (4th Edition), Stallings and Brown, Pearson, 2018.
- Crittografia, William Stallings
- A Graduate Course in Applied Cryptography, Dan Boneh, Victor Shoup. (Approccio Matematico)
- Cryptography, Theory and Practice, Fourth Edition, Douglas R. Stinson and Maura B. Paterson.
- Hackers 7.0, George Kurtz, Joel Scambray, and Stuart McClure; Apogeo, 2013.
- Serious Cryptography: A Practical Introducion to Modren Encryption, Jean-Philippe Aumasson.
- Applied Cryptography: Protocols, Algorithms, and Source Code in C, Bruce Schneier.
- Information Security: Principles and Practice, Mark Stamp.
Teaching methods
The course is worth 6 CFU and consists of lectures and practical exercises/Lab.
Assessment methods
The final exam aims to assess the achievement of the following learning objectives:
- Understand the main threats to cybersecurity today
- Understand the mathematical foundations of modern cryptography
- Understand the functioning and limitations of the main algorithms and modern cryptographic protocols
- Analyze the vulnerabilities of a computer system
- Ensure the security of a computer system.
The course includes exercises/laboratory activities to be completed independently with the presence/assistance of the lecturer.
- The exam consists of a written test.
- Six exam sessions are scheduled during each academic year: three in the summer session (June/July); one in the fall session (September); and two in the winter session (January/February).
- The written exam involves solving four to five separate exercises. They consist of cryptography exercises and questions. Each exercise is divided into scores. Typically, difficulty increases (the first is easy, the last is the most difficult). The total time allotted for the written exam is approximately 1.5 hours. To obtain the maximum score in the written exam (31/30), students must solve all questions.
- The written exam is passed if the sum of the scores of all solved exercises is greater than or equal to 18.
- During the written exam, only a calculator is permitted. No other materials, whether paper or electronic, are permitted. These range from "official" course materials such as slides or recordings to self-produced or semi-produced materials (e.g., notes or exercise solutions). Chat GPT falls, for example, into this category.
Teaching tools
The lectures utilize overhead slides projected from a laptop computer together with a white board.
The material presented during lectures will be made available in electronic format for downloading from the Course web site/Virtuale Platform.
Office hours
See the website of Jocelyne Elias