Information Security

Course Number INP33404UF and INP33503UF | Wintersemester 2020/21

Understand the basics of secure applications

Content

This module introduces you to the key topics of information security. The focus is put on areas of cryptography and computer security. Topics of cryptography, cryptographic algorithms, digital signatures, secure communication protocols, threat scenarios for IT systems, isolation techniques, runtime security, side channel attacks and protection mechanisms are covered.

COVID-19 Info

All lectures, tutorials, question hours, and interviews are conducted virtually this year.
You can watch online contents live. For most contents, recordings will be available afterwards.
You will receive the relevant URLs by email, so please monitor your inbox.

As long as the TU Graz rules permit (traffic light green, yellow, orange), final VO exams will generally remain written, conducted in smaller groups and according to the TU Graz guidelines for on-campus exams.
In case you are reluctant or unable to participate in an on-campus exam (e.g., risk group), contact maria.eichlseder@iaik.tugraz.at to arrange a virtual oral exam via WebEx.

In case of a red traffic light during the main exam time (early February 2021), these dates will be converted to virtual written exams.

You can find upcoming exam dates in TUGRAZonline. If no upcoming dates are listed, ask us!

  • 29 Jan 2021: virtual
  • 12 Feb 2021: virtual
  • 26 Mar 2021: on campus (HS i13)
  • 30 Apr 2021: on campus (HS i13)
  • 05 Jul 2021: on campus (HS i13)
  • 22 Sep 2021: on campus (HS i13)

The virtual exams are conducted via WebEx (desktop: browser or app, mobile: app). You will need a webcam on your WebEx device for ID verification. You will receive an individual, randomized exam as PDF by email.
You can edit it digitally (tablet or PDF form: example here) or on paper (print or plain paper, scan or photograph result and convert back to PDF). The final submission of this PDF and the Affidavit is via TeachCenter Exam.

Material

Date Who Lecture 9:30–12:00 Practicals 13:30–15:00
02.10.2020 ME L0 – Intro (video)
09.10.2020 ME L1 – Cryptography 1 (video) P1 – Kickoff
16.10.2020 ME L2 – Cryptography 2 (video) P1 – Question Hour
23.10.2020 ME L3 – Cryptography 3 (video) P1 – Question Hour
30.10.2020 ME L4 – Cryptography 4 (video) P1 – Question Hour
05.11.2020 DG L5 – System Security 1 (video) P2 – Kickoff
13.11.2020 DG L6 – System Security 2 (video) P2 – Tutorial
20.11.2020 DG L7 – System Security 3 (video) P2 – Question Hour
27.11.2020 DG L8 – System Security 4 (video) P2 – Question Hour
04.12.2020 JF L9 – Network Security 1 (video) P3 – Kickoff
11.12.2020 JF LA – Network Security 2 (video)
18.12.2020 DG LB – Christmas Special (video)
Holidays
08.01.2021 JF LC – Network Security 3 (video) P3 – Tutorial (python test script)
15.01.2021 JF LD – Network Security 4 (video)
22.01.2021 ME LE – Outro
29.01.2021 LF – Exam

Practicals

Task Kick-off (13:30) Deadline (23:59, git tag) Material
P1 Cryptography 09.10.2020 06.11.2020 assignment sheet, upstream repository
P2 System Security 06.11.2020 04.12.2020 assignment sheet, upstream repository, VM image
P3 Network Security 04.12.2020 22.01.2021 assignment sheet, upstream repository

Group registration deadline: 12.10.2020 (23:59)

Previous versions of this course: WS 2019/2020

Administrative Information

Note for students of the discontinued 15U, 15U-A, 16U, 16U-A curricula looking for “Introduction to Information Security”:
You’ve found the right place :-) According to the equivalence lists of the new 2019 curricula, “Information Security” VO is equivalent to the previous “Introduction to Information Security” VO, and “Information Security” KU is equivalent to the previous “Introduction to Information Security” KU (and, in some cases, “Rechner- und Kommunikationsnetze” KU) – register for this course and it will count for your curriculum. If you still have questions on the transition, please check our IAIK course equivalence list or contact your student representation Bits or your Dean of studies.

Lecture Exams (VO)

In order to get a grade for the VO, you take a written, 90-minute exam. This is a closed-book exam, i.e., you are not allowed to bring additional material such as slides, notes, or books. We offer 3 exam dates per semester. See above for COVID rules.

Practicals (KU)

In the practicals, you implement small projects related to the topics discussed in the lectures. The practicals consist of 3 assignments P1, P2, P3 solved in teams of 2 students.

Teams and Team Registration

The KU is done in teams of 2 students. You can use the IAIK discord, channel infosec-groupsearch to find team members. You then register your team at https://stics.iaik.tugraz.at. You can find a detailed tutorial at Guide to STicS. Your team will be assigned a teaching assistent sometime after the registration deadline.

Submission

You are given access to a git repository in our teaching git where you have to push your submission. The required content is discussed in the Kick-Off lectures.

You must mark your final submission by tagging it in git. The tag label starts with the assignment (P1, P2, P3), followed by a dash and a number. As an example, P1-1 is the label for the first assignment. As tags cannot be deleted, you may always update your final submission by increasing the appended number: P1-2, P1-3, etc. In the end, the tag with the highest number before the deadline counts.

Your submissions will be tested automatically by our test system. Thus, you need to respect and meet file naming constraints of the individual assignments. Otherwise, the tests will all fail and you will receive 0 points for the assignment.

After hand-in of each task, there will be a team interview with your teaching assistant. There, both team members need to be able to explain your solution.

Grading

You can earn a total of 48 points: 16 for each task. The grading scheme is shown in the table below.

You will get a grade as soon as you hand in a solution to P1 by adding a git tag. Groups that do not hand in anything for P1 will not be given a grade and will be unregistered from the course. Note that handing in P1 (even an empty solution) is the only condition for “getting a grade”.

Grade 5 4 3 2 1
Min. Points < 24 ≥ 24 ≥ 30 ≥ 36 ≥ 42 of 48

Contact and Communication

For questions regarding the courses we have the following communication channels:

  • Discord: IAIK server, channel infosec for all questions regarding lectures and exercises.
  • Discord: IAIK server, channel infosec-groupsearch to find team members for the exercises.
  • Mail your teaching assistent for questions and problems regarding your team or topic. Please use Discord for questions regarding the exercise topics, as other students might be interested as well.
  • infosec@iaik.tugraz.at for administrative questions (specific to your situation). Please use Discord for questions that might be of interest for other students as well.

Lecturers