622.755 (20W) Crypto Engineering
Überblick
Weitere Informationen zum Lehrbetrieb vor Ort finden Sie unter: https://www.aau.at/corona.
- Lehrende/r
- LV-Titel englisch Crypto Engineering
- LV-Art Übung (prüfungsimmanente LV )
- LV-Modell Blended-Learning-Lehrveranstaltung
- Online-Anteil 80%
- Semesterstunde/n 2.0
- ECTS-Anrechnungspunkte 4.0
- Anmeldungen 8 (15 max.)
- Organisationseinheit
- Unterrichtssprache Englisch
- LV-Beginn 14.10.2020
- eLearning zum Moodle-Kurs
Zeit und Ort
LV-Beschreibung
Intendierte Lernergebnisse
The goal of this course is to give students the opportunity to try out being a crypto engineer; i.e. to work with the challenge of taking a cryptographic primitive (e.g. the AES block cipher) and implement it correctly and securely as part of a larger system. The course will make students aware of a range of implementation challenges, largely stemming from the fact that executing program code typically leads to a range of side channels. We will also investigate fault attacks and the challenge of creating/using sufficient amounts of randomness.
Lehrmethodik inkl. Einsatz von eLearning-Tools
The course is a "KU" and that implies that much of the learning will take place via learning by doing: thus there will be a project stretching the entire term which serves both as main vehicle for learning and assessment. In addition I will provide lectures for all the topics that we cover via YouTube (all accessible from links within Moodle). There is a two hour slot each week for Q&A which will either be online or via actual meetings.
Inhalt/e
Side channels, fault attacks, implementation tricks, randomness, code review, working with standards
Erwartete Vorkenntnisse
Ideally you have attended Cryptography, alternatively Systemsicherheit. Many attacks utilise either basic statistical techniques (hypothesis testing) or cryptanalytic tricks (number theory basics).
Curriculare Anmeldevoraussetzungen
None.
Literatur
I will provide a write up and links to papers. If you fancy a more comprehensive, system level view, the skim reading some more chapters of https://www.cl.cam.ac.uk/~rja14/book.html is recommended.
Prüfungsinformationen
Geänderte Prüfungsinformationen (COVID-19 Ausnahmeregelung)
None.
Prüfungsmethode/n
There will be a term long project, which will consist of a semi-formal specification of the intended implementation of a crypto primitive as part of a larger system. Alongside the specification, there will be some sample code that can be executed and run through a leakage simulator (provided). Students are asked to:
- find
- explain/fix
- exploit
as many mistakes/flaws as possible in the provided specification and/or sample code. The marking scheme will be on several tiers: finding a flaw gives some marks, explaining and/or fixing a flaw gives more points, as does providing a concrete exploit.
Prüfungsinhalt/e
Same as content.
Beurteilungskriterien/-maßstäbe
The exact marking scheme will be on Moodle, a pass mark requires to reach 50% of the overall achievable marks.
Beurteilungsschema
Note BenotungsschemaPosition im Curriculum
- Bachelorstudium Angewandte Informatik
(SKZ: 511, Version: 19W.2)
-
Fach: Systemsicherheit
(Wahlfach)
-
8.9 Systemsicherheit (
0.0h XX / 12.0 ECTS)
- 622.755 Crypto Engineering (2.0h UE / 4.0 ECTS) Absolvierung im 4., 5., 6. Semester empfohlen
-
8.9 Systemsicherheit (
0.0h XX / 12.0 ECTS)
-
Fach: Systemsicherheit
(Wahlfach)