The objectives of this course are to make the student aware of the current importance of computer security and to show the vulnerabilities and threats the technology involved faces. Thus, the student will learn the principles and methods used by security systems. In order to achieve these goals, the student must acquire specific knowledge, capacities and attitudes.
Regarding knowledge, at the end of the course the student will be able to:
- Know mathematical fundaments of cryptography and cryptanalysis, especially those related to number theory.
- Master cryptosystems and main encryption algorithms.
- Master digital signature schemes based on public key cryptography.
- Understand the key management problem and main proposed solutions.
- Understand the principles of security measures, focusing on cryptographic systems and protocols, their methods and means.
- Know main authentication systems; acknowledge their advantages and disadvantages
- Distinguish the different security objectives
The capacities the student will acquire can be divided in specific and generic:
- Solve number theory problems related to cryptography (P.O.: a)
- Acknowledge the advantages and disadvantages of secret and public key cryptographic systems. (P.O.: a, c)
- Encrypt and decrypt in different environments, identifying possible attacks. (P.O.: a, c)
- Sign and verify in different environments, identifying possible attacks. (P.O.: a, c)
- Design and implementation of the appropriate security mechanisms (mainly cryptographic) for specific information systems (P.O.: a, c, e)
- Apply appropriate authentication mechanisms to different information systems (P.O.: a, c, e)
- Search relevant information to solve a particular problem (P.O.: a, b)
- Solve particular problems with multidisciplinary knowledge (P.O.: a, c, e, g)
- Analyze specific systems to identify vulnerabilities and threats (P.O.: a, b)
Regarding attitudes, the student will be encouraged to:
- Adopt a critical view of the security provided by a particular system (P.O.: i)
- Distrust the purported security of information systems and cryptographic protocols deployed in them. (P.O.: i)
Regarding basic capacities detailed in the third article of the RD 1393/2007 modified by the RD 861/2010, this subject considers capacity CB1.
Regarding capacities specified in section 5 of Annex II of Resolución del 8 de junio de 2009, by the Secretaría General de Universidades (BOE of August 4th of 2009), this subject considers capacity CGB3.