Lovely Professional University, Punjab

Course Code Course Title Course Planner Lectures Tutorials Practicals Credits
CAP613 CRYPTOGRAPHY AND SECURITY RISK 18818::Rahul Saha 3 0 0 3
MANAGEMENT
Course Weightage ATT: 5 CA: 25 MTT: 20 ETT: 50 Exam Category: 55: Mid Term Exam: All Subjective – End Term Exam: All
Subjective
Course Orientation KNOWLEDGE ENHANCEMENT, RESEARCH

TextBooks ( T )
Sr No Title Author Publisher Name
T-1 CRYPTOGRAPHY AND WILLIAM STALLINGS PEARSON
NETWORK SECURITY:
PRINCIPLES AND PRACTICE
T-2 SECURITY RISK MANAGEMENT, EVAN WHEELER SYNGRESS (ELSEVIER)
BUILDING AN INFORMATION
SECURITY RISK MANAGEMENT
PROGRAM FROM THE GROUND
UP
Reference Books ( R )
Sr No Title Author Publisher Name
R-1 CRYPTOGRAPHY AND ATUL KAHATE MCGRAW HILL EDUCATION
NETWORK SECURITY
Other Reading ( OR )

Sr No Journals articles as Compulsary reading (specific articles, complete reference)

OR-1 http://www.ijcaonline.org/archives/volume71/number19/12598-9467 , Cryptanalysis of Blind Signature Schemes Volume 71/Number 19 (ISBN: 973-93-80875- 49
-1) Authors: Nitu SinghSumanjit Das (International Journal of computer application) ,
OR-2 http://www.ijcaonline.org/archives/volume69/number24/12118-8141 , Achieving Authentication and Integrity using Elliptic Curve Cryptography Architecture
Volume 69/Number 24 (ISBN: 973-93-80874-89-1) Authors: Manali DubalAaradhana Deshmukh (International Journal of computer application) ,
Relevant Websites ( RW )
Sr No (Web address) (only if relevant to the course) Salient Features
RW-1 Computer security and privacy www.computer.org/web/computingnow/securityandprivacy

RW-2 Introduction to cryptography https://www.coursera.org/course/crypto

RW-3 http://floppsie.comp.glam.ac.uk/Glamorgan/gaius/sechnd/2.pdf Symmetric Ciphers and its types

RW-4 http://www.cisco.com/c/en/us/products/security/email-security/index.html E-mail security

RW-5 https://sites.google.com/site/itis3102/ Risk Management

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
 RW-6 https://komunity.komand.com/learn/article/information-security-risk-management- Students can have the features and objectives of risk management
cycle-context-establishment-phase/

Software/Equipments/Databases
Sr No (S/E/D) (only if relevant to the course) Salient Features
SW-1 Introduction to cryptography www.youtube.com/watch?v=2aHkqB2-46k

LTP week distribution: (LTP Weeks)

Weeks before MTE 7
Weeks After MTE 7
Spill Over (Lecture) 7

Detailed Plan For Lectures

Week Lecture Broad Topic(Sub Topic) Chapters/Sections of Other Readings, Lecture Description Learning Outcomes Pedagogical Tool Live Examples
Number Number Text/reference Relevant Websites, Demonstration/
books Audio Visual Aids, Case Study /
software and Virtual Images /
Labs animation / ppt
etc. Planned
Week 1 Lecture 1 Computer Security and T-1 RW-1 Needs of security and Learn about security Discussion using Safeguard,
Privacy(Introduction to R-1 privacy factors affecting and privacy Whiteboard or ATM, Locker,
security and privacy) security and privacy Presentation Money transfer
Lecture 2 Computer Security and T-1 OR-1 Evolution of the Student will learn Discussion using a person or thing
Privacy(Security Threats, OR-2 Network Security basic concepts of Whiteboard or likely to cause
assests, vulnerabilities) Market,most commonly security terms Presentation damage or
mixed up security terms danger.
Computer Security and T-1 OR-1 Evolution of the Student will learn Discussion using a person or thing
Privacy(Software security) OR-2 Network Security basic concepts of Whiteboard or likely to cause
Market,most commonly security terms Presentation damage or
mixed up security terms danger.
Lecture 3 Computer Security and T-1 OR-1 Evolution of the Student will learn Discussion using a person or thing
Privacy(Security Threats, OR-2 Network Security basic concepts of Whiteboard or likely to cause
assests, vulnerabilities) Market,most commonly security terms Presentation damage or
mixed up security terms danger.
Computer Security and T-1 OR-1 Evolution of the Student will learn Discussion using a person or thing
Privacy(Software security) OR-2 Network Security basic concepts of Whiteboard or likely to cause
Market,most commonly security terms Presentation damage or
mixed up security terms danger.

