Secure Application Design (SS 2022)

Course Number 705056 and 705057 | Sommersemester 2022

Building Secure Applications

Lecturers

Jakob Heher

Karl Koch

Kevin Theuermann

Teaching Assistants

Eldin Abdic

Content

The lecture will give a recap on the core properties of cryptographic primitives, which will themselves be regarded as a black box: e.g. an RSA-based signature algorithm or an ECC-based signature algorithm achieve the same results from an application’s point of view regardless of the huge differences in their mathematical or structural nature (hint: if you are interested in how ECC, RSA or the AES algorithm actually works, there are other lecture for that).

After having a clear view on the available building blocks and their protective functions the lecture will focus on the primary task on how to build secure functions and applications by considering all aspects: key delivery, key storage and usage, trust-models, or high-level crypto protocols. To do so the lecture will focus on real world examples, whose cryptographic functions will be built up from scratch dealing with all required aspects. The practical assignments will focus on the actual usage and deployment of cryptographic primitives and their associated keys.

COVID-19 Info

For the second half of the semester, the lecture (VO) is in person in HS i11. Recordings will be made available. VO exams will be conducted in person near the end of the semester. The exercises (KU) are virtual.

Contact

For live updates and announcements, please join the IAIK Discord and enable the SEAD channels in #getting-started.
Also, please feel free to send more private questions via email to sead@iaik.tugraz.at. Further, please use this email address to submit your team’s KU concept of Phase One, as described in the KU description below, and also to contact your mentor.

Material

Date Who Video Slides
16.03.2022 JH, KK Intro – Welcome to SEAD VO Intro, KU Intro
Introduction to the Building Block format
Building Block: Hash Slides
Building Block: MAC Slides
Building Block: Digital Signatures Slides
Building Block: Symmetric Encryption Slides
Building Block: Asymmetric Encryption Slides
Building Block: Hybrid Encryption Slides
06.04.2022 KT Recap 1: Basic Building Blocks (Recording) Slides
Building Block: Perfect Forward Secrecy Slides
Building Block: Key Management Slides
Building Block: Trust Slides
Building Block: Data Formats Slides
04.05.2022 KT Recap 2: Higher-Level Building Blocks (Recording: Part 1, Part 2) Slides
11.05.2022 JH Case Study 1: Registrierkassensicherheitsverordnung (RKSV) Slides, .py demo
18.05.2022 KT Case Study 2: ID Austria Slides

Practicals

Date Material
16.03.2022 KU Description v1.0
Link for Team Registration
24.03.2022 Update: KU Description v1.1

Administrative Information

Previous Knowledge

Knowledge on how cryptography works (RSA, ECC, AES, hashes etc.)

Prerequisites Curriculum

See position in the curriculum

Objective

Understanding on how to arrange cryptographic primitives to higher level functions and how to deal with auxiliary functions (e.g. key-management, trust-relationships, secure key storage/usage) in applications.

Language

English

Teaching Method

Emphasis on a strong interaction between the students and the teacher

How to get a grade

Registration

https://online.tugraz.at/tug_online/sa.gruppen_einteilung?clvnr=254074&corg=983

Lecture Dates

Date Begin End Location Event Type Comment
2022/06/01 12:00 13:00 Seminarraum Abhaltung KU fix/
2022/06/08 12:00 13:00 Seminarraum Abhaltung KU fix/

Lecturers

Jakob Heher
Jakob
Heher

PhD Student

View more
Karl Koch
Karl
Koch

PhD Student

View more
Kevin Theuermann
Kevin
Theuermann

PhD Candidate

View more

Teaching Assistants

Eldin Abdic
Eldin
Abdic


View more