2020-2021 / INFO8013-1

Advanced Computer Security

Duration

20h Th, 20h Labo., 30h Proj.

Number of credits

 Master of Science (MSc) in Computer Science and Engineering5 crédits  
 Master of Science (MSc) in Computer Science and Engineering (double diplômation avec HEC)5 crédits  
 Master of Science (MSc) in Computer Science5 crédits  
 Master of Science (MSc) in Computer Science (double diplômation avec HEC)5 crédits  

Lecturer

Benoît Donnet, Laurent Mathy

Language(s) of instruction

English language

Organisation and examination

Teaching in the second semester

Schedule

Schedule online

Units courses prerequisite and corequisite

Prerequisite or corequisite units are presented within each program

Learning unit contents

This course is the natural follow-up of INFO0045 (Introduction to Computer Security). The objectives behind this course are to extend students' knowledge on Computer Security by discussing and practicing up-to-date Computer Security concepts.
The course is divided in two parts. In the first part, a few theoretical lessons are provided on advanced concepts based on cryptography mechanisms usage (see below for the table of content). In the second part, students practice advanced concepts in Computer Security, such as Data Protection and Penetration Testing. Students are also exposed to scientific papers on Computer Security.
Table of Content (Theoretical lessons)

  • Administrative Details
  • Chapter 1: Advanced Digital Signatures
  • Chapter 2: Authentication Protocol
  • Chapter 3: Bank Card Payment
  • Chapter 4: Merkle Tree
  • Chapter 5: BlockChains

Learning outcomes of the learning unit

Upon completing this course, students will have a better understanding on how cryptography can be used through several use cases.
Students will also be aware on how to read a scientific paper dedicated to Computer Security and, consequently, be aware of advanced topics in Computer Security.
Finally, Students will increase their practical knowledge of Computer Security

Prerequisite knowledge and skills

Good knowledge of basics in Computer Security (INFO0045 or assimilated), in Computer Networking (INFO0010 or assimilated), in Operating Systems (INFO0940 or assimilated), and in Computation Structure (INFO0012 or assimilated).
Being comfortable with programming in C is also suitable (Students must be comfortable with pointers and memory management).

Planned learning activities and teaching methods

The course is organized as follows:

  • Lectures (30 hours) describing in details the theoretical and practical concepts of the course
  • Lab sessions.  Labs are done individually and a short report (a simple text file to fill in) must be completed by the end of the lab
  • Several assignments to be done in teams of 2 students

Mode of delivery (face to face, distance learning, hybrid learning)

Face-to-face lectures, lab sessions, and seminars.
The course is entirely given in English.

Organisational adjustments related to the current health context

Recommended or required readings

Slides, labs, and assignment subjects are available on the course web page.
Following books have been used for building the theoretical lessons:

  • A. J. Menezes, P. C. van Oorschot, S. A. Vanstone. Handbook of Applied Cryptography. CRC Press. 5th Edition. August 2001
  • K. Finkenzeller. RFID Handbook, Fundamentals and Applications in Contactless Smartcards, Radio Frequency Identification, and Near-Field Communication. Ed. Wiley (3rd Edition). 2010.
Additional references are provided throughout the slides, labs, assignment subject.

Assessment methods and criteria

Below you will find information on the evaluation methods planned for in-person and remote exams as well as those planned for hybrid sessions. Depending on how the health crisis evolves, the chosen method will be communicated to you no later than one month before the start of the exam session.

The evaluation will be mainly based on practical sessions (both labs and the assignment).  An oral exam will also be organized on theoretical lessons, the assignment, and possible seminars.
In more details:

  • Labs will account for 30% of the final grade
  • Assignment will account for 30% of the final grade (15% for the written report, 15% for the oral presentation and Q/As)
  • The Oral Exam (in June) will focus on theoretical lesson (1 question) and on assignment and seminar (1 question).  It will account fro 40% of the final grade.
Presence at labs is mandatory.  Attending all labs and doing the assignment is required for attending the oral exam.  In case of Lab absence and/or assignment not provided, the student will receive an "Absence" grade (and automatically be postponed to the resit). 
Resit
In case of failure in June, students must improve their assignment for the resit (deadline: 1st day of the resit session) if the grade was below 10/20 (only the report will be taken into account).  This must be done individually (note that no support will be provided, either by the TA or the lecturers, during summer).  Labs cannot be redone.
If the grade of the labs is favorable to the students, the resit session is identical to the first one, with the same weighting. On the other hand, if the grade of the labs is not favorable to the student, it will not be taken into account in the weighting in September, which becomes 30% for the assignment and 70% for the exam. Oral exam must be redone.

Work placement(s)

Organizational remarks

The course is organized during the Second term (from early February to mid-May), on Monday morning. All lectures are in English.

Contacts

Lecturers:

  • Benoit Donnet (email -- office 1.15/B28)
  • Laurent Mathy (email-- office 1.15/B37)
Teaching Assistants:
  • Gaulthier Gain (email -- office 1.8/B37)
  • Kenich Yasukata (email -- office 1.9/B37)
 

Items online

Course Web Site
The course web site contains PDF of the slides, labs/assignments subjects, details about gradings, and the course agenda.  It also allows students to interact with the Pedagogical Team through the Discussion forum.