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 2 Lecture 4 Computer Security and T-1 OR-2 Remote user Learning how Discussion using Process of
Privacy(User Authentication RW-2 authentication principles credentials provided Whiteboard or identifying
and its types) SW-1 using symmetric are compared to those Presentation yourself.
encryption and on file in a database
asymmetric encryption of authorized users'
information on a
local operating
system or within an
authentication server
Lecture 5 Computer Security and T-1 The need of network Students will learn ppt, discussion Antivirus
Privacy(Network Security) security and the about the basic systems
components of an criteria for designing
efficient network network security
security model components
Lecture 6 Introduction to cryptography R-1 RW-3 L6: Introductory lecture L6: To learn need Discussion using The science or
(Symmetric & asymmetric L7: Description of and objective of the Whiteboard or study of the
encryption) network security, system subject Presentation techniques of
security in Cryptography L7: Student will learn secret writing
the
and security risk concepts of Sending
management the
secure information
from
sender to receiver
Introduction to cryptography T-1 RW-3 L6: Introductory lecture L6: To learn need Discussion using The science or
(Cipher examples – AES R-1 L7: Description of and objective of the Whiteboard or study of the
DES RSA) network security, system subject Presentation techniques of
security in Cryptography L7: Student will learn secret writing
the
and security risk concepts of Sending
management the
secure information
from
sender to receiver
Week 3 Lecture 7 Introduction to cryptography R-1 RW-3 L6: Introductory lecture L6: To learn need Discussion using The science or
(Symmetric & asymmetric L7: Description of and objective of the Whiteboard or study of the
encryption) network security, system subject Presentation techniques of
security in Cryptography L7: Student will learn secret writing
the
and security risk concepts of Sending
management the
secure information
from
sender to receiver

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 3 Lecture 7 Introduction to cryptography T-1 RW-3 L6: Introductory lecture L6: To learn need Discussion using The science or
(Cipher examples – AES R-1 L7: Description of and objective of the Whiteboard or study of the
DES RSA) network security, system subject Presentation techniques of
security in Cryptography L7: Student will learn secret writing
the
and security risk concepts of Sending
management the
secure information
from
sender to receiver
Lecture 8 Introduction to cryptography T-1 RW-1 L-8: Message Student will learn the Discussion using If somebody
(Message authentication and R-1 RW-5 authentication concepts of messages Whiteboard or knock your door
hash function) requirements, Message sent through a Presentation you verify
authentication non-secure channel. person only then
functions, message you authenticate
authentication codes.
L-8: TERM PAPER
ASSIGNMENT.

Lecture 9 Introduction to cryptography T-1 Basic idea of digital Students will learn ppt, images DSA
(Introduction to digital signature, its structure the basic designing
signature) and functioning, its factors for digital
applications signature and its
needs in our daily
documentation
Week 4 Lecture 10 Introduction to cryptography T-1 RW-3 L10: Block cipher L10: Student will Discussion using
(Concept of Block Cipher RW-4 examples,DES learn how Whiteboard or
and Stream Cipher) example,Strength of deterministic Presentation
DES,Block cipher algorithm operating
design principle on fixed-length
L11:Stream groups of bits and
ciphers,RC4,True how plaintext digits
random numbers are combined with a
pseudo-random
cipher digit stream
Lecture 11 Introduction to cryptography T-1 RW-3 L10: Block cipher L10: Student will Discussion using
(Concept of Block Cipher RW-4 examples,DES learn how Whiteboard or
and Stream Cipher) example,Strength of deterministic Presentation
DES,Block cipher algorithm operating
design principle on fixed-length
L11:Stream groups of bits and
ciphers,RC4,True how plaintext digits
random numbers are combined with a
pseudo-random
cipher digit stream

