Information Security (WS 2023/24)

Course Number INP33404UF and INP33503UF | Wintersemester 2023/24

Understand the basics of secure applications

Content

This module introduces you to the key topics of information security: cryptography, system security, and network security. Topics include encryption algorithms, digital signatures, secure communication protocols, threat scenarios for IT systems, isolation techniques, runtime security, side-channel attacks, network security, privacy, and more.

Material

Date Who Lecture 9:35–12:00 (HS i13) Recording Practicals 13:35–15:00
06.10.2023 ME L0 – Introduction YouTube (2021)
13.10.2023 ME L1 – Cryptography 1 YouTube (2021) P1 Kickoff, Group Registration Deadline
20.10.2023 ME L2 – Cryptography 2 YouTube (2021) P1 Question Hour (Discord)
27.10.2023 ME L3 – Cryptography 3 YouTube (2021) P1 Tutorial
03.11.2023 ME L4 – Cryptography 4 YouTube (2021) P1 Question Hour (Discord)
10.11.2023 DG L5 – System Security 1 YouTube (2021) P2 Kickoff, P1 Deadline
17.11.2023 DG L6 – System Security 2 YouTube (2020) P2 Tutorial
24.11.2023 DG L7 – System Security 3 YouTube (2021) P2 Tutorial
01.12.2023 DG L8 – System Security 4 YouTube (2021) P2 Question Hour (Discord)
07.12.2023 P2 Question Hour (Discord)
14.12.2023 Christmas Special (starts 16:30)
15.12.2023 JH L9 – Network Security 1 YouTube (2021) P3 Kickoff/Tutorial, P2 Deadline
12.01.2024 JH LA – Network Security 2 YouTube (2021) P3 Question Hour (Discord)
19.01.2024 JH LB – Network Security 3 YouTube (2021) P3 Deadline
26.01.2024 VO Exam

Previous versions of this course: WS 2022/2023, WS 2021/2022 (YouTube playlist), WS 2020/2021 (YouTube playlist), WS 2019/2020

Practicals

Task Kick-off (13:30) Deadline (23:59, git tag) Material
P1 Cryptography 13.10.2023 10.11.2023 assignment sheet, upstream repo
P2 System Security 10.11.2023 15.12.2023 assignment sheet, upstream repo, extra materials
P3 Network Security 15.12.2023 19.01.2024 assignment sheet, upstream repo

Group registration deadline: 13.10.2023 (23:59)

Administrative Information

Lecture Exams (VO)

In order to get a grade for the VO, you take a written, 60-minute exam. This is a closed-book exam, i.e., you are not allowed to bring any material such as notes or books.

You can earn a total of 48 points: 8 for each of 6 question pages. Each area (Cryptography, System Security, Network Security) is represented by 2 question pages.

Grade 5 4 3 2 1
Min. Points < 24 ≥ 24 ≥ 30 ≥ 36 ≥ 42 of 48

You can find upcoming exam dates in TUGRAZonline.

Practicals (KU)

In the practicals, you implement small projects related to the topics discussed in the lectures. The practicals consist of 3 assignments P1, P2, P3 solved in teams of 2 students.

Teams and Team Registration

The KU is done in teams of 2 students. You can use the IAIK Discord, channel infosec-groupsearch to find team members. You then register your team in the TeachCenter. Your team will be assigned a random teaching assistent for the assignment interviews.

Submission

You are given access to a git repository in our teaching git where you have to push your submission. The required content is discussed in the Kick-Off lectures.

You must mark your final submission by tagging it in git. The tag label is based on the assignment: P1, P2, and P3.
As an example, P1 is the tag label for the first assignment.
Before the deadline, you can change your tag if need be.

Your submissions will be tested automatically by our test system. Thus, you need to respect and meet file naming constraints of the individual assignments. Otherwise, the tests will all fail and you will receive 0 points for the assignment.

After hand-in of each task, there will be a team interview with your teaching assistant. There, both team members need to be able to explain your solution.

Grading

You can earn a total of 48 points: 16 for each task. The grading scheme is shown in the table below.

You will get a grade as soon as you hand in a solution to P1 by adding a git tag. Groups that do not hand in anything for P1 will not be given a grade and will be unregistered from the course. Note that handing in P1 (even an empty solution) is the only condition for “getting a grade”.

Grade 5 4 3 2 1
Min. Points < 24 ≥ 24 ≥ 30 ≥ 36 ≥ 42 of 48

We treat the involvement of ChatGPT and similar tools the same way as the involvement of another natural person. That is, for involvement that qualifies as plagiarism or an impermissible level of assistance, the consequences will be the same in both cases to the strictest extent possible.

Contact and Communication

For questions regarding the courses we have the following communication channels:

  • TU Graz Teach Center: Official Announcements, FAQs, Forum and more.
  • Discord: IAIK server, channel infosec for all questions regarding lectures and exercises.
  • Discord: IAIK server, channel infosec-groupsearch to find team members for the exercises.
  • Mail your teaching assistent for questions and problems regarding your team or topic. Please use Discord for questions regarding the exercise topics, as other students might be interested as well.
  • infosec@iaik.tugraz.at for administrative questions (specific to your situation). Please use Discord for questions that might be of interest for other students as well.

Lecturers

Teaching Assistants