Information Security (WS 2022/23)

Course Number INP33404UF and INP33503UF | Wintersemester 2022/23

Understand the basics of secure applications

Content

This module introduces you to the key topics of information security: cryptography, system security, and network security. Topics include encryption algorithms, digital signatures, secure communication protocols, threat scenarios for IT systems, isolation techniques, runtime security, side-channel attacks, network security, privacy, and more.

COVID-19 Info

The course is held on campus (HS i13); lecture recordings from 2021 are available. VO exams are conducted on campus. In exceptional cases, virtual oral exams are possible on demand.
The exercises (KU) are on campus for presentations (HS i13; where useful, we will also stream from the lecture hall) and interviews, with Discord for virtual question hours. See also the TeachCenter and TUGRAZonline for detailed information.

Material

Date Who Lecture 9:30–12:00 (HS i13) Recording Practicals 13:30–15:00
07.10.2022 ME L0 – Intro YouTube (2021)
14.10.2022 ME L1 – Cryptography 1 YouTube (2021) P1 Kickoff, Group Registration Deadline
21.10.2022 ME L2 – Cryptography 2 YouTube (2021) P1 Question Hour (Discord)
28.10.2022 ME L3 – Cryptography 3 YouTube (2021) P1 Tutorial
04.11.2022 MN L4 – Cryptography 4 YouTube (2021) P1 Question Hour (Discord)
11.11.2022 DG L5 – System Security 1 YouTube (2021) P2 Kickoff, P1 Deadline
18.11.2022 DG L6 – System Security 2 YouTube (2020) P2 Tutorial
25.11.2022 DG L7 – System Security 3 YouTube (2021) P2 Tutorial
02.12.2022 DG L8 – System Security 4 YouTube (2021) P2 Question Hour (Discord)
09.12.2022 JH L9 – Network Security 1 YouTube (2021) P2 Question Hour (Discord)
16.12.2022 JH LA – Network Security 2 YouTube (2021) P3 Assignment,P3 Kickoff, P2 Deadline
13.01.2023 JH LB – Network Security 3 YouTube (2021) P3 Question Hour (Discord)
20.01.2023 JH LC – Network Security 4 YouTube (2021) P3 Deadline
27.01.2023 VO Exam

Previous versions of this course: WS 2021/2022 (YouTube playlist), WS 2020/2021 (YouTube playlist), WS 2019/2020

Practicals

Task Kick-off (13:30) Deadline (23:59, git tag) Material
P1 Cryptography 14.10.2022 11.11.2022 assignment sheet, upstream repo
P2 System Security 11.11.2022 16.12.2022 assignment sheet,upstream repo
P3 Network Security 16.12.2022 20.01.2023 Assignment P3,Kickoff,upstream repo

Group registration deadline: 14.10.2022 (23:59)

Administrative Information

Lecture Exams (VO)

In order to get a grade for the VO, you take a written, 60-minute exam. This is a closed-book exam, i.e., you are not allowed to bring any material such as notes or books.

You can earn a total of 48 points: 8 for each of 6 question pages. Each area (Cryptography, System Security, Network Security) is represented by 2 question pages.

Grade 5 4 3 2 1
Min. Points < 24 ≥ 24 ≥ 30 ≥ 36 ≥ 42 of 48

You can find upcoming exam dates in TUGRAZonline. Planned exam dates:

  • 27 Jan 2023: HS i13, HS i12
  • 23 Feb 2023: HS i13 x 2, HS i12 x 2
  • 04 Apr 2023: HS i13
  • 26 May 2023: HS i13
  • 25 Jul 2023: HS i13
  • 25 Sep 2023: HS i13

Practicals (KU)

In the practicals, you implement small projects related to the topics discussed in the lectures. The practicals consist of 3 assignments P1, P2, P3 solved in teams of 2 students.

Teams and Team Registration

The KU is done in teams of 2 students. You can use the IAIK Discord, channel infosec-groupsearch to find team members. You then register your team in the TeachCenter. Your team will be assigned a random teaching assistent for the assignment interviews.

Submission

You are given access to a git repository in our teaching git where you have to push your submission. The required content is discussed in the Kick-Off lectures.

You must mark your final submission by tagging it in git. The tag label starts with the assignment (P1, P2, P3), followed by a dash and a number. As an example, P1-1 is the label for the first assignment. As tags cannot be deleted, you may always update your final submission by increasing the appended number: P1-2, P1-3, etc. In the end, the tag with the highest number before the deadline counts.

Your submissions will be tested automatically by our test system. Thus, you need to respect and meet file naming constraints of the individual assignments. Otherwise, the tests will all fail and you will receive 0 points for the assignment.

After hand-in of each task, there will be a team interview with your teaching assistant. There, both team members need to be able to explain your solution.

Grading

You can earn a total of 48 points: 16 for each task. The grading scheme is shown in the table below.

You will get a grade as soon as you hand in a solution to P1 by adding a git tag. Groups that do not hand in anything for P1 will not be given a grade and will be unregistered from the course. Note that handing in P1 (even an empty solution) is the only condition for “getting a grade”.

Grade 5 4 3 2 1
Min. Points < 24 ≥ 24 ≥ 30 ≥ 36 ≥ 42 of 48

Contact and Communication

For questions regarding the courses we have the following communication channels:

  • TU Graz Teach Center: Official Announcements, FAQs, Forum and more.
  • Discord: IAIK server, channel infosec for all questions regarding lectures and exercises.
  • Discord: IAIK server, channel infosec-groupsearch to find team members for the exercises.
  • Mail your teaching assistent for questions and problems regarding your team or topic. Please use Discord for questions regarding the exercise topics, as other students might be interested as well.
  • infosec@iaik.tugraz.at for administrative questions (specific to your situation). Please use Discord for questions that might be of interest for other students as well.

Lecturers