Print

IT Security and Cryptography in Practice

Code

IT-SCP1

Version

1.0

Offered by

ICT Engineering

ECTS

5

Prerequisites

The participants should have participated in an introductory security course whose competencies match those obtained in the Software Engineering course Network and Security.

Since the course is a student led seminar, the number of participating students cannot exceed 8. The students are selected based on their application which should contain a clear and well-formulated project idea.”

Main purpose

IT Security and Cryptography in Practice is an elective course at the Software Engineering Programme. It is offered in the spring and fall semesters. This course is student-driven and is focused on the real-world application of IT security in a practical environment. It includes experiencing how information and risk, threats and attacks, cyber security architecture and operations, secure systems hardening and usability and cyber security management are applied to provide resilience in practical context. Students who do this course will obtain practical experience in the design, implementation, and evaluation of cyber security approaches.
 
This course deals with advanced and practical aspects of IT and Cyber security and the students acquire knowledge, skills and competencies used when designing and implementing security and cryptography in practice.
The course has two components: i) Student-driven seminars where the students meet and discuss their ideas and projects. These projects must have an intended purpose and may be derived from the students’ practical experiences, ii) A research report where the students demonstrate their professional maturity in terms of designing, discussing and implementing IT Security and cryptography. These applications may include but are in no way limited to:
- Elliptic Curve Cryptography
- Digital Signatures
- Zero-knowledge Proofs
- Post Quantum Cryptography
- Anonymous Communication (TOR)
- Bitcoins and/or other cryptocurrencies
- Blockchain Technology
- (Pseudo-)Random Bit Generators
- Fast exponentiation
- Factoring/Discrete Log Algorithms
- Finding provable primes
- Dual EC
- Kleptography
- The Security of cloud computing
- TLS and Web security
- Triple Handshake Attack
- Wireless and Network Security
- IP Security
- Insecurity of GSM communication
- Station-to-Station Security
- Wireless (In)security
- IoT Security
- Privacy and GDPR
- (Mis)uses of IPSEC
- Two-Factor Authentication

Knowledge

After successfully completing the course, the student will have gained
  • an understanding of the cross-disciplinary nature of cyber security, and the complexities, challenges and wider implications of the contexts in which cyber security problems occur in the workplace.
  • knowledge about several key implementations of cryptography and other IT-security related issues.

Skills

After successfully completing the course, the student will be able to
  • Draw on and apply relevant IT security approaches, tools and frameworks for IT security enquiry to different settings in real world situations.
  • Frame and address IT security problems, questions and issues as a IT security project, being aware of the environment and context in which the problem exists.

Competences

After successfully completing the course, the student will have acquired competences in
  • Applying complex cryptographic primitives to real-world cases
  • Document and explain an IT-security project clearly and unambiguously to peers
  • Review, evaluate and reflect upon knowledge, skills and practices in cyber security.

Topics

Teaching methods and study activities

The course is built up around three seminars:
An introductory seminar, a midway seminar and a final seminar. All seminars are student-driven and the instructor acts more so as an organiser and facilitator. The students will also be coupled with a peer in order to receive feedback and sparring.
 
Student Activity Model
CATEGORY 1: 12 hours or 10%
– Participation of lecturer and students - Initiated by the lecturer
  • Lessons, scheduled
  • Project guidance
  • Exams and tests
 
CATEGORY 2: 36 hours or 30%

Participation of students - Initiated by the lecturer

  • Assignments, self-study
  • Project and group work
  • Homework and preparation for exams 
  • Evaluation of the teaching
CATEGORY 3: 72 hours or 70 %
Participation of students - Initiated by students
  • Homework and preparation for exams
  • Self-study
  • Project work
  • Study groups
  • Literature search

Resources

The students must research and find their own sources.

Evaluation

Examination

The student must attend three mandatory seminars: i) introduction, ii) midway, iii) final. The student must hand in two compulsory papers: i) midway paper, ii) final paper.
 
Students are assessed by the lecturer based on 
1) Final paper (50%)
2) Participation and performance at final seminar (20%)
3) Midway paper (10%)
4) Participation and performance at midway seminar (20%)
 
If a student fails to meet one or more of the above requirements for passing the course, the student will be given an extra assignment whose scope depends on the scope of the missing requirements.

Grading criteria

Grading based on the Danish 7-point scale.

Additional information

Responsible

Richard Brooks

Valid from

2/1/2021 12:00:00 AM

Course type

Keywords