Advanced Course on Computer Security

Networking and Services
Advanced studies
The course consists of an introduction to RSA and elliptic curve cryptography, and to key agreement protocols and their design principles. In addition, the course contains an introduction to some larger security protocol, for example HIP.
Year Semester Date Period Language In charge
2010 autumn 01.11-08.12. 2-2 English


Time Room Lecturer Date
Mon 12-14 D122 Timo Karvi 01.11.2010-08.12.2010
Wed 10-12 D122 Timo Karvi 01.11.2010-08.12.2010

Exercise groups

Group: 1
Time Room Instructor Date Observe
Wed 12-14 B222 Timo Karvi 08.11.2010—10.12.2010
Group: 2
Time Room Instructor Date Observe
Tue 10-12 B222 Timo Karvi 08.11.2010—10.12.2010

Registration for this course starts on Tuesday 12th of October at 9.00. Students who already have passed Computer Security course will get only 2 credits from this course.


The aim of this course is to give a brief exposition of three topics. The first topic deals with the symmetric cipher AES (Advanced Encryption Standard) and public key cryptography based on RSA. These two techniques are used nearly in all the security protocols. The second topic is devoted to the study of the design of key agreement protocols. These protocols usually form the first part of more general security protocols. Their design is quite delicate and it is easy to make errors which open ways to attacks. The third topic is the Host Identity Protocol (HIP). It is a modern protocol, whose aim is to increase trust on network operations and applications.  HIP shows well how theoretical constructs and algorithms are applied in practice.

Completing the course

The course can be passed in two ways. The recommended alternative is to take part in the course and its exercises and then going to a course exam. In this exam, the points (0-6) got from the exercises are taken into account  when the final grade is determined. The course exam can produce at most 54 points and you can pass the course with 30 points. The second alternative is to take part in a separate exam, where the exercise points are not taken into account. 
A summary of the material needed in the exam can be read here.
The exam dates are:
1) December 13, 16-19, room A111. For those who cannot attend the main exam.
2) December 17,  9-12, room B123. This is the main exam and you should go to this exam if you do not have a compulsory reason to attend the earlier exam.
Example exams:
1) Exam 1 autumn 2010.
2)Exam 2 autumn 2010.
3) Exam 1 spring 2011.
4) Exam 2 spring 2011.

Literature and material

The material is based on lecture notes which will be published on these pages before lectures. Other material is introduced when the course starts.

  • Material, part I. This material can be found in Stallings, Cryptography and Network Security, 3rd-5th editions,  Pearson,Prentice Hall.
  • Material, part II (November 15, 2010). This material is based on Boyd and Mathuria, Protocols for Authentication and Key Establishment, Springer 2003. This version replaces the previous one. Some notational mistakes and misspellings in the older version have been corrected, see especially pages 8, 20-24. 
  • Material, part III. (November 25) Part III is based on Boyd and Mathuria plus on original articles, especially on Kim, Perrig, Tsudik: Tree-Based Group Key Agreement, ACM Transactions on Irformation and System Security, Vol. 7, No.1, 2004, pp.60-96. This new version replaces the November 22 version. Some misspellings have been corrected and a new example is added. The example shows how to calculate keys in the TGDH protocol.
  • Material, part IV. (December 1) Part IV is based on Andrei Gurtov: Host Identity Protocol (HIP), Wiley 2008