622.755 (20W) Crypto Engineering

Wintersemester 2020/21

Anmeldefrist abgelaufen.

Erster Termin der LV
14.10.2020 10:00 - 12:00 , Z.0.19 On Campus
Nächster Termin:
21.10.2020 10:00 - 12:00 , Z.0.19 On Campus

Überblick

Bedingt durch die COVID-19-Pandemie können kurzfristige Änderungen bei Lehrveranstaltungen und Prüfungen (z.B. Absage von Präsenz-Lehreveranstaltungen und Umstellung auf Online-Prüfungen) erforderlich sein.

Weitere Informationen zum Lehrbetrieb vor Ort finden Sie unter: https://www.aau.at/corona.
Lehrende/r
LV-Titel englisch
Crypto Engineering
LV-Art
Übung (prüfungsimmanente LV )
LV-Modell
Blended-Learning-Lehrveranstaltung
Online-Anteil
80%
Semesterstunde/n
2.0
ECTS-Anrechnungspunkte
4.0
Anmeldungen
9 (15 max.)
Organisationseinheit
Unterrichtssprache
Englisch
LV-Beginn
14.10.2020
eLearning
zum Moodle-Kurs

Zeit und Ort

Beachten Sie bitte, dass sich aufgrund von COVID-19-Maßnahmen die derzeit angezeigten Termine noch ändern können.
Liste der Termine wird geladen...

LV-Beschreibung

Intendierte Lernergebnisse

The goal of this course is to give students the opportunity to try out being a crypto engineer; i.e. to work with the challenge of taking a cryptographic primitive (e.g. the AES block cipher) and implement it correctly and securely as part of a larger system. The course will make students aware of a range of implementation challenges, largely stemming from the fact that executing program code typically leads to a range of side channels. We will also investigate fault attacks and the challenge of creating/using sufficient amounts of randomness. 

Lehrmethodik inkl. Einsatz von eLearning-Tools

The course is a "KU" and that implies that much of the learning will take place via learning by doing: thus there will be a project stretching the entire term which serves both as main vehicle for learning and assessment. In addition I will provide lectures for all the topics that we cover via YouTube (all accessible from links within Moodle). There is a two hour slot each week for Q&A which will either be online or via actual meetings.

Inhalt/e

Side channels, fault attacks, implementation tricks, randomness, code review, working with standards

Erwartete Vorkenntnisse

Ideally you have attended Cryptography, alternatively Systemsicherheit. Many attacks utilise either basic statistical techniques (hypothesis testing) or cryptanalytic tricks (number theory basics). 

Curriculare Anmeldevoraussetzungen

None. 

Literatur

I will provide a write up and links to papers. If you fancy a more comprehensive, system level view, the skim reading some more chapters of https://www.cl.cam.ac.uk/~rja14/book.html is recommended. 

Prüfungsinformationen

Geänderte Prüfungsinformationen (COVID-19 Ausnahmeregelung)

None.

Prüfungsmethode/n

There will be a term long project, which will consist of a semi-formal specification of the intended implementation of a crypto primitive as part of a larger system. Alongside the specification, there will be some sample code that can be executed and run through a leakage simulator (provided).  Students are asked to:


  • find
  • explain/fix
  • exploit

as many mistakes/flaws as possible in the provided specification and/or sample code. The marking scheme will be on several tiers: finding a flaw gives some marks, explaining and/or fixing a flaw gives more points, as does providing a concrete exploit. 

Prüfungsinhalt/e

Same as content. 

Beurteilungskriterien/-maßstäbe

The exact marking scheme will be on Moodle, a pass mark requires to reach 50% of the overall achievable marks. 

Beurteilungsschema

Note/Grade Benotungsschema

Position im Curriculum

  • Bachelorstudium Angewandte Informatik (SKZ: 511, Version: 19W.1)
    • Fach: Systemsicherheit (Wahlfach)
      • 8.9 Systemsicherheit ( 0.0h XX / 12.0 ECTS)
        • 622.755 Crypto Engineering (2.0h UE / 4.0 ECTS)
          Absolvierung im 4., 5., 6. Semester empfohlen

Gleichwertige Lehrveranstaltungen im Sinne der Prüfungsantrittszählung

Diese Lehrveranstaltung ist keiner Kette zugeordnet