622.755 (20W) Crypto Engineering
Overview
For further information regarding teaching on campus, please visit: https://www.aau.at/en/corona.
- Lecturer
- Course title german Crypto Engineering
- Type Practical class (continuous assessment course )
- Course model Blended learning course
- Online proportion 80%
- Hours per Week 2.0
- ECTS credits 4.0
- Registrations 8 (15 max.)
- Organisational unit
- Language of instruction English
- Course begins on 14.10.2020
- eLearning Go to Moodle course
Time and place
Course Information
Intended learning outcomes
The goal of this course is to give students the opportunity to try out being a crypto engineer; i.e. to work with the challenge of taking a cryptographic primitive (e.g. the AES block cipher) and implement it correctly and securely as part of a larger system. The course will make students aware of a range of implementation challenges, largely stemming from the fact that executing program code typically leads to a range of side channels. We will also investigate fault attacks and the challenge of creating/using sufficient amounts of randomness.
Teaching methodology including the use of eLearning tools
The course is a "KU" and that implies that much of the learning will take place via learning by doing: thus there will be a project stretching the entire term which serves both as main vehicle for learning and assessment. In addition I will provide lectures for all the topics that we cover via YouTube (all accessible from links within Moodle). There is a two hour slot each week for Q&A which will either be online or via actual meetings.
Course content
Side channels, fault attacks, implementation tricks, randomness, code review, working with standards
Prior knowledge expected
Ideally you have attended Cryptography, alternatively Systemsicherheit. Many attacks utilise either basic statistical techniques (hypothesis testing) or cryptanalytic tricks (number theory basics).
Curricular registration requirements
None.
Literature
I will provide a write up and links to papers. If you fancy a more comprehensive, system level view, the skim reading some more chapters of https://www.cl.cam.ac.uk/~rja14/book.html is recommended.
Examination information
Modified examination information (exceptional COVID-19 provisions)
None.
Examination methodology
There will be a term long project, which will consist of a semi-formal specification of the intended implementation of a crypto primitive as part of a larger system. Alongside the specification, there will be some sample code that can be executed and run through a leakage simulator (provided). Students are asked to:
- find
- explain/fix
- exploit
as many mistakes/flaws as possible in the provided specification and/or sample code. The marking scheme will be on several tiers: finding a flaw gives some marks, explaining and/or fixing a flaw gives more points, as does providing a concrete exploit.
Examination topic(s)
Same as content.
Assessment criteria / Standards of assessment for examinations
The exact marking scheme will be on Moodle, a pass mark requires to reach 50% of the overall achievable marks.
Grading scheme
Grade / Grade grading schemePosition in the curriculum
- Bachelor's degree programme Applied Informatics
(SKZ: 511, Version: 19W.2)
-
Subject: Systemsicherheit
(Compulsory elective)
-
8.9 Systemsicherheit (
0.0h XX / 12.0 ECTS)
- 622.755 Crypto Engineering (2.0h UE / 4.0 ECTS) Absolvierung im 4., 5., 6. Semester empfohlen
-
8.9 Systemsicherheit (
0.0h XX / 12.0 ECTS)
-
Subject: Systemsicherheit
(Compulsory elective)