Security

Cas Cremers

News

New seminar added! How secure is messaging?

Written on 16.09.19 (last change on 16.09.19) by Cas Cremers

Dear all,

A new seminar just has been added to the list at https://seminars.cs.uni-saarland.de/seminars1920 . Sign up now!

How Secure is Messaging?
Provable Guarantees for Secure Messaging

Description: Nearly everyone uses a messaging app, many of which claim that they offer secure… Read more

Dear all,

A new seminar just has been added to the list at https://seminars.cs.uni-saarland.de/seminars1920 . Sign up now!

How Secure is Messaging?
Provable Guarantees for Secure Messaging

Description: Nearly everyone uses a messaging app, many of which claim that they offer secure messaging. However, it is not always exactly clear what this exactly means. When is a messaging app secure? How do we know it is secure? Can we prove anything about their security? The focus on this course is on modern ways to mathematically specify what various levels of messaging security actually mean, and the methodologies that can be used to prove that this is indeed the case. This will give both a good insight in the state-of-the-art as well as the scientific questions that are still unanswered.

Every week, one student will present her/his assigned papers on a certain topic, followed by a group discussion. All students are required to read the papers carefully and prepare a list of questions for discussion. Each student will write a summary of her/his assigned papers providing a general overview of the field.

Requirements: Students must have basic knowledge about cryptography and protocols (e.g., through Foundations of Cybersecurity I and II) and basic knowledge about either: verification, cryptography, computational logic or concurrent systems (e.g., through the respective lectures).

Places: 12

 

CTF workshop from saarsec (in German)

Written on 10.09.19 by Ben Stock

This part intentionally in German as the workshop is in German.

Hallo zusammen, wir, das Capture-the-Flag-Team saarsec, bestehend aus Studierenden und Dozenten der Uni Saarland, veranstalten dieses Wochenende (14./15. September) wieder einen unserer CTF-Workshops. Ziel des Workshops ist es neue… Read more

This part intentionally in German as the workshop is in German.

Hallo zusammen, wir, das Capture-the-Flag-Team saarsec, bestehend aus Studierenden und Dozenten der Uni Saarland, veranstalten dieses Wochenende (14./15. September) wieder einen unserer CTF-Workshops. Ziel des Workshops ist es neue Leute mit dem Thema Capture-the-Flag und dem Schließen sowie Ausnutzen verschiedener Sicherheitslücken vertraut zu machen.
Hierfür werden wir euch zuerst eine Einführung in das Betriebssystem Linux geben. Linux kommt auch im späteren Verlauf eures Studiums noch des öfteren auf euch zu . Anschließend werden wir verschiedene Angriffstechniken (SQL-Injections, File-Inclusions und Command-Injections) erklären und erläutern wie man diese Schwachstellen schließt bzw. verhindert.
Am Ende des Workshops werdet ihr dann in Form eines Capture-the-Flag-Wettbewerbs in Teams gegen die anderen Workshop-Teilnehmer antreten und könnt eure neu erlernten Fähigkeiten unter Beweis stellen.
Interesse? Dann meldet euch so schnellstmöglich auf https://workshop.saarsec.rocks an, da wir nur begrenzt viele Plätze haben.
FAQ:
Q: Aber ich habe gar keine Ahnung von Hacking? A: Kein Problem, unser Workshop ist darauf ausgelegt, dass die Teilnehmer keine Vorkenntnisse mitbringen, allerdings hat die Erfahrung der letzten Jahre gezeigt, dass zumindest grundlegende Programmierkenntnisse stark von Vorteil sind.
Q: Ich habe Interesse, aber bin dieses Wochenende leider schon verplant A: Kein Problem, du kannst gerne zu einem unserer Meetings (Donnerstags 16:00 Raum 0.07 im CISPA) oder zu unserem nächsten Workshop (vermutlich nächstes oder übernächstes Semester) kommen.
Q: Ich habe aber noch weitere Fragen! A: Dann melde dich einfach unter ctf-poc@saarsec.rocks - wir helfen gerne weiter

Happy hacking, saarsec

Re-exam grades now visible

Written on 12.04.19 by Cas Cremers

The re-exam grades are now visible in the CMS.

