Information Security

Content

This module introduces you to the key topics of information security. The focus is put on areas of cryptography and computer security. Topics of cryptography, cryptographic algorithms, digital signatures, secure communication protocols, threat scenarios for IT systems, isolation techniques, runtime security, side channel attacks and protection mechanisms are covered.

Note for students of the discontinued 15U, 15U-A, 16U, 16U-A curricula looking for “Introduction to Information Security”: You’ve found the right place :-) According to the equivalence lists of the new 2019 curricula, “Information Security” VO is equivalent to the previous “Introduction to Information Security” VO, and “Information Security” KU is equivalent to the previous “Introduction to Information Security” KU (and, in some cases, “Rechner- und Kommunikationsnetze” KU) – register for this course and it will count for your curriculum. If you still have questions on the transition, please check our IAIK course equivalence list or contact your student representation Bits or your Dean of studies.

COVID-19 Exam Rules

Info for Written Exams in Summer Term 2020

To comply with the TU Graz COVID-19 guidance, the exams held during summer term 2020 will follow special rules. The written exam dates have fewer seats available; we will adjust the number of exam dates according to demand. Due to the low seat limits, please only register if you really intend to take the exam and don’t block seats from other students. If you are reluctant to participate in an on-campus exam (e.g., risk group), contact maria.eichlseder@iaik.tugraz.at to arrange a virtual oral exam.

The question format and general rules (90 minutes, closed-book, etc.) for the written exams remain unchanged, but please observe the TU Graz hygiene guidelines (see below). Virtual oral exams are conducted via WebEx and obviously cover the same content, but the question format and duration is adapted for the medium (shorter, more interactive, order of questions set by examiner).

You can find upcoming exam dates in TUGRAZonline. If no upcoming dates are listed, ask us!

Further information: Video "Guideline for on-campus exams" and COVID-19 information by TU Graz

Updated Info for Oral Exams in Winter Term 2020/21

For the virtual oral exams in November and December 2020, we plan the following mode:

• Conducted on our Discord server: Channel #infosec-exam-lobby-2019 in category INFOSEC

• You will require a webcam and microphone. Please also bring an ID-card (Studierendenausweis).

• Like the written exam, this oral exam consists of 2x3=6 questions: 2 for each of the three areas. Each student will receive their own individual selection of questions. Instead of written subquestions, you will discuss one broader question in the 5 minutes allotted to each topic and discuss the details with the topic's examiner (one of the KU's or VO's lecturers). After the 5 minutes, you move forward to the next examiner and the next topic.

• In total, your exam will take 5x6=30 minutes, plus a few extra organisational minutes. You will be asked to select your individual starting timeslot. Please arrive in the Discord exam lobby about 10 minutes beforehand so that you can test your technical setup.

If you urgently want to take the exam, but are unable under the above conditions, please contact maria.eichlseder@iaik.tugraz.at directly.

Material

Slides will be available here after the end of each lecture.

Date	Lecture 9:30–12:00	Practicals 13:30–15:00
04.10.2019	Cryptography 1	P1 Kick-off Tutorial
11.10.2019	Cryptography 2
18.10.2019	Cryptography 3	P1 Tutorial
25.10.2019	Cryptography 4	P1 Question Hour (ECDSA slides)
04.11.2019		P1 Deadline (Monday!)
08.11.2019	System Security 1 (Print version)	P2 Kick-off Tutorial
15.11.2019	System Security 2	P2 Tutorial (Demo Exploits)
22.11.2019	System Security 3 (Print version)	P2 Tutorial (Fault Simulator Tutorial)
29.11.2019	System Security 4 (Print version)	P2 Question Hour
04.12.2019 / 06.12.2019	Nikolaus Special (4.12. 17:00 HS i7)	P2 Deadline
13.12.2019	Network Security 1	P3 Kick-off Tutorial
Holidays
10.01.2020	Network Security 2	P3 Question Hour (test skeleton)
17.01.2020	Network Security 3	P3 Question Hour
24.01.2020	Network Security 4	P3 Deadline: extended to 25.01.2020
31.01.2020	Exam

Note: The course times at the bottom of this site may not always be up-to-date. Please refer to your TUGRAZonline calendar!