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 4 Lecture 12 Cryptocurrency(Introduction T-1 RW-1 Introduction to To learn about Discussion using A digital
to cryptocurrency and R-1 RW-2 cryptocurrency and introduction to Whiteboard or currency in
bitcoin) RW-3 bitcoin cryptocurrency and Presentation which
bitcoin transactions can
be performed
without the need
for a central
bank.
Week 5 Lecture 13 Cryptocurrency(How T-1 OR-2 L13:How bitcoin L13: Student will Discussion using Independent
Bitcoin Achieves SW-1 achieves learn key to bitcoins Whiteboard or operations of a
Decentralization) decentralization success Presentation central bank.
L14: The Age of L14:How Bitcoin and
Cryptocurrency Digital Money Are
Challenging the
Global Economic
Order
Lecture 14 Cryptocurrency(How T-1 OR-2 L13:How bitcoin L13: Student will Discussion using Independent
Bitcoin Achieves SW-1 achieves learn key to bitcoins Whiteboard or operations of a
Decentralization) decentralization success Presentation central bank.
L14: The Age of L14:How Bitcoin and
Cryptocurrency Digital Money Are
Challenging the
Global Economic
Order
Lecture 15 Cryptocurrency(Mechanics T-1 RW-3 The recent popularity of Understanding the Discussion using
of Bitcoin) R-1 Bitcoins, mechanics and Whiteboard or
economics of Presentation
Bitcoins
Week 6 Lecture 16 Test 1
Lecture 17 Cryptocurrency(How to T-1 RW-3 L17:What is L17: Student will Discussion using How to earn ...
Store and Use Bitcoins, R-1 bitcoin,How to store learn to Make a Paper Whiteboard or for a good or
Bitcoin mining) your bitcoins. Bitcoin Wallet Presentation service
L18: How bitcoin L18: Student will
mining works learn how to get start
with bitcoin mining.
Lecture 18 Cryptocurrency(How to T-1 RW-3 L17:What is L17: Student will Discussion using How to earn ...
Store and Use Bitcoins, R-1 bitcoin,How to store learn to Make a Paper Whiteboard or for a good or
Bitcoin mining) your bitcoins. Bitcoin Wallet Presentation service
L18: How bitcoin L18: Student will
mining works learn how to get start
with bitcoin mining.
Week 7 Lecture 19 Cryptocurrency(Bitcoin T-1 RW-3 Anonymity and the Student will learn Discussion using
anonymity and it's future) R-1 future of bitcoin how to use bitcoins Whiteboard or
to pay for things. Presentation

SPILL OVER
Week 7 Lecture 20 Spill Over

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 7 Lecture 21 Spill Over

MID-TERM
Week 8 Lecture 22 Introduction to Risk T-2 The basic terminology, Students will be able ppt, examples UMS , Ticket
Management(Information need and objective of to understand the booking, online
security fundamentals) risk management basic need and focus transactions
point of the risk
management process
Lecture 23 Introduction to Risk T-2 Requirements and Students will be able ppt
Management(Security principles of risk to know about
design principles) management systems designing factors of
risk management
through different
principles
Lecture 24 Introduction to Risk T-2 The drawbacks of the Students will learn to ppt UMS, airlines
Management(Information risk management and avoid drawbacks and controlling
security challenges) their related issues the probable systems,
solutions for the american
loophole blackout
Week 9 Lecture 25 Introduction to Risk T-2 RW-6 L25: Different phases in L 25: Students will ppt, board work,
Management(Risk life cycle of risk learn about the examples
management cycle) management process different tasks
L26: The need of life performed in
cycle of the risk different phases of
management and related risk management
examples L 26: Students will
be able to compare
the enterprise process
or software
development process
with the life cycle of
risk management
process
Lecture 26 Introduction to Risk T-2 RW-6 L25: Different phases in L 25: Students will ppt, board work,
Management(Risk life cycle of risk learn about the examples
management cycle) management process different tasks
L26: The need of life performed in
cycle of the risk different phases of
management and related risk management
examples L 26: Students will
be able to compare
the enterprise process
or software
development process
with the life cycle of
risk management
process