Re-exam inspection is possible next week:

  • Date: Tuesday, April 16
  • Time: from 11:30 to 13:30
  • Location: CISPA 0.07

Re-exam is tomorrow at 14:00 in the Günter-Hotz-Lecture-Hall

Written on 26.03.19 by Cas Cremers

Reminder: the re-exam is tomorrow, Tuesday March 27, at 14:00-16:00 in the Günter-Hotz-Lecture-Hall.

Re-exam registration for people who cannot register in LSF

Written on 25.03.19 by Cas Cremers

For those who cannot register in LSF: If you would like to participate in the re-exam, please send your tutor an e-mail as soon as possible if you have not done so already. (If you did not attend a tutorial, please send it to the lecturer.)

 

Re-exam registration

Written on 20.03.19 by Cas Cremers

We aim to release the grades into LSF by Thursday morning at the latest.

The re-exam registration deadline has been extended to Saturday, March 23rd.

 

Exam inspection

Written on 14.03.19 by Cas Cremers

There will be an opportunity to inspect the exam on Monday March 18, between 11:00 and 13:00 in Room 0.07 in the CISPA building.

What to bring to the exam

Written on 27.02.19 (last change on 27.02.19) by Cas Cremers

Please don't forget to bring your student ID to the exam. Additionally, it is recommended to bring two pens (black or blue, no other colors, no pencils) in case one fails.

It is recommended to arrive early (around 9:45) so the exam can start on time.

 

Seating plan for exam

Written on 26.02.19 by Cas Cremers

Dear all, 

For the exam on Wednesday, please follow the following direction.

  • If your last name (family name) starts with a character in the range [A..M], then your exam will take place in the Günter-Hotz-Lecture Hall.
  • If your last name starts with a character in the range [N..Z], then your… Read more

Dear all, 

For the exam on Wednesday, please follow the following direction.

  • If your last name (family name) starts with a character in the range [A..M], then your exam will take place in the Günter-Hotz-Lecture Hall.
  • If your last name starts with a character in the range [N..Z], then your exam will take place in HS I in E2 5 (Mathematics building).

Location and duration of exam

Written on 24.02.19 by Cas Cremers

Dear all, 

The locations of the exam will be the Günter-Hotz-Lecture Hall and HS I in E2 5 (Mathematics building). We aim to release a seating plan by Tuesday morning.

The exam will be from 10:00 - 12:00 (2 hours) on Wednesday.

Good luck!

 

 

Exam update

Written on 19.02.19 (last change on 19.02.19) by Cas Cremers

Dear all,

A few updates regarding the exam:

  1. If you did not pass three mini-tests this year, but were admitted to the exam last year, you can attend the exam this year. Please send an e-mail to your tutor or the lecturer if you have not done so already.
  2. If you are able to, please register in… Read more

Dear all,

A few updates regarding the exam:

  1. If you did not pass three mini-tests this year, but were admitted to the exam last year, you can attend the exam this year. Please send an e-mail to your tutor or the lecturer if you have not done so already.
  2. If you are able to, please register in LSF.
    If your study object doesn't support it, let us know (if you have not done so already.)
  3. For the exam, we will not ask questions about the "TLS guest lecture" (TLS13) and "trusted computing" (trusted-computing) slide sets.

Tutors open office hour & mini-test update

Written on 10.02.19 by Cas Cremers

Two updates:

  1. Monday Feb 11, there will be an open office session with the tutors, where you can ask questions and check results. The slot will be 11:00 -- 14:00, and is scheduled to be in SR016 in e13.
  2. There was a mismatch in the scoping of the last mini-test and in particular the second… Read more

Two updates:

  1. Monday Feb 11, there will be an open office session with the tutors, where you can ask questions and check results. The slot will be 11:00 -- 14:00, and is scheduled to be in SR016 in e13.
  2. There was a mismatch in the scoping of the last mini-test and in particular the second question. We will adapt the grading to ensure that this does not affect anyone negatively. 

Ex10 and final mini-test

Written on 03.02.19 by Cas Cremers

  • Exercise 10 is now online.
  • The scope of the final minitest is from Software Security "Format String Attacks" (in slide set 8-3) up to and including System Security (slide set 10). 

Reminder: no lecture today

Written on 01.02.19 by Cas Cremers

As announced previously, there is no lecture today. Last two lectures are next week on Tuesday and Friday as usual.

Exercise 09 available

Written on 25.01.19 by Cas Cremers

Exercise 09 is now available for download.

Scope of mini-test 4

Written on 18.01.19 by Cas Cremers

The scope of the fourth mini-test will be:
Software Security slide sets 1-3, up to (but not including) 'Format String Attacks' (slide 63).

