Use the Tab and Up, Down arrow keys to select menu items.
Special Topic
SPECIAL TOPIC: SECURITY PROTOCOL VERIFICATION Security protocols, or cryptographic protocols, ensure the reliable communication and data exchange between different entities or systems over the Internet. These protocols are commonly used to protect against unauthorized access, data tampering, and other security threats, which often involve cryptographic techniques to secure the transmission of sensitive information. However, over the years, there have been numerous flaws and exploits found in the design and implementation of cryptographic protocols, such as Heartbleed (2014, Buffer overflow attack on OpenSSL) and KRACK (2017, Key installation attack on WPA2). COSC437 systematically introduces methodologies that help to exploit flaws in protocol design and to prove that a system is indeed correct. We will study the philosophy underlying security protocol design, analyse attack patterns, and get familiar with formal verification tools. Overall, the course will cover topics in formal methods, applied cryptography, key management, provable security, web3 and blockchain technologies.PREREQUISITESCOSC362 Data and Network Security or Approval from HOD
Become familiar with the cryptographic building blocks and understand how they are used in the design of security protocols; Critically analyse security protocols by using formal analysis; Write code for formal models and prove a claim with formal verification tools; Develop a good understanding that security is always conditional, and a proof of security is only valid under certain assumptions.
Subject to approval by Head of Department.
Students must attend one activity from each section.
Time Commitment: 150 hours 24hr Lecture (2hr/week – 12 weeks) 126hr Self-directed learning (reading notes, books, and writing code)
Chenyi Zhang
Recommended ReadingBruce Schneier: Applied Cryptography Protocols, Algorithms, and Source Code in C, John Wiley & Sons 1996, 784 Pages Leslie Lamport: Specifying systems: the TLA+ language and tools for hardware and software engineers, Addison-Wesley Longman Publishing Co. 2002, 364 pages (available on the internet with video classes) Arvind Narayanan: Bitcoin and cryptocurrency technologies: a comprehensive introduction, Princeton University Press, 2016.
The Computer Science department's grading policy states that in order to pass a course you must meet two requirements:1. You must achieve an average grade of at least 50% over all assessment items.2. You must achieve an average mark of at least 45% on invigilated assessment items.If you satisfy both these criteria, your grade will be determined by the following University-wide scale for converting marks to grades: an average mark of 50% is sufficient for a C- grade, an average mark of 55% earns a C grade, 60% earns a C+ grade and so forth. However if you do not satisfy both the passing criteria you will be given either a D or E grade depending on marks. Marks are sometimes scaled to achieve consistency between courses from year to year.Students may apply for special consideration if their performance in an assessment is affected by extenuating circumstances beyond their control.Applications for special consideration should be submitted via the Special Considerations website within five days of the assessment.Where an extension may be granted for an assessment, this will be decided by direct application to the Department and an application to the Examinations Office may not be required. Special consideration is not available for items worth less than 10% of the course.Students prevented by extenuating circumstances from completing the course after the final date for withdrawing, may apply for special consideration for late discontinuation of the course. Applications must be submitted to the Examinations Office within five days of the end of the main examination period for the semester.
Please click HERE for the CSSE Department's policy for the academic remedy of applications for a special consideration for final exams.
Domestic fee $1,176.00
International fee $5,475.00
* All fees are inclusive of NZ GST or any equivalent overseas tax, and do not include any programme level discount or additional course-related expenses.
For further information see Computer Science and Software Engineering .