| Unit name | Applied Security |
|---|---|
| Unit code | COMS30901 |
| Credit points | 10 |
| Level of study | H/6 |
| Teaching block(s) |
Teaching Block 2 (weeks 13 - 24) |
| Unit director | Dr. Page |
| Open unit status | Not open |
| Pre-requisites | |
| Co-requisites |
None |
| School/department | Department of Computer Science |
| Faculty | Faculty of Engineering |
This unit introduces and explores the implementation and deployment of secure systems, focussing in particular on their cryptographic aspects. It offers a different perspective on what it means for something to be deemed "secure" (e.g., stressing the importance of secure implementation techniques), and the difficulty of deploying systems in which cryptography is used (e.g., stressing the need for secure building blocks such as random number generators). Students completing the unit will get hands-on experience with modern, industrially relevant implementation and attack techniques (plus associated countermeasures), and opportunity to integrate content from other units in the programme within whole secure systems rather than disjoint components.
The syllabus will include aspects of (but is not limited to):
• Efficient and effective implementation: modular multi-precision integer arithmetic; algorithms for exponentiation; high-throughput and low-footprint implementations of block ciphers; Pseudo-Random Number Generators (PRNGs).
• Passive information leakage: classic side-channel attacks (e.g., time, power-analysis, electromagnetic emanation) focusing on SPA (using DES, AES, RSA) and DPA (using AES); micro-architectural side-channels (e.g., cache attacks); attacks based on information-flow and error messages.
• Active manipulation and fault injection: hardware-oriented fault attacks (e.g., clock glitches, memory faults); software-oriented fault attacks (e.g., buffer overflows); data remnants (e.g., "cold boot" attacks).
• Case-studies and example systems: attacks on OpenSSL and cryptographic libraries; attacks on MiFare, WEP and DRM systems.
On successful completion of this unit you will be able to
20 hours of lectures (2 hours per week), 30 hours of (supervised, but non-taught) lab classes (3 hours per week)
100% via coursework assignment(s).
Each assignment will primarily be a technical and programming exercise, rather than a written essay for example. The level-3 and level-M versions of this unit are carefully distinguished from each other via differing streams within common assignment core. In more detail, a level-3 unit assignment focuses on correct application of a given technique; a level-M assignment will be (in part, and in addition) assessed using a viva-style format to assess background and extended knowledge and more advanced analysis.
R. Anderson Security Engineering John Wiley & Sons, 2008 ISBN: 9780470068526 Background
N. Ferguson, B. Schneier and T. Kohno Cryptography Engineering John Wiley & Sons, 2010 ISBN: 9780470474242 Background