 

Exercise 08 available

Written on 17.01.19 by Cas Cremers

Tutorial exercise 08 is now available.

No lecture on January 22nd

Written on 15.01.19 by Cas Cremers

There will be no lecture on Tuesday January 22nd.

New tutorial exercise

Written on 10.01.19 by Cas Cremers

The new tutorial exercise is now available for download.

Restarting lecture and third mini-test on January 11

Written on 04.01.19 by Cas Cremers

Happy 2019!

Four updates:

  1. The lecture will resume on Tuesday, January 8th.
  2. The new exercise 6 is now online.
  3. Unfortunately, we have to cancel Tutorial 3 on Thursdays until further notice. We will re-open assignment for other tutorial sessions as soon as possible. 
  4. The next mini-test is… Read more

Happy 2019!

Four updates:

  1. The lecture will resume on Tuesday, January 8th.
  2. The new exercise 6 is now online.
  3. Unfortunately, we have to cancel Tutorial 3 on Thursdays until further notice. We will re-open assignment for other tutorial sessions as soon as possible. 
  4. The next mini-test is on Friday, January 11th, at 12:15. The topics cover everything up to and including exercise 5 and the corresponding lectures. (The lectures corresponding to exercise 6 will not be part of mini-test 3)

Update on lecture dates and mini-tests.

Written on 07.12.18 by Cas Cremers

The last lecture of 2018 will be on December 18, and we will start in 2019 again on January 8. The final lecture will be on February 8.

The remaining three mini-tests will be on:

  • January 11, 2019
  • January 25, 2019
  • February 8, 2019

Scope of mini-test 2

Written on 04.12.18 by Cas Cremers

The scope of the second mini-test is:

  • Protocols (including TLS 1.2 and earlier)
  • PKI

There may be lightweight questions about anonymity, but these will not go beyond the material on the slides.

Not part of this mini-test:

  • TLS 1.3 guest lecture
  • Web security
  • Network security

Second mini-test on Dec. 7

Written on 30.11.18 by Cas Cremers

On Friday December 7th we will have the second mini test at 12:15.

 

Opportunities

Written on 20.11.18 (last change on 20.11.18) by Cas Cremers

As announced in the lecture, Mozilla has several internship positions open here:

https://careers.mozilla.org/listings/?position_type=Intern

Here at CISPA, Prof. Cremers is is also hiring hiwis, PhD students, and postdocs:

http://cascremers.com/open-positions.html

Exam dates

Written on 19.11.18 by Cas Cremers

The exam dates for the lecture have now been fixed:

  • February 27th from 10.00 - 13.00 - End of Term Exam
  • March 27th  from 14.00 - 17.00 - Re-Exam

Exercise for second tutorial

Written on 19.11.18 (last change on 19.11.18) by Cas Cremers

We have uploaded the exercise sheet for the second tutorial in the materials section.

Exercise for first tutorial

Written on 11.11.18 (last change on 19.11.18) by Cas Cremers

The exercise for the first tutorial is now available in the materials section.

Tutorials and mini-tests starting dates

Written on 09.11.18 by Cas Cremers

Tutorials

Tutorials will start in the week of November 19; details to follow.

Mini-tests

The first mini-test will be on Friday November 23 at the start of the lecture. Students are required to pass at least 50% of the mini-tests to participate in the final exam.

Slide decks on Protocols and TLS 1.3 now available.

Written on 09.11.18 by Cas Cremers

Please see the materials section.

No lecture on Tuesday November 13

Written on 09.11.18 by Cas Cremers

Note that there is no lecture on Tuesday November 13. The next lecture will be on Friday November 16.

First two slide decks uploaded

Written on 30.10.18 (last change on 30.10.18) by Cas Cremers

The slide sets for 01:introduction and 02:crypto are now available in the information/materials section.
Show all

Security

The Security core lecture ("Stammvorlesung") will be offered in winter term '18/'19. Details to follow soon. Please check this website regularly to see updates. Our periodic schedule for the two lecture a week will be:

  • Tue 10:15-11:45 (in Guenter-Hotz lecture room)
  • Fri 12:15-11:45 (in Guenter-Hotz lecture room)

We'll use this place to update you on when the lecture will start. Registration in this CMS is required until 31.10.2018. LSF exam registration is required to participate in the exams, and is now open.

Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.