This course covers fundamental and applied aspects of privacy and security in information systems. The course will teach students about the fundamentals of cryptography, equip students with the abilities to rigorously understand and analyse the security of information systems, and get familiar with practical security technologies like private and public key encryption, message authentication, and secure computation. This course will then explain how these technologies are used and deployed in practical systems, before exploring how recent attacks have discovered new vulnerabilities in real-world deployments. The course will emphasise the value of empirical observations and give students insight into how these vulnerabilities can be measured in-the-wild.
Objectives:
Upon completion of this course, students are expected to
Develop a systematic understanding of notion of security in information systems;
Understand and be able to evaluate basic cryptographic technologies;
Have a solid grasp of how these technologies are deployed, and how we can measure their efficacy in real-world systems;
Understand a set of case study vulnerabilities (and defences) that have been discovered in-the-wild.
Pre-requisite:
Prior knowledge on number theory, linear algebra and probability is preferred.
Reference texts:
Jonathan Katz and Yehuda Lindell, Introduction to modern cryptography, 3rd Edition, 2020.
Dan Boneh and Victor Shoup, A graduate course in applied cryptography, 2023. Available online.
Ross Anderson, Security engineering: a guide to building dependable distributed systems. John Wiley & Sons, 2020.
Thomas R. Peltier, Information security fundamentals. CRC press, 2013.