Practicals

Task	Kick-off (13:30, HS i13)	Questions (13:30, HS i13)	Deadline (23:59, git tag)	Interviews	Material
P1 Cryptography	04.10.2019	18.10.2019	04.11.2019		assignment, upstream repository
P2 System Security	08.11.2019	29.11.2019	06.12.2019		assignment, upstream repository, VM image
P3 Network Security	13.12.2019	tba	24.01.2020 25.01.2020		assignment, upstream repository

Additional important deadline:

• Group registration: Thursday 10.10.2019 23:59

Administrative Information

Lecture Exams (VO)

In order to get a positive grade for the VO, you need to take a written, 90-minute exam. This is a closed-book exam, i.e., you are not allowed to bring additional material such as slides, notes, or books. We offer 3 exam dates per semester.

Practicals (KU)

In the practicals, students need to implement small projects related to the topics discussed in the lectures. The practicals are done in groups of 2 students, each group needs to do 3 tasks.

Teams and Team Registration

The exercise is done in groups of 2 students. We have a dedicated newsgroup for group-member search: tu-graz.lv.infosec.groupsearch After you have found your group member, you need to register your group at https://stics.iaik.tugraz.at. You can find a detailed tutorial at Guide to STicS. The deadline for registration is on Friday 11.10., 23:59. Your group will be assigned a teaching assistent sometime after the registration deadline.

Topics

Each group needs to solve 3 tasks, P1, P2, and P3. You can find a short description in the slides of the first lecture. For each tasks, there will be a dedicated Kick-Off Tutorial where the task will be presented in detail. The slides for the Kick-Offs will be uploaded above.

Deliverables

For all tasks, you have to hand in your solution via git. The required content will be discussed in the Kick-Offs. After hand-in of each task, there will be a group interview with your teaching assistant. There, both group members need to be able to explain your solution.

Submission

You are given access to a git repository in our teaching git where you have to push your submission. You must mark your final submission by tagging it in git. The tag label starts with the assignment (P1, P2, P3), followed by a dash and a number. As an example, P1-1 is the label for the first assignment. As tags cannot be deleted, you may always update your final submission by increasing the appended number: P1-2, P1-3, etc. In the end, the tag with the highest number before the deadline counts. Your submissions will be tested automatically by our test system. Thus, you need to respect and meet file naming constraints of the individual assignments. Otherwise, the tests will all fail and you will receive 0 points for the assignment.

Important Links

• Setting up Git
• Test system with daily updates and final results

Grading

You can earn a total of 48 points: 16 for each task. The grading scheme is shown in the table below. You will get a grade as soon as you hand in a solution to P1 by adding a git tag. Groups that do not hand in anything for P1 will not be given a grade and will be unregistered from the course. Handing in P1 (even an empty solution) is the only condition for "getting a grade".

Min. Points	Grade
≥ 42	1
≥ 36	2
≥ 30	3
≥ 24	4

Contact and Communication

For questions regarding the courses we have the following communication channels:

• Newsgroup tu-graz.lv.infosec for all questions regarding lectures and exercises.
• Newsgroup tu-graz.lv.infosec.groupsearch to find group members for the exercises.
• Mail your teaching assistent for questions and problems regarding your team or topic. Please use the newsgroup for questions regarding the exercise topics, as other students might be interested as well.
• infosec@iaik.tugraz.at for administrative questions (specific to your situation). Please use the newsgroup for questions that might be of interest for other students as well.

Exams

Course	Date	Begin	End	Slots	Location
Lehrveranstaltungsprüfung	2020/09/25	14:00	16:00	12/32

Lecturers