Institute of Computer Science
  1. Courses
  2. 2022/23 fall
  3. Information Security (MTAT.07.028)
ET
Log in

Information Security 2022/23 fall

  • Home
  • Lectures & labs
  • Homework & course rules
  • Exam
  • News
  • Links

Homework #2 (15p)

Table of contents

  • Recommended reading
  • Written tasks (8p)
  • Lab tasks (7p)
  • Submission of written tasks



Deadline: 30th of October (the solution has to be submitted before Monday)

Recommended reading

  • Announcing the first SHA1 collision
  • SHAttered
  • HTTPS Certificate Revocation is broken, and it’s time for some new tools

Written tasks

PKC, PKI and HTTPS

  1. Hashing
    1. What are the two main differences between encryption and hashing? The answer must be formatted as a list. This question can have multiple correct answers. (1p)
  2. Read the following article: HTTPS Certificate Revocation is broken, and it’s time for some new tools. Answer the following questions:
    1. Why are certificate revocation lists not guaranteed to work in practice? (1p)
    2. Online Certificate Status Protocol has also some issues, list two issues. (1p)

Smartcards, e-voting, blockchain

  1. In an opinion story Otto de Voogd wrote about the possibility of the state having access to the secret keys on the Estonian ID-card. As a response to the opinion Agu Kivimägi wrote how private keys are generated. Name two different reasons why the Estonian government can not access / know the secret key that is on your ID-card. The ID-card vulnerabilities that were described in 2017 are out of scope of this question. The answer must be formatted as a list. (1p)
  2. It is difficult to build secure internet voting systems. Some people have proposed to use blockchain as a solution to improve the security of internet voting. You have two tasks. First, read the following two papers and make a brief summary of the main points presented in these papers regarding the use of blockchain in internet voting. Second, add your own opinion or comments. More specifically, do you agree with the authors? Why? (4p)
    • On Trade-offs of Applying Block Chains for Electronic Voting Bulletin Boards (2018)
    • Going from bad to worse: from Internet voting to blockchain voting (2021)

Lab tasks (7p)

There are four lab tasks that have to be solved. The submission forms are available at the lab page.

  1. Task is about image metadata.
  2. Task is about TLS and certification information.
  3. Task is about syncing files with Syncthing.
  4. Task is about using Signal for end-to-end encrypted messaging. As an alternative, also a theory task is offered.

Submission form for the written tasks

The solution for the written tasks has to be submitted through this website. The solution can be submitted once you have logged in with the university credentials. We accept solutions only in .pdf format if it is not stated otherwise in the homework task.

We would like to get feedback about the difficulty of the homework and therefore we would kindly ask you to write in the comments box an estimate of how much time it took to solve the homework tasks.

6. Homework 2 - written tasks (PDF)
Solutions for this task can no longer be submitted.
  • Institute of Computer Science
  • Faculty of Science and Technology
  • University of Tartu
In case of technical problems or questions write to:

Contact the course organizers with the organizational and course content questions.
The proprietary copyrights of educational materials belong to the University of Tartu. The use of educational materials is permitted for the purposes and under the conditions provided for in the copyright law for the free use of a work. When using educational materials, the user is obligated to give credit to the author of the educational materials.
The use of educational materials for other purposes is allowed only with the prior written consent of the University of Tartu.
Terms of use for the Courses environment