Information Security

CS-3610-1, Monsoon 2025

Course being taught by Subhashis Banerjee at Ashoka University

Learning outcome

This course will help students understand and model information security in the modern world. It will help students reason concretely about real-world problems through case studies. This course will not cover design of security systems, but will cover requirement analysis methods and threat modelling. It will also familiarise students with commonly used security tools and measures in everyday life.

Pre‑requisites

Data Structures and Algorithms, Probability and Statistics

Coverage

Introduction to security
Trust vs verifiability
Adversarial threat models
Notions of secrecy, privacy, and security
Basics of cryptography – symmetric and public key encryption, authentication, hash functions, digital signatures, certificates, cryptographic protocols, and applications
Cryptographic security definitions
Models of authentication and authorisation; biometrics; identity
Issues with verification of hardware and software integrity; the frameworks of formal verification and model checking
Trust assumptions, distributing trust with secure multiparty computations, hardware trust models, trusted computing environments and remote attestation
Elements of OS and Network security

Reading list

Matthew A. Bishop, Computer Security: Art and Science, 2nd Edition, Pearson, 2018
Bruce Schneier, Applied Cryptography, John Wiley & Sons, 1996
William Stallings, Cryptography and Network Security: Principles and Practice, 8th Edition, Pearson, 2022
Ross Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, 3rd Edition, Wiley, 2020
Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World, 3rd Edition, Pearson

Honour code

All students are expected to follow a high ethical standard.
Collaborations and discussions are encouraged. However, all students are required to write up all solutions and submitted work entirely on their own. Any collaboration, or help taken, must be declared. All submissions must include a declaration of originality.
Students are encouraged to refer to books, papers, internet resources and tools like ChatGPT. They may even consult other individuals. However, the source must be clearly cited if any part of the solution (or even an idea) is taken from such a source.
Failure to declare any help taken will be interpreted as academic misconduct and result in a F grade in the course.

Attendance requirement

The course will require 100% attendance. It will be hard to catch up if there are too many missed classes. Class participation will count towards grading. There will be no make-up provisions for missed quizzes and class participation, for whatever reason. Best of n-1 quizzes out of n will count toward the final grade. Make-up tests may be allowed for the midterm and final exams (only due to illness) on production of a medical certificate clearly stating that the student was not in a position to take the test. A medical prescription will not be sufficient.

Evaluations

Quizzes: 20%
Assignments and project: 30%
Midterm examination: 25%
Final examination: 25%