Checking date: 20/06/2022

Course: 2022/2023

Techniques of information hiding
(16348)
Study: Bachelor in Security Engineering (272)

Coordinating teacher: CAMARA NUÑEZ, MARIA CARMEN

Department assigned to the subject: Department of Computer Science and Engineering

Type: Compulsory
ECTS Credits: 6.0 ECTS

Course:
Semester:

Requirements (Subjects that are assumed to be known)
Mathematics, Statistics and Computer Science from Module I (basic training), and Statistics from Module III (foundations of engineering).
Objectives
OBJECTIVES The student must recognize the current importance of information concealment techniques, in particular cryptography and steganography, as well as the technologies that allow their treatment, their weaknesses and the threats they face. In order to achieve these objectives, the student must acquire a range of knowledge, skills and attitudes as detailed below. KNOWLEDGE At the end of the course, the student should be able to: - Know the classic cryptographic and steganographic systems and the reasons for their insecurity. - Know the mathematical foundations of modern cryptography and steganography, as well as the techniques to analyze their security: cryptanalysis and steganography, respectively. - Master the main cryptosystems and the current encryption algorithms. - Know the signature and verification systems based on public key - Know the problems associated with password management and its various solutions. CAPACITIES As regards capacities, they can be broken down into specific and generic (skills). Concerning specific skills, the learner will be able to - Solve problems of number theory in its application to cryptography. (P.O.: a) - Recognize the advantages, disadvantages and uses of secret and public-key systems. (P.O.: a, c) - Sign and verify in different environments, detecting possible attacks (P.O.: a, c) - Identify methods for hiding information in different media (P.O.: a, c) As for the general capacities or skills, during the course they will be worked on: - The ability to find and select relevant information to solve a specific problem. (P.O.: a, b) - The ability to apply multidisciplinary knowledge to the resolution of a given problem. (P.O.: a, c, e, g) - The ability to investigate a particular cryptosystem or steganosystem in a given environment and find its vulnerabilities and threats. (P.O.: a, b) As far as attitudes are concerned, the student after taking the course should have - A critical attitude towards the security offered by particular encryption or information concealment system, in a given environment and given risks. (P.O.: i) - A suspicious attitude towards the security supposed by the information hiding systems implemented in the systems. (P.O.: i)
Skills and learning outcomes
Description of contents: programme
1. Information Security Concepts 1.1. Information Security Goals 1.2. Vulnerabilities, Risks, and Attacks 1.3. Security Measures and Mechanisms 1.4. Cryptologia 1.5. Secure Channels 2. Mathematical and Information Theoretic Foundations 2.1. Number Systems 2.2. Logic Operations with Binary Variables 2.3. Information Theory 2.4. Modular Arithmetic 3. Classic Ciphers 3.1. Monoalphabetic Ciphers 3.2. Polyalphabetic Ciphers 3.3. Polygraphic Ciphers 3.4. Transposition Ciphers 3.5. Rotor Machines 4. Symmetric Ciphers: Stream Ciphers 4.1. Perfect Secrecy: The Vernam Cipher (OTP) 4.2. Pseudorandom Sequence Generators 4.3. Linear Generators: LFSRs 4.4. The A5/1 Cipher 4.5. The RC4 Cipher 5. Symmetric Ciphers: Block Ciphers 5.1. Feistel Networks 5.2. Sustitution-Permutation Networks 5.3. The AES Cipher 5.4. Operation Modes 6. Hash Functions and MAC 6.1. Cryptographic Hash Functions 6.2. The Merkle-Daamgard Construction 6.3. Block Cipher-based Constructions 6.4. The SHA Family 6.5. Message Authentication Codes (MAC) 7. Asymmetric Ciphers 7.1. Diffie-Hellman Key Exchange Protocol 7.2. Assymetric Encryption and Signing Algorithms 7.3. RSA 7.4. Other Public-key Cryptosystems
Learning activities and methodology
Teaching methodology includes: (1) Lectures (2,5 ECTS). The lecturer will present a summary of the concepts that students must acquire. The student is expected to actively participate during lectures. To facilitate learning, students will receive learning materials (slides, references, basic text, and complementary material) through the web system. Students will read and study this material (student work). (P.O.: a, c, g, i) (2) Problems (2,5 ECTS). The student, guided by the lecturer during problem-solving lectures, will solve exercises that serve to apply acquired concepts. Students will solve additional problems during their study time (student work). (P.O.: a, c, g, i) (3) Laboratories (1,0 ECTS). They will take place in a computer room. The student will learn the use of cryptographic and steganographic tools. Instructions on how to solve the lab questions will be published. There will be sessions in which a lecturer will give support to students to complete the lab sessions. Students are expected to complete all required tasks in their study time (student work). (P.O.: a, b, c, e, g, i) Due to the uncertainty about the teaching format to which the health circumstances will lead us during the next course, it is expected to start in the semi-attendance mode and may lead to training 100% classroom or 100% online depending on the evolution of the spread or control of the pandemic and the health and hygiene standards dictated by the authorities of the sector.
Assessment System
• % end-of-term-examination 60
• % of continuous assessment (assigments, laboratory, practicals...) 40
Calendar of Continuous assessment
Basic Bibliography
• Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press. 1996
• Juan Tapiador, Pedro Peris López. Criptografía y Ocultación de la Información. Centro Universitario de la Guardia Civil. 2015
Electronic Resources *
(*) Access to some electronic resources may be restricted to members of the university community and require validation through Campus Global. If you try to connect from outside of the University you will need to set up a VPN

The course syllabus may change due academic events or other reasons.