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 9 Lecture 27 Risk Assessment and T-2 L27: Profiling concept
Analysis Techniques(Risk and basic understanding
profiling and formulating) of its need
L28: Different profiles
of risk, their sensitivity
and profile design
L29: Sensitivity of the
risk profiles
L30: Comparison of the
different profiles
Week 10 Lecture 28 Risk Assessment and T-2 L27: Profiling concept
Analysis Techniques(Risk and basic understanding
profiling and formulating) of its need
L28: Different profiles
of risk, their sensitivity
and profile design
L29: Sensitivity of the
risk profiles
L30: Comparison of the
different profiles
Lecture 29 Risk Assessment and T-2 L27: Profiling concept
Analysis Techniques(Risk and basic understanding
profiling and formulating) of its need
L28: Different profiles
of risk, their sensitivity
and profile design
L29: Sensitivity of the
risk profiles
L30: Comparison of the
different profiles
An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
L 27: Learn about ppt
basic profile concepts
and its design
L 28: Learn about
different risk profiles
and its effects
L 29: Learn about the
severity levels of the
risk profiles and its
associates
L 30: Learn about the
comparison of
different risk profiles
in our lives
L 27: Learn about ppt
basic profile concepts
and its design
L 28: Learn about
different risk profiles
and its effects
L 29: Learn about the
severity levels of the
risk profiles and its
associates
L 30: Learn about the
comparison of
different risk profiles
in our lives
L 27: Learn about ppt
basic profile concepts
and its design
L 28: Learn about
different risk profiles
and its effects
L 29: Learn about the
severity levels of the
risk profiles and its
associates
L 30: Learn about the
comparison of
different risk profiles
in our lives
Week 10 Lecture 30 Risk Assessment and T-2 L27: Profiling concept L 27: Learn about ppt
Analysis Techniques(Risk and basic understanding basic profile concepts
profiling and formulating) of its need and its design
L28: Different profiles L 28: Learn about
of risk, their sensitivity different risk profiles
and profile design and its effects
L29: Sensitivity of the L 29: Learn about the
risk profiles severity levels of the
L30: Comparison of the risk profiles and its
different profiles associates
L 30: Learn about the
comparison of
different risk profiles
in our lives
Week 11 Lecture 31 Term paper
Lecture 32 Risk Assessment and T-2 RW-6 L 32: Security control L 32: Students will ppt
Analysis Techniques principles learn to understand
(Security services and L 33: Assurance Model the principles of
controls) different control
mechanisms
L 33: Students will
learn about different
security services and
access control models
Lecture 33 Risk Assessment and T-2 RW-6 L 32: Security control L 32: Students will ppt
Analysis Techniques principles learn to understand
(Security services and L 33: Assurance Model the principles of
controls) different control
mechanisms
L 33: Students will
learn about different
security services and
access control models
Week 12 Lecture 34 Risk Assessment and T-2 L 34: Different types of L 34: Students will ppt upcoming
Analysis Techniques(Risk operational techniques learn about capstone project
Assessment techniques) of risk assessment operational or summer
L 35: Assessment techniques of risk vacation project
approaches for different assessment concept can be
sized scopes L 35: Students will compared for
L 36: Project based learn about the better
assessment techniques reporting techniques understanding
L 36: Students will
learn to compare the
operational
techniques for a
project

