Skip to main content

Unit information: Applied Security in 2015/16

Please note: you are viewing unit and programme information for a past academic year. Please see the current academic year for up to date information.

Unit name Applied Security
Unit code COMS30901
Credit points 10
Level of study H/6
Teaching block(s) Teaching Block 2 (weeks 13 - 24)
Unit director Dr. Page
Open unit status Not open




School/department Department of Computer Science
Faculty Faculty of Engineering

Description including Unit Aims

This unit introduces and explores the implementation and deployment of secure systems, focussing in particular on their cryptographic aspects. It offers a different perspective on what it means for something to be deemed "secure" (e.g., stressing the importance of secure implementation techniques), and the difficulty of deploying systems in which cryptography is used (e.g., stressing the need for secure building blocks such as random number generators). Students completing the unit will get hands-on experience with modern, industrially relevant implementation and attack techniques (plus associated countermeasures), and opportunity to integrate content from other units in the programme within whole secure systems rather than disjoint components.

The syllabus will include aspects of (but is not limited to):

• Efficient and effective implementation: modular multi-precision integer arithmetic; algorithms for exponentiation; high-throughput and low-footprint implementations of block ciphers; Pseudo-Random Number Generators (PRNGs).

• Passive information leakage: classic side-channel attacks (e.g., time, power-analysis, electromagnetic emanation) focusing on SPA (using DES, AES, RSA) and DPA (using AES); micro-architectural side-channels (e.g., cache attacks); attacks based on information-flow and error messages.

• Active manipulation and fault injection: hardware-oriented fault attacks (e.g., clock glitches, memory faults); software-oriented fault attacks (e.g., buffer overflows); data remnants (e.g., "cold boot" attacks).

• Case-studies and example systems: attacks on OpenSSL and cryptographic libraries; attacks on MiFare, WEP and DRM systems.

Intended Learning Outcomes

On successful completion of this unit you will be able to

  • understand a limited range of state-of-the-art implementation techniques,
  • understand a limited range of state-of-the-art physical attack and countermeasure techniques,
  • reason about the security of a system in an "end to end" manner, i.e., from the theoretical underpinnings to the concrete implementation,
  • use case-study and practical experience to avoid pitfalls in deployment and configuration of existing systems.

Teaching Information

20 hours of lectures (2 hours per week), 30 hours of (supervised, but non-taught) lab classes (3 hours per week)

Assessment Information

100% via coursework assignment(s).

Each assignment will primarily be a technical and programming exercise, rather than a written essay for example. The level-3 and level-M versions of this unit are carefully distinguished from each other via differing streams within common assignment core. In more detail, a level-3 unit assignment focuses on correct application of a given technique; a level-M assignment will be (in part, and in addition) assessed using a viva-style format to assess background and extended knowledge and more advanced analysis.

Reading and References

R. Anderson Security Engineering John Wiley & Sons, 2008 ISBN: 9780470068526 Background

N. Ferguson, B. Schneier and T. Kohno Cryptography Engineering John Wiley & Sons, 2010 ISBN: 9780470474242 Background