CSC 333 - 3 S.H.

Privacy, Security & Cryptology

This is a General Education/Intellectual Issues course, falling under the general heading of Explorations in the Natural Sciences.   Students will learn about modern technological advances that are believed to enable private/secure communications and data storage and examine some vexing issues engendered by these advances.   For example, tensions between privacy rights and effective law enforcement, and between open research and governmental secrecy will be examined.   Other technological threats to privacy and security and our emerging information infrastructure (e.g., "weapons of mass disruption") will also be covered.   Economic, political and philosophical aspects of privacy and security will be discussed.

Please note that credit for this course cannot be applied towards Computer Science major requirements.

Students should have satisfied all General Education/Knowledge Foundations requirements.

Even students not otherwise interested in science and technology should know the pitfalls of living in a networked world where governments and private concerns have greatly increased their ability to collect and integrate personal information from widely disparate sources.   Privacy is on the line and students should learn how to deal with this threat intelligently.

"Strong cryptography" is now the principal means by which privacy and security can be guaranteed.   Armies, banks, online shoppers, drug dealers and terrorists alike rely upon this technology to secure their communications and data from prying..   However, it is only a matter of conjecture that the most commonly used public-key cryptosystem is secure.   Does everyone have access to the best available technology?   Who deserves privacy?   When can it be taken away?   All these issues will be addressed, if not ultimately resolved.

COURSE OBJECTIVES

Upon successful completion of this course, students will be able to:

1. identify governmental and private agencies involved in surveillance and/or the collection and dissemination of personal data.
2. discuss how such data are used in daily commerce.
3. evaluate privacy safeguards claimed by government and business.
4. analyze the economic and political beneficiaries of various privacy/security services.
5. intelligently discuss the past and possible future evolution of the privacy concept.
6. better protect their personal data from inadvertent dissemination.
7. use the Internet defensively.

COURSE OUTLINE

1. Privacy
   1. history of privacy
   2. privacy as a right
   1. U.N. Universal Declaration of Human Rights
   2. "penumbras" of the U.S. Bill of Rights
   3. the Information Collectors
   1. Governmental (NSA, FBI, IRS, etc.)
   2. Private (Equifax, TRW, MIB, etc.)
   3. Sale of personal data
   4. Lobbying and regulation of traffic in personal data
   4. privacy vs. secrecy
   5. spam
   6. spyware
   7. anonymous re-mailers
   8. identity theft and other frauds
   9. using the Internet defensively
2. Security
   1. technical and human elements
   2. hacking and cracking
   3. vulnerability of information infrastructure ("weakest link" problem, etc.)
   4. weapons of mass disruption
   1. denial-of-service attacks
   2. viruses
   3. logic bombs
   4. trojan horses
   5. approaches to security
   1. firewalls
   2. filters
   3. other
   6. economic consequences of [in]security
3. Cryptology
   1. introduction to cryptology
   2. public-key cryptography
   3. e-commerce and cryptology
   4. crime and cryptology
   5. government and cryptology
   1. open vs. closed research
   2. suppression of R&D (case study: Pretty Good Privacy)
   3. trap doors (case study: Clipper)
   6. unproven technical assumptions underlying modern cryptosystems

METHODS OF INSTRUCTION

1. Lectures
2. Discussions

COURSE REQUIREMENTS

1. Attendance at lectures
2. Readings from course materials
3. Homework assignments
4. Final Paper

MEANS OF EVALUATION

1. Quizzes
2. Short homework papers
3. Final Paper

RSA Laboratories. Frequently Asked Questions About Today's Cryptography, http://www.rsasecurity.com/rsalabs/faq

PBS/NOVA.  Secrets, Lies and Atomic Spies (film)

Selected Court Case Summaries (e.g., Griswold vs. Connecticut)

E. Alderman & C. Kennedy.  The Right to Privacy, Diane, 1995

P. Aries & G. Duby, gen. eds.,  A History of Private Life (5 volumes), Belknap/Harvard, 1987-

J. Bamford.  Body of Secrets: Anatomy of the Ultra-Secret National Security Agency from the Cold War Through the Dawn of a New Century,  Anchor, 2002.

W. Diffie & S. Landau.  Privacy on the Line, MIT Press, 1998

S. Levy.  Crypto,  Penguin, 2002.

R. Lewand.  Cryptological Mathematics,  MAA, 2000.

H. Mel & D. Baker.  Cryptography Decrypted,  Addison-Wesley, 2001.

B. Schneier & D. Banisar.  The Electronic Privacy Papers: Documents on the Battle for Privacy in the Age of Surveillance, Wiley, 1997

B. Schneier.  Secrets and Lies: Digital Security in a Networked World, Wiley, 2000

S. Singh.  The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography,  Anchor, 2000.

P. Zimmermann.  Official PGP User's Guide,  MIT Press, 1995.

                                                                        
        Computer Science Curriculum Committee Chair           Date

                                                                        
            Computer Science Department Chair                 Date

                                                                        
         Undergraduate Curriculum Committee Chair             Date