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Week 12 Lecture 35 Risk Assessment and T-2 L 34: Different types of L 34: Students will ppt upcoming
Analysis Techniques(Risk operational techniques learn about capstone project
Assessment techniques) of risk assessment operational or summer
L 35: Assessment techniques of risk vacation project
approaches for different assessment concept can be
sized scopes L 35: Students will compared for
L 36: Project based learn about the better
assessment techniques reporting techniques understanding
L 36: Students will
learn to compare the
operational
techniques for a
project
Lecture 36 Risk Assessment and T-2 L 34: Different types of L 34: Students will ppt upcoming
Analysis Techniques(Risk operational techniques learn about capstone project
Assessment techniques) of risk assessment operational or summer
L 35: Assessment techniques of risk vacation project
approaches for different assessment concept can be
sized scopes L 35: Students will compared for
L 36: Project based learn about the better
assessment techniques reporting techniques understanding
L 36: Students will
learn to compare the
operational
techniques for a
project
Week 13 Lecture 37 Test 2
Lecture 38 Building and Running a T-2 Building blocks of threat Students will be able ppt, discussion classroom,
Risk Management Program and vulnerability to know about the border line
(Threat and Vulnerability management, difference basic functions of security force
Management) between threat and threat and
vulnerability and threat vulnerability
identification management
Lecture 39 Building and Running a T-2 L 39: Risk in L 39: Students will ppt, brainstorming traffic pattern,
Risk Management Program development cycle, learn about the , discussion health and
(A Blueprint for Security) analysis of the security architecture medical domain
workflow, security and its relevance in
architecture development life
L 40: pattern and cycle
baselines, architectural L 40: Students will
risk analysis be able to know the
different baselines
and architecture
applied for risk
analysis in different
scenario

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
 Week 14 Lecture 40 Building and Running a T-2 L 39: Risk in L 39: Students will ppt, brainstorming traffic pattern,
Risk Management Program development cycle, learn about the , discussion health and
(A Blueprint for Security) analysis of the security architecture medical domain
workflow, security and its relevance in
architecture development life
L 40: pattern and cycle
baselines, architectural L 40: Students will
risk analysis be able to know the
different baselines
and architecture
applied for risk
analysis in different
scenario

SPILL OVER
Week 14 Lecture 41 Spill Over
Lecture 42 Spill Over
Week 15 Lecture 43 Spill Over
Lecture 44 Spill Over
Lecture 45 Spill Over

Scheme for CA:

CA Category of this Course Code is:A0203 (2 best out of 3)

Component Weightage (%)

Term paper 50
Test 50
Test 50

Details of Academic Task(s)

Academic Task Objective Detail of Academic Task Nature of Academic Academic Task Marks Allottment /
Task Mode submission
(group/individuals) Week
Term paper To update the Topics will be assigned in the class Individual Online 30 3 / 10
knowledge of the
field of
cryptography and
risk management

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.
Test 1 To evaluate the Total marks of 30: 5 questions of 6 marks each. Syllabus will Individual Offline 30 4/5
basic knowledge of include the topics from lecture 1 to lecture 15.
the course
Test 2 To evaluate the Total marks of 30: 5 questions of 6 marks each. Syllabus will Individual Offline 30 11 / 12
conceptual include the topics from lecture 22 to lecture 36
knowledge of the
course

List of suggested topics for term paper[at least 15] (Student to spend about 15 hrs on any one specified term paper)

Sr. No. Topic

1 Twofish algorithm
2 Blowfish Algorithm
3 Physical attacks in cryptography
4 Stegnography
5 Threefish algorithm
6 Design and security of S-box
7 Correlation attack in cryptography
8 Padding oracle attack
9 IPSec
10 Internet key exchange in VPN
11 Elliptic cryptography
12 Quantum cryptography
13 Chaos cryptography
14 Sponge function
15 Light weight cryptography

An instruction plan is only a tentative plan. The teacher may make some changes in his/her teaching plan. The students are advised to use syllabus for preparation of all examinations. The students are expected to keep themselves
updated on the contemporary issues related to the course. Upto 20% of the questions in any examination/Academic tasks can be asked from such issues even if not explicitly mentioned in the instruction plan.