Understand the basics of secure applications
Table of Content
This module introduces you to the key topics of information security. The focus is put on areas of cryptography and computer security. Topics of cryptography, cryptographic algorithms, digital signatures, secure communication protocols, threat scenarios for IT systems, isolation techniques, runtime security, side channel attacks and protection mechanisms are covered.
Note for students of the discontinued 15U, 15U-A, 16U, 16U-A curricula looking for “Introduction to Information Security”:
You’ve found the right place :-) According to the equivalence lists of the new 2019 curricula, “Information Security” VO is equivalent to the previous “Introduction to Information Security” VO, and “Information Security” KU is equivalent to the previous “Introduction to Information Security” KU (and, in some cases, “Rechner- und Kommunikationsnetze” KU) – register for this course and it will count for your curriculum. If you still have questions on the transition, please check our IAIK course equivalence list or contact your student representation Bits or your Dean of studies.
COVID-19 Exam Rules
Info for Written Exams in Summer Term 2020
To comply with the TU Graz COVID-19 guidance, the exams held during summer term 2020 will follow special rules.
The written exam dates have fewer seats available; we will adjust the number of exam dates according to demand.
Due to the low seat limits, please only register if you really intend to take the exam and don’t block seats from other students.
If you are reluctant to participate in an on-campus exam (e.g., risk group), contact email@example.com to arrange a virtual oral exam.
The question format and general rules (90 minutes, closed-book, etc.) for the written exams remain unchanged, but please observe the TU Graz hygiene guidelines (see below).
Virtual oral exams are conducted via WebEx and obviously cover the same content, but the question format and duration is adapted for the medium (shorter, more interactive, order of questions set by examiner).
You can find upcoming exam dates in TUGRAZonline. If no upcoming dates are listed, ask us!
Updated Info for Oral Exams in Winter Term 2020/21
For the virtual oral exams in November and December 2020, we plan the following mode:
Conducted on our Discord server: Channel
You will require a webcam and microphone. Please also bring an ID-card (Studierendenausweis).
Like the written exam, this oral exam consists of 2×3=6 questions: 2 for each of the three areas.
Each student will receive their own individual selection of questions.
Instead of written subquestions, you will discuss one broader question in the 5 minutes allotted to each topic and discuss the details with the topic's examiner (one of the KU's or VO's lecturers).
After the 5 minutes, you move forward to the next examiner and the next topic.
In total, your exam will take 5×6=30 minutes, plus a few extra organisational minutes. You will be asked to select your individual starting timeslot.
Please arrive in the Discord exam lobby about 10 minutes beforehand so that you can test your technical setup.
If you urgently want to take the exam, but are unable under the above conditions, please contact firstname.lastname@example.org directly.
Slides will be available here after the end of each lecture.
|Date||Lecture 9:30–12:00||Practicals 13:30–15:00|
|04.10.2019||Cryptography 1||P1 Kick-off Tutorial|
|18.10.2019||Cryptography 3||P1 Tutorial|
|25.10.2019||Cryptography 4||P1 Question Hour (ECDSA slides)|
|04.11.2019||P1 Deadline (Monday!)|
|08.11.2019||System Security 1 (Print version)||P2 Kick-off Tutorial|
|15.11.2019||System Security 2||P2 Tutorial (Demo Exploits)|
|22.11.2019||System Security 3 (Print version)||P2 Tutorial (Fault Simulator Tutorial)|
|29.11.2019||System Security 4 (Print version)||P2 Question Hour|
|04.12.2019 / 06.12.2019||Nikolaus Special (4.12. 17:00 HS i7)||P2 Deadline|
|13.12.2019||Network Security 1||P3 Kick-off Tutorial|
|10.01.2020||Network Security 2||P3 Question Hour (test skeleton)|
|17.01.2020||Network Security 3||P3 Question Hour|
|24.01.2020||Network Security 4||P3 Deadline: extended to 25.01.2020|
Note: The course times at the bottom of this site may not always be up-to-date.
Please refer to your TUGRAZonline calendar!
|Task||Kick-off (13:30, HS i13)||Questions (13:30, HS i13)||Deadline (23:59, git tag)||Interviews||Material|
|P1 Cryptography||04.10.2019||18.10.2019||04.11.2019||assignment, upstream repository|
|P2 System Security||08.11.2019||29.11.2019||06.12.2019||assignment, upstream repository, VM image|
|P3 Network Security||13.12.2019||tba||assignment, upstream repository|
Additional important deadline:
- Group registration: Thursday 10.10.2019 23:59
Lecture Exams (VO)
In order to get a positive grade for the VO, you need to take a written, 90-minute exam.
This is a closed-book exam, i.e., you are not allowed to bring additional material such as slides, notes, or books.
We offer 3 exam dates per semester.
In the practicals, students need to implement small projects related to the topics discussed in the lectures. The practicals are done in groups of 2 students, each group needs to do 3 tasks.
Teams and Team Registration
The exercise is done in groups of 2 students. We have a dedicated newsgroup for group-member search:
After you have found your group member, you need to register your group at https://stics.iaik.tugraz.at. You can find a detailed tutorial at Guide to STicS. The deadline for registration is on Friday 11.10., 23:59. Your group will be assigned a teaching assistent sometime after the registration deadline.
Each group needs to solve 3 tasks, P1, P2, and P3. You can find a short description in the slides of the first lecture.
For each tasks, there will be a dedicated Kick-Off Tutorial where the task will be presented in detail. The slides for the Kick-Offs will be uploaded above.
For all tasks, you have to hand in your solution via git. The required content will be discussed in the Kick-Offs.
After hand-in of each task, there will be a group interview with your teaching assistant. There, both group members need to be able to explain your solution.
You are given access to a git repository in our teaching git where you have to push your submission.
You must mark your final submission by tagging it in git. The tag label starts with the assignment (
P3), followed by a dash and a number. As an example,
P1-1 is the label for the first assignment. As tags cannot be deleted, you may always update your final submission by increasing the appended number:
P1-3, etc. In the end, the tag with the highest number before the deadline counts.
Your submissions will be tested automatically by our test system. Thus, you need to respect and meet file naming constraints of the individual assignments. Otherwise, the tests will all fail and you will receive 0 points for the assignment.
You can earn a total of 48 points: 16 for each task. The grading scheme is shown in the table below.
You will get a grade as soon as you hand in a solution to P1 by adding a git tag. Groups that do not hand in anything for P1 will not be given a grade and will be unregistered from the course. Handing in P1 (even an empty solution) is the only condition for “getting a grade”.
Contact and Communication
For questions regarding the courses we have the following communication channels:
tu-graz.lv.infosecfor all questions regarding lectures and exercises.
tu-graz.lv.infosec.groupsearchto find group members for the exercises.
- Mail your teaching assistent for questions and problems regarding your team or topic. Please use the newsgroup for questions regarding the exercise topics, as other students might be interested as well.
- email@example.com for administrative questions (specific to your situation). Please use the newsgroup for questions that might be of interest for other students as well.