Computer Laboratory

Daniel R. Thomas

Supervising - Security II

Read Security Engineering (or at least those chapters recommended). It is good and quite readable - though also quite long so this is really something you should have done last year. A chapter a day and you will make good progress though.

The Security Seminars are generally good and interesting http://talks.cam.ac.uk/show/index/5695 being able to mention topical issues beyond the course in your answers is likely to impress the marker.

You might also consider the Security Group meetings if you are feeling particularly keen as they are generally quite entertaining as well as being interesting (16:00-17:00 on Fridays in FW11).

Prerequisite material

I have produced a worksheet with solutions covering prerequisite mathematics for Security II (originally prepared for Security I but the relevant material has moved to Security II). This is a new worksheet and there are likely to be bugs, please report them and make suggestions for improvements. There may be cake or similar for those who do so. The source code is available.


Supervision questions currently being updated for 2014-15.

If you write a program to solve any of these exercises I want to see the source code. Please write on your work how long you think it took you so that I can check I am setting an appropriate quantity of work (the target is 6 hours per supervision, don't spend more than that)

Supervision 1 - lectures 1-5: Security, human factors, psychology, policies and passwords

Sign up for a supervision.

In order to communicate securely about supervisions we need a way of authenticating emails. All electronic submissions should be signed using your GPG key and encrypted to my work key D74933D9. This is an opportunity to learn to use encryption in a controlled environment so please do this properly we can discuss this at the start of the first supervision. You should submit an explanation of what you did to create and publish a key with your answers.

Questions on Otter

Supervision 2 - lectures 6-9: Physical security, economics, anonymity and concurrency

Sign up for a supervision

Questions on Otter

Supervision 3 - lectures 10-13: Private and public encryption schemes, MACs, Digital signatures, secure hash functions, Random oracle model, brithday attacks, collision search, HMAC, secure commitment, Merkel trees, hash chains, stream authentication, key distribution, CPA, CCA, Modular arithmetic, Euclid's algorithm

Sign up for a supervision

Questions on Otter

Supervision 4 - lectures 14-16:

Sign up for a supervision

Questions